topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
34.159.25.198301 Moved Permanently 555 B URL HTTP/1.1 topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (555), with no line terminators
Hash e30a684ff130a5451b34d40eb8d232ee
3442dba162c664ba4d2230063825831fe1062d06
6ddd5ee2fa3c393d31ff96d74a738233a93deeb4a6f1a6f8f2e126ba7ebaebd1
GET /t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Server: Netlify
X-Nf-Request-Id: 01GR95E8VSHT6AR0STQSB44HMS
Date: Thu, 02 Feb 2023 13:35:46 GMT
Content-Length: 555
Content-Type: text/plain; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2284
Expires: Thu, 02 Feb 2023 14:13:50 GMT
Date: Thu, 02 Feb 2023 13:35:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2833
Expires: Thu, 02 Feb 2023 14:22:59 GMT
Date: Thu, 02 Feb 2023 13:35:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 12:43:31 GMT
content-type: application/json
age: 3135
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3169
Expires: Thu, 02 Feb 2023 14:28:35 GMT
Date: Thu, 02 Feb 2023 13:35:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UkSnIZsWbDgm/VWO+G6m5hslImR7P1Xduzh8ETndStBBqm6Axcgz7VF3OdO8nCYC98A0SZzC6r0E5lMd7QzjUQ==
x-amz-request-id: XEZV4WFWYBRA2Q81
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 13:23:07 GMT
age: 759
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 13:35:46 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 194b9123ac1041d8b8da18519d838e23
59633d77810e76bd8d074ccac94d5c633ef7a368
1a567828fcca92aa2eccc63a8da0a3ef03f6816b8984427f4c2ff5d0011fd8ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A567828FCCA92AA2ECCC63A8DA0A3EF03F6816B8984427F4C2FF5D0011FD8ED"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 02 Feb 2023 19:35:46 GMT
Date: Thu, 02 Feb 2023 13:35:46 GMT
Connection: keep-alive
topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
34.159.25.198200 OK 5.2 kB URL HTTP/2 topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16597)
Hash d2afbd02191e922f0fe1d1e22666389a
482df549f330a0a3d63894ec7b5d506d8ed71457
5bb9118f5ccbf44f94a0a5c7887331b92d3baeda7938d8354b720cdb8941cd7d
GET /t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
age: 60058
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "2c59636493790da8538cc83b036096ee-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GR95E9BFM37F38WR6WZSSX1B
content-length: 5238
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/runtime-e33097f.js
34.159.25.198200 OK 1.8 kB URL HTTP/2 topfinancialdebtrelief.com/_nuxt/runtime-e33097f.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (5144), with no line terminators
Hash 9644a1dbc7b37c657a95d1eab6e26afb
cfaaf89e86a0546286415688dba1f205b82256fc
e9ed7b6548decdf3164b6ff1da07d8a6ea218b02578badfd8e7a6506d547f604
GET /_nuxt/runtime-e33097f.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "1e6acf23c9593ed716e63508cc3257f3-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GR95E9GVD41BGCTW8NDCR1RC
content-length: 1819
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
topfinancialdebtrelief.com/_nuxt/css/app-12d87fb.css
34.159.25.198200 OK 2.8 kB URL HTTP/2 topfinancialdebtrelief.com/_nuxt/css/app-12d87fb.css
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (12809), with no line terminators
Hash a32225190ddb7b6dfeb17f3462d33ae2
fa26d57a32e561478f97a712da6831b35476f853
d79ae6f7371e8c1c0291876dfeaec0208039ca2004eb94b47b4896acb5fe9cfa
GET /_nuxt/css/app-12d87fb.css HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "53d99746a459c14219e072172ac0a97b-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GR95E9GXA32QG0TVD2ZFKXWA
content-length: 2777
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-134840482-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-134840482-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 4e8c1a0dc22845d1a2463b6a33f66141
80e8714b268e8c476308185411d8ed7709c259c6
f2efdcbb9efc8b579020067ba9af6ac0f0797945c8204b1cd89106b56f4cd2ef
GET /gtag/js?id=UA-134840482-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 13:35:46 GMT
expires: Thu, 02 Feb 2023 13:35:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44907
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/css/vendors/app-d46a401.css
34.159.25.198200 OK 28 kB URL HTTP/2 topfinancialdebtrelief.com/_nuxt/css/vendors/app-d46a401.css
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3fd4760d5c989aa8902e4f9c2052c2f6
a8d2e16e0578a668f71c8bb19ba3a9315581569c
eae00e6a45b92bbed73b99fb1980e77197e37ce85d1203c952722642857c46bd
GET /_nuxt/css/vendors/app-d46a401.css HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "b66bc57536334e672372dd5f56094ed6-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GR95E9GWVWBM3YJHKH3Z29TQ
content-length: 27478
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/img/logo.04167db.svg
34.159.25.198200 OK 1.6 kB URL HTTP/2 topfinancialdebtrelief.com/_nuxt/img/logo.04167db.svg
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dc55c79360a77ba2a29b290e0fcfcfe2
bd60d5863f4bc3967e31975b1d5e103210425d36
98389e0c37ed7feb2bcf146bb812a17d0fac9fff08df8dd8e06c87b0334c55b2
GET /_nuxt/img/logo.04167db.svg HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60059
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: image/svg+xml
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "f1c821aca19fc02820bf8e8814d0f610-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GR95E9H335VJ0K7M93ER7H6W
content-length: 1627
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/static/1675202537/manifest.js
34.159.25.198200 OK 180 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/manifest.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash 1ead6797c3c9c0f9bb10e826f4b2f8dc
d67b3b7525968434517838aab89e66212d4069fc
615cb1fb10466448d29bf80e36c113648a3b043ca2383d6787057ee1ac2ca935
GET /_nuxt/static/1675202537/manifest.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "500d145da184e8cab0872650039e0cf5-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95E9H2BZ6M5ETQHNZW2HM7
content-length: 180
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/static/1675202537/t011123/payload.js
34.159.25.198200 OK 62 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/t011123/payload.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash b73046283011290c44ea44ec757c21cc
78b17e49e9a17f4985f0181e1627560878fec13f
a16489af8d1928b88b13060e77ec553e52924f7a7587715b18a744b254ac0bd0
GET /_nuxt/static/1675202537/t011123/payload.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "712313f02dfe8317dce0f7db760266e3-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95E9H27VQZ00DMJS7KKS77
content-length: 62
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/static/1675202537/t011123/state.js
34.159.25.198200 OK 717 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/t011123/state.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (717), with no line terminators
Hash 5879be13fc6a710e4d7920c4cfa126ae
6ec1ee4457c1713e55ff86bd3df13357903eeda3
b3ddd85da06f35ffff7b94522977c4a8c07bcf78fcfc5da6335f5f83df0e170b
GET /_nuxt/static/1675202537/t011123/state.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "5adaf11983df208f6ad3513925efb45c-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95E9H10Q6861Z143RKGQWM
content-length: 717
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/vendors/app-579f31f.js
34.159.25.198200 OK 138 kB URL HTTP/2 topfinancialdebtrelief.com/_nuxt/vendors/app-579f31f.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with very long lines (65482)
Size 138 kB (137799 bytes)
Hash 17569527cf990909680e2abd81f8008d
80362be44f50ca3493020f4f2257894750382717
ba35019594064818cc22dffa744d6c166b7175f349b15658677b78b5b12779aa
GET /_nuxt/vendors/app-579f31f.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "2ea90e72785d6ed98ff785e2caf910e1-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GR95E9GW1PYN2HC4R50QJ2HY
content-length: 137799
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/app-080e931.js
34.159.25.198200 OK 40 kB URL HTTP/2 topfinancialdebtrelief.com/_nuxt/app-080e931.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type Unicode text, UTF-8 text, with very long lines (65457), with no line terminators
Hash 5c3c2cfb1908e935bc422f4778dc926f
73cdb1f35cf288c63388182513fba81f6200ff4a
06c5a65fdc8e99fb772fb8344bc94b5d0654ca95c18d25d1aa219b1b205bf206
GET /_nuxt/app-080e931.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:48 GMT
etag: "914f7bce350d3e5585fc56aed33a7971-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GR95E9GXAKBTGK8R2HT6XPMG
content-length: 39940
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 12:49:05 GMT
age: 2801
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 78f74306b911948c812776e42f3f8e5c
32d0ef378152fc4c5bd27159090710301d5060b2
908ad52b513dcb01b988392f141a9dd92ba8622bfbfc298e08417f8ecfc76f87
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86737
Date: Thu, 02 Feb 2023 13:35:46 GMT
Etag: "63da655c-1d7"
Expires: Fri, 03 Feb 2023 13:41:23 GMT
Last-Modified: Wed, 01 Feb 2023 13:13:00 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mIp_xaKQyParyIQ3qU-ktaij3Ppsuy_3nG3KVBLkb2MM97aqjFHF6w==
Age: 1703
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a40e7e701d9a58f671a32e20a455eee8
3d209ff2ed8f4e659b728d0344a43702af4eff22
f5b405641ffade54c462ff4747e2b9430800887f981e7f9a8853e0738ab6e62b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 804
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:47 GMT
Etag: "63dac66f-118"
Last-Modified: Thu, 02 Feb 2023 13:22:23 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 280
dist.routingapi.com/jsapi/v1/retreaver.min.js
54.230.111.15200 OK 8.2 kB URL HTTP/2 dist.routingapi.com/jsapi/v1/retreaver.min.js
IP 54.230.111.15:0
Hash 5d3e7cdc51e0ccaa70cfbb7d705406f0
bc18ded0a7089ee4702bb2c2228002aa2cd8aa3c
b8218d8ca33c9244acae16c97fb01ef20537a5e19ec6c89890f822940d774bdf
GET /jsapi/v1/retreaver.min.js HTTP/1.1
Host: dist.routingapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 02 Feb 2023 03:29:00 GMT
server: nginx/1.18.0 (Ubuntu)
last-modified: Wed, 01 Feb 2023 12:46:34 GMT
etag: W/"63da5f2a-5a59"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JCwkCATqX5dUnhYXxJgA2ozR4uWYImtlEnzQ1_CIAnN2jOpt1ua3Mg==
age: 36406
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/static/1675202537/manifest.js
34.159.25.198304 Not Modified 0 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/manifest.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_nuxt/static/1675202537/manifest.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c&s1&s2&s3&s4&s5=BS&debt_type&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16%3A30%3A37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-None-Match: "500d145da184e8cab0872650039e0cf5-ssl"
TE: trailers
HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Thu, 02 Feb 2023 13:35:47 GMT
etag: "500d145da184e8cab0872650039e0cf5-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95E9Y64XFP7G67SQTAMWTD
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ddb4df40df9122a8ce03deb28c833eb2
e0168a34cde664087ec691ab935ec37169900042
ad67c347674e6cd86d234391cfd0c8243db5667c0f873adf0695816238311191
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:47 GMT
Server: ECS (amb/6BC3)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
142.250.74.35200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:32:21 GMT
expires: Mon, 29 Jan 2024 07:32:21 GMT
cache-control: public, max-age=31536000
age: 367406
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
142.250.74.35200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:41:33 GMT
expires: Fri, 02 Feb 2024 00:41:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
age: 46454
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/static/1675202537/t011123/payload.js
34.159.25.198304 Not Modified 0 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/t011123/payload.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_nuxt/static/1675202537/t011123/payload.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c&s1&s2&s3&s4&s5=BS&debt_type&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16%3A30%3A37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.0.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-None-Match: "712313f02dfe8317dce0f7db760266e3-ssl"
TE: trailers
HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Thu, 02 Feb 2023 13:35:47 GMT
etag: "712313f02dfe8317dce0f7db760266e3-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EA115SRX2ET5CCEKB1A4
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash da162e3bf7df915e723aa46dd19a3dc0
5f1a49d2075ab2e3c5da927e21d163dee6bda1ea
7029bed762d03461d811dd132ac3dc9657bbc4f5fe26b6235140df31d8b6cf41
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 13:35:47 GMT
Last-Modified: Thu, 02 Feb 2023 12:14:21 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8k9q1oSx7XIEYzQ9Q9i4EIjxngjbnlncp040arQj7RDcB9asur112g==
Age: 4887
dist.routingapi.com/jsapi/v1/retreaver.min.js
54.230.111.15304 Not Modified 0 B URL HTTP/2 dist.routingapi.com/jsapi/v1/retreaver.min.js
IP 54.230.111.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jsapi/v1/retreaver.min.js HTTP/1.1
Host: dist.routingapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 01 Feb 2023 12:46:34 GMT
If-None-Match: W/"63da5f2a-5a59"
TE: trailers
HTTP/2 304 Not Modified
date: Thu, 02 Feb 2023 03:29:00 GMT
server: nginx/1.18.0 (Ubuntu)
last-modified: Wed, 01 Feb 2023 12:46:34 GMT
etag: W/"63da5f2a-5a59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZOAS13JBaR0hYzOhYDgISt7o8jPd408zft0qySFtW8PYW1ItHtr9wg==
age: 36406
X-Firefox-Spdy: h2
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16753449732570.911443988108736
3.92.140.101301 Moved Permanently 134 B URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16753449732570.911443988108736
IP 3.92.140.101:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16753449732570.911443988108736 HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Thu, 02 Feb 2023 13:35:47 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16753449732570.911443988108736
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 592559549cb91753ccc8dc2c0e1c6a65
19351db7e1140c53df5aedb02e0482cf228f62ca
bfa9b8857d4d6702d9c9c198260ce722d6d7c84b372eb7246caeea161b4f658d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFA9B8857D4D6702D9C9C198260CE722D6D7C84B372EB7246CAEEA161B4F658D"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10831
Expires: Thu, 02 Feb 2023 16:36:18 GMT
Date: Thu, 02 Feb 2023 13:35:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 592559549cb91753ccc8dc2c0e1c6a65
19351db7e1140c53df5aedb02e0482cf228f62ca
bfa9b8857d4d6702d9c9c198260ce722d6d7c84b372eb7246caeea161b4f658d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFA9B8857D4D6702D9C9C198260CE722D6D7C84B372EB7246CAEEA161B4F658D"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10831
Expires: Thu, 02 Feb 2023 16:36:18 GMT
Date: Thu, 02 Feb 2023 13:35:47 GMT
Connection: keep-alive
push.services.mozilla.com/
54.212.170.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.212.170.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +K9famLhi6X4VvMjJoRsnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 42ylr+PJcYeekfn+u0XixgBoFrw=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ddb4df40df9122a8ce03deb28c833eb2
e0168a34cde664087ec691ab935ec37169900042
ad67c347674e6cd86d234391cfd0c8243db5667c0f873adf0695816238311191
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6437
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:47 GMT
Last-Modified: Thu, 02 Feb 2023 11:48:31 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 279
topfinancialdebtrelief.com/_nuxt/static/1675202537/payload.js
34.159.25.198200 OK 55 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/payload.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash b49c5dd75ec38c6860b0940260c68bf4
e796778b1d77e5e6d44a98432c8eec3dbb7e1767
2ccad135b820dd22a56f4cdd2f420fe12b5a2256b4dcd3892a79ec75e115c5f5
GET /_nuxt/static/1675202537/payload.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c&s1&s2&s3&s4&s5=BS&debt_type&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16%3A30%3A37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.1.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974; CallPixels-ou=aHR0cHM6Ly90b3BmaW5hbmNpYWxkZWJ0cmVsaWVmLmNvbS90MDExMTIzLz9vaWQ9NjQmYT0yMDIwJnI9OTI5MDI2NmFhMzc2NDE2ZWEyYjAzYTQwYzg4NGU3NmImYyZzMSZzMiZzMyZzNCZzNT1CUyZkZWJ0X3R5cGUmdXRtX2NhbXBhaWduPXRmZHJfZGFpbHlfam4mdXRtX21lZGl1bT1lbWFpbCZic2Z0X3VpZD1mYzYzYzQxMC0wYzI0LTRlNGEtYmM2Yi1jOGFhM2RhMTA1NzAmYnNmdF90dj00JmJzZnRfYWFpZD00MWU4YWYxMS00NTdmLTRmMWQtODU0Yy05MjM4YmQ5NjU1YjAmYnNmdF9taWQ9ZWIyMTRmZTUtMmJiMC00NTIyLTgyZjYtYzYyMGM3YTY5ZWY5JmJzZnRfY2xraWQ9MGMyNzlmYzktYWI4YS00YjdmLWE1YjUtNjY5N2MwZDg5ZDgyJmJzZnRfZWs9MjAyMy0wMi0wMVQxNiUzQTMwJTNBMzdaJmJzZnRfbWltZV90eXBlPWh0bWwmYnNmdF9laWQ9NWFiY2QxZjUtYWY1OC0zNWQ2LTRmZmItNDFkNWFjOTY4NjFiJnV0bV9jb250ZW50PXRvcGZpbmFuY2lhbF90ZXh0X2ludGVybmFsX3Bob25lJmJzZnRfbHg9MSZ1dG1fc291cmNlPWJsdWVzaGlmdA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:49 GMT
etag: "8c443ef50f90aa8ebdae3c3e4fd93721-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EA8E1WTXX7TFKCD0W2JV
content-length: 55
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/static/1675202537/ccpa/payload.js
34.159.25.198200 OK 59 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/ccpa/payload.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash 33fd12cc54bfbb1f485a1c112612e22f
426067bf5580bd716670f92a0a67bac6acd2532a
5cc9801681d8509b2d6e89999b17f5e657eb1da392115a0208e05a4f41bd2629
GET /_nuxt/static/1675202537/ccpa/payload.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c&s1&s2&s3&s4&s5=BS&debt_type&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16%3A30%3A37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.1.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974; CallPixels-ou=aHR0cHM6Ly90b3BmaW5hbmNpYWxkZWJ0cmVsaWVmLmNvbS90MDExMTIzLz9vaWQ9NjQmYT0yMDIwJnI9OTI5MDI2NmFhMzc2NDE2ZWEyYjAzYTQwYzg4NGU3NmImYyZzMSZzMiZzMyZzNCZzNT1CUyZkZWJ0X3R5cGUmdXRtX2NhbXBhaWduPXRmZHJfZGFpbHlfam4mdXRtX21lZGl1bT1lbWFpbCZic2Z0X3VpZD1mYzYzYzQxMC0wYzI0LTRlNGEtYmM2Yi1jOGFhM2RhMTA1NzAmYnNmdF90dj00JmJzZnRfYWFpZD00MWU4YWYxMS00NTdmLTRmMWQtODU0Yy05MjM4YmQ5NjU1YjAmYnNmdF9taWQ9ZWIyMTRmZTUtMmJiMC00NTIyLTgyZjYtYzYyMGM3YTY5ZWY5JmJzZnRfY2xraWQ9MGMyNzlmYzktYWI4YS00YjdmLWE1YjUtNjY5N2MwZDg5ZDgyJmJzZnRfZWs9MjAyMy0wMi0wMVQxNiUzQTMwJTNBMzdaJmJzZnRfbWltZV90eXBlPWh0bWwmYnNmdF9laWQ9NWFiY2QxZjUtYWY1OC0zNWQ2LTRmZmItNDFkNWFjOTY4NjFiJnV0bV9jb250ZW50PXRvcGZpbmFuY2lhbF90ZXh0X2ludGVybmFsX3Bob25lJmJzZnRfbHg9MSZ1dG1fc291cmNlPWJsdWVzaGlmdA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60050
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:57 GMT
etag: "7eb760538cb82ba0b207e4a9fa4f69fe-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EA9Y0KX4VXGPWBMA0367
content-length: 59
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/service-worker.js
34.159.25.198200 OK 266 B URL HTTP/2 topfinancialdebtrelief.com/service-worker.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 531b65668dd946da50592326a97775e8
7cf3c525a1d91c0200c6adba68564726691cd1fe
e4f7ab56b251c1dc8004984973dc9986442e2f0a377fe18df45fcc6c45c7a505
GET /service-worker.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.0.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974; CallPixels-ou=aHR0cHM6Ly90b3BmaW5hbmNpYWxkZWJ0cmVsaWVmLmNvbS90MDExMTIzLz9vaWQ9NjQmYT0yMDIwJnI9OTI5MDI2NmFhMzc2NDE2ZWEyYjAzYTQwYzg4NGU3NmImYyZzMSZzMiZzMyZzNCZzNT1CUyZkZWJ0X3R5cGUmdXRtX2NhbXBhaWduPXRmZHJfZGFpbHlfam4mdXRtX21lZGl1bT1lbWFpbCZic2Z0X3VpZD1mYzYzYzQxMC0wYzI0LTRlNGEtYmM2Yi1jOGFhM2RhMTA1NzAmYnNmdF90dj00JmJzZnRfYWFpZD00MWU4YWYxMS00NTdmLTRmMWQtODU0Yy05MjM4YmQ5NjU1YjAmYnNmdF9taWQ9ZWIyMTRmZTUtMmJiMC00NTIyLTgyZjYtYzYyMGM3YTY5ZWY5JmJzZnRfY2xraWQ9MGMyNzlmYzktYWI4YS00YjdmLWE1YjUtNjY5N2MwZDg5ZDgyJmJzZnRfZWs9MjAyMy0wMi0wMVQxNiUzQTMwJTNBMzdaJmJzZnRfbWltZV90eXBlPWh0bWwmYnNmdF9laWQ9NWFiY2QxZjUtYWY1OC0zNWQ2LTRmZmItNDFkNWFjOTY4NjFiJnV0bV9jb250ZW50PXRvcGZpbmFuY2lhbF90ZXh0X2ludGVybmFsX3Bob25lJmJzZnRfbHg9MSZ1dG1fc291cmNlPWJsdWVzaGlmdA==
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Thu, 02 Feb 2023 13:35:47 GMT
etag: "4bb3795d106ece34b5fb687942d54555-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EA70CTBMEQRDTZS4P4DF
content-length: 266
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 134b7675ba687be98cb511ddb1127095
b7837c80a759a4ce69d992c31c3eda1cb4072126
de9160b2c32d5fbc4baa3fc3cfe28c37c5006ace6b1ebe163db1378ce94b94f0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 13:35:47 GMT
Last-Modified: Thu, 02 Feb 2023 12:23:55 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4kAQ5VEVtOh6Y86b4tkLkYyPyCDtnWUNcWak-lXfV5LFFR0VYJZb_g==
Age: 4312
ipinfo.io/json?token=3c2d1fd8d3a4a9
34.117.59.81204 No Content 0 B URL HTTP/2 ipinfo.io/json?token=3c2d1fd8d3a4a9
IP 34.117.59.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /json?token=3c2d1fd8d3a4a9 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Referer: https://topfinancialdebtrelief.com/
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers, Accept-Encoding
date: Thu, 02 Feb 2023 13:35:47 GMT
x-envoy-upstream-service-time: 17
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
topfinancialdebtrelief.com/_nuxt/static/1675202537/terms/payload.js
34.159.25.198200 OK 60 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/terms/payload.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash f4761762b44326156a07ec795d699780
4a871c18f9c3762a25dfe2ebc177f6b318b1b789
812b59db73fa9cf27bf50283cd9f04df1dcd0acc005df6110d5c901d9b9cf36e
GET /_nuxt/static/1675202537/terms/payload.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c&s1&s2&s3&s4&s5=BS&debt_type&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16%3A30%3A37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.1.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974; CallPixels-ou=aHR0cHM6Ly90b3BmaW5hbmNpYWxkZWJ0cmVsaWVmLmNvbS90MDExMTIzLz9vaWQ9NjQmYT0yMDIwJnI9OTI5MDI2NmFhMzc2NDE2ZWEyYjAzYTQwYzg4NGU3NmImYyZzMSZzMiZzMyZzNCZzNT1CUyZkZWJ0X3R5cGUmdXRtX2NhbXBhaWduPXRmZHJfZGFpbHlfam4mdXRtX21lZGl1bT1lbWFpbCZic2Z0X3VpZD1mYzYzYzQxMC0wYzI0LTRlNGEtYmM2Yi1jOGFhM2RhMTA1NzAmYnNmdF90dj00JmJzZnRfYWFpZD00MWU4YWYxMS00NTdmLTRmMWQtODU0Yy05MjM4YmQ5NjU1YjAmYnNmdF9taWQ9ZWIyMTRmZTUtMmJiMC00NTIyLTgyZjYtYzYyMGM3YTY5ZWY5JmJzZnRfY2xraWQ9MGMyNzlmYzktYWI4YS00YjdmLWE1YjUtNjY5N2MwZDg5ZDgyJmJzZnRfZWs9MjAyMy0wMi0wMVQxNiUzQTMwJTNBMzdaJmJzZnRfbWltZV90eXBlPWh0bWwmYnNmdF9laWQ9NWFiY2QxZjUtYWY1OC0zNWQ2LTRmZmItNDFkNWFjOTY4NjFiJnV0bV9jb250ZW50PXRvcGZpbmFuY2lhbF90ZXh0X2ludGVybmFsX3Bob25lJmJzZnRfbHg9MSZ1dG1fc291cmNlPWJsdWVzaGlmdA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60050
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:57 GMT
etag: "9027da2af874a4f3a23e3dd72a11e1d2-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EABH6GDBD12TPZY87RMK
content-length: 60
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 592559549cb91753ccc8dc2c0e1c6a65
19351db7e1140c53df5aedb02e0482cf228f62ca
bfa9b8857d4d6702d9c9c198260ce722d6d7c84b372eb7246caeea161b4f658d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFA9B8857D4D6702D9C9C198260CE722D6D7C84B372EB7246CAEEA161B4F658D"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10831
Expires: Thu, 02 Feb 2023 16:36:18 GMT
Date: Thu, 02 Feb 2023 13:35:47 GMT
Connection: keep-alive
topfinancialdebtrelief.com/_nuxt/static/1675202537/privacy/payload.js
34.159.25.198200 OK 62 B URL HTTP/2 topfinancialdebtrelief.com/_nuxt/static/1675202537/privacy/payload.js
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type ASCII text, with no line terminators
Hash dcfd572169408292b6b71b52c49ba4b2
ed8dd243bfcb99ce762233904b3bddb76723f421
fcddefab16f6153d0f2b5c9f57147d39323722514fd9657f590bcc3fcc63a27b
GET /_nuxt/static/1675202537/privacy/payload.js HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c&s1&s2&s3&s4&s5=BS&debt_type&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16%3A30%3A37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.1.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974; CallPixels-ou=aHR0cHM6Ly90b3BmaW5hbmNpYWxkZWJ0cmVsaWVmLmNvbS90MDExMTIzLz9vaWQ9NjQmYT0yMDIwJnI9OTI5MDI2NmFhMzc2NDE2ZWEyYjAzYTQwYzg4NGU3NmImYyZzMSZzMiZzMyZzNCZzNT1CUyZkZWJ0X3R5cGUmdXRtX2NhbXBhaWduPXRmZHJfZGFpbHlfam4mdXRtX21lZGl1bT1lbWFpbCZic2Z0X3VpZD1mYzYzYzQxMC0wYzI0LTRlNGEtYmM2Yi1jOGFhM2RhMTA1NzAmYnNmdF90dj00JmJzZnRfYWFpZD00MWU4YWYxMS00NTdmLTRmMWQtODU0Yy05MjM4YmQ5NjU1YjAmYnNmdF9taWQ9ZWIyMTRmZTUtMmJiMC00NTIyLTgyZjYtYzYyMGM3YTY5ZWY5JmJzZnRfY2xraWQ9MGMyNzlmYzktYWI4YS00YjdmLWE1YjUtNjY5N2MwZDg5ZDgyJmJzZnRfZWs9MjAyMy0wMi0wMVQxNiUzQTMwJTNBMzdaJmJzZnRfbWltZV90eXBlPWh0bWwmYnNmdF9laWQ9NWFiY2QxZjUtYWY1OC0zNWQ2LTRmZmItNDFkNWFjOTY4NjFiJnV0bV9jb250ZW50PXRvcGZpbmFuY2lhbF90ZXh0X2ludGVybmFsX3Bob25lJmJzZnRfbHg9MSZ1dG1fc291cmNlPWJsdWVzaGlmdA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60050
cache-control: public, max-age=0, must-revalidate
content-type: application/javascript; charset=UTF-8
date: Wed, 01 Feb 2023 20:54:57 GMT
etag: "6bc47b5c91278feea72c981d1b26b756-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EAD7YHN7YE0XBR1ZDH1C
content-length: 62
X-Firefox-Spdy: h2
ipinfo.io/json?token=3c2d1fd8d3a4a9
34.117.59.81200 OK 242 B URL HTTP/2 ipinfo.io/json?token=3c2d1fd8d3a4a9
IP 34.117.59.81:0
File type JSON data\012- , ASCII text
Hash bf6a9eccdef5c01141c1f217f5b7c5d4
b11db2ffbb850db0d2a4cf711f2cf175fa0d2fd3
514aa569c693a0f78648c49d42954f9e78f778b1a393e32a575d46ef4b4c73a2
GET /json?token=3c2d1fd8d3a4a9 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Thu, 02 Feb 2023 13:35:47 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash ee3738f7eb24a22549cb6eb6ef564c54
c255f589f0b2810e9106a6f126145b226d044707
53cf9f944bc247df2f93f5198172c8071682c98716bcb99213611885692bbdc8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 13:35:48 GMT
Last-Modified: Thu, 02 Feb 2023 12:13:31 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FmVlKFltUK6PPwR7wqtGzp9tyFPP3fB3O9iNjnKF8Cyyr0HaqfBW9w==
Age: 4937
event.trk-consulatu.com/register/event_log/3mg6v4m0d1
172.64.206.35200 OK 6.8 kB URL HTTP/2 event.trk-consulatu.com/register/event_log/3mg6v4m0d1
IP 172.64.206.35:0
Hash 2158e13fd53ef7af531fc2538af5e603
f3fcfdefba8eed4720c40881ea566c33b0919e22
02a8c3419623950d449ee7a2a5335737686cfcfd57885416c7a2b6376f42f1ec
OPTIONS /register/event_log/3mg6v4m0d1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://topfinancialdebtrelief.com/
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:48 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://topfinancialdebtrelief.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qn5mq9YwUexsrqcIezX3p0h3sOM9Z8CTkmiXIikjbjGAH2DCyMcgM%2BysALvYu41keBh3p4B0AyiI2LStqWoBNl6M87%2BwBaPg3QUwzzjBMWhLMtlf11MXnj94vqPffYdLD1nyqPTE%2FxC9qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79334fe64fade674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/3mg6v4m0d1
172.64.206.35200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/3mg6v4m0d1
IP 172.64.206.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /register/event_log/3mg6v4m0d1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://topfinancialdebtrelief.com/
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:48 GMT
content-length: 0
access-control-allow-headers: content-type
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://topfinancialdebtrelief.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mU1fgnzz2iNEF3BFzYuSS1HhuVA3I57hFA8DyBLN7FMZAYlBWfEUwjWwGDbh3%2FFHYydEAPeazm8oIjj27zPKmkr1aZEgnfbrrDmpnvb8jgAqju1sP8mYLVPZosZ6RRlXk41HsKPAxFY8sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79334fe65fb7e674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/3mg6v4m0d1
172.64.206.35200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/3mg6v4m0d1
IP 172.64.206.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/3mg6v4m0d1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topfinancialdebtrelief.com/
Content-type: application/json
Origin: https://topfinancialdebtrelief.com
Content-Length: 201
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:48 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://topfinancialdebtrelief.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUl1fJaTFl3zVzZW4bQOxJXsy72CrFn5ZC94YvIjO4FvM9EbTqRspUg7T79b7jXnUWf0JGUsCm4KYjin8FS98E%2FR%2FSj9jSbPGs7vGarkA2Jp4y4gqNHYnH96b9A4%2BjoaG6SxZICPpw2jgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79334fe6f81de674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
event.trk-consulatu.com/register/event_log/3mg6v4m0d1
172.64.206.35200 OK 0 B URL HTTP/2 event.trk-consulatu.com/register/event_log/3mg6v4m0d1
IP 172.64.206.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/3mg6v4m0d1 HTTP/1.1
Host: event.trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topfinancialdebtrelief.com/
Content-type: application/json
Origin: https://topfinancialdebtrelief.com
Content-Length: 240
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:48 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: DENY
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-allow-origin: https://topfinancialdebtrelief.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials: true
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXdTyyog%2BEk23u9o0bXEXyyMpWEZS2WiO3kGTe1ZeSQWN4CoDZOwNCE3W6Q%2FooUziMRPYfEOVueQOXwqd5ThNUacfyie9nfp0KqVbxEzqK%2FRYQHQ7Oiyevcuup6luGlu48xojozKBAPstg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79334fe79878e674-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
54.230.245.35200 OK 1.4 kB URL HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
IP 54.230.245.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1
GET /iframe.html?token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Mon, 30 Jan 2023 20:27:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 02 Feb 2023 08:10:09 GMT
ETag: W/"63d8282d-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DLr67zA-K5s_ImzRJfrBq0XsP7iCtvk1oVcQyXpbWw8pSQBT_PSQ9g==
Age: 19797
create.leadid.com/2.11.9/InitFormData?msn=3&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060532
52.72.8.210200 OK 523 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060532
IP 52.72.8.210:0
Hash 4ce1ec795d60d91a7c2a6250883bd757
253ac6920cf0b3d6f589a4034aa7f9f5a16f497b
07b54d69874615a176deeb63a2754293eef8519427aae5a2bca44e9daceae160
POST /2.11.9/InitFormData?msn=3&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060532 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 423
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:48 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rguserid=44fd19b9-1517-4509-a81e-f4a5fc85e48c; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060531
52.72.8.210200 OK 523 B URL HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060531
IP 52.72.8.210:0
Hash 4ce1ec795d60d91a7c2a6250883bd757
253ac6920cf0b3d6f589a4034aa7f9f5a16f497b
07b54d69874615a176deeb63a2754293eef8519427aae5a2bca44e9daceae160
POST /2.11.9/SaveDom?msn=2&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060531 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:48 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rguserid=f4da1df5-e8e5-4f5d-94c6-0aeb24da0683; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1d06527f75868ea84da730b7c8b5660
6c0cb65a477d6bc7d013529411d5735bd39e3d46
2ff4fb12b9ac4dff67bf89cc69f1bfce3ffa738696f904172044a5a537a704c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dac6192-89b0-4161-86a2-38f3998a1bc4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6783
x-amzn-requestid: 5ab60169-ec65-483a-828b-3312c74ee4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BGjqoAMFV6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-73a465244f89adaa27626246;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S012XKdrl7ID1qnfD-G2fcAxWoseP_mAnaDi12Y-UmdBW8yXgGlpgQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:46 GMT
age: 55022
etag: "6c0cb65a477d6bc7d013529411d5735bd39e3d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0ca0ccee69fbee57aac373f94120bb4
5d6309502ffd0c33f6199d46f0d14d0a22e3c752
bed9d4689ff57fa636ee08dab3eef3cdf6c4e0a7103e5185151afe8ddfb755f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79ec7db4-9aef-4e9e-a8d9-431c9085df2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11552
x-amzn-requestid: 611f63cb-f058-493b-ac86-7e268b866fd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTvG9VIAMFgPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc17-78de7563537b111924100346;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lHLm3IkJRn59US_8SXKXQnNDUiCLIWnQ7QN-DWB3jkot9Ub3b6FUgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:01:11 GMT
age: 56077
etag: "5d6309502ffd0c33f6199d46f0d14d0a22e3c752"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 54637
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604c573da6f79effa2a81e711c14ad9e
322a3a510ca73e124d78e31b49d676ec891a6762
8d2b897fe4251106be9183fa2a6a3b0918cd1f4dcc5f814aa88a630a77b4045c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1ea9f44-4a0b-4366-b041-d2bd88c5fcb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: 774cebdf-b2bf-4a98-9d2b-e2abd4bd1a2b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BG-hoAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-234163873ca67e934d684a1d;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uv7tRovOGAr5hGDOcMmPoh29VHlsX4bvWxjRLCXV1Bpg9l0dOBJxFA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:15:49 GMT
age: 55199
etag: "322a3a510ca73e124d78e31b49d676ec891a6762"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=824407e4-9141-4619-8c0d-65f536167723&_=645060530
52.72.8.210200 OK 16 kB URL HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=824407e4-9141-4619-8c0d-65f536167723&_=645060530
IP 52.72.8.210:0
Hash 6b57f4f4fcf19818f29e22f72fdccad0
de7c6b0c5e305a138b36e0be0ab7e681683c18e1
38cce47ad04e5d95a1e75b9fca47de1d19d2a6e782a0280336434547d0221761
POST /2.11.9/GenerateToken?msn=1&pid=824407e4-9141-4619-8c0d-65f536167723&_=645060530 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 763
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:48 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rguserid=1be0c7bb-f42c-4401-8111-8fe4a8e799c1; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:48 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 55013
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash fc0a113da033de711a980f6acba64744
e17c6edbaba6f006316f713a00a0db159867ba56
b4fff11f926a0c09cc47cd4e4c934b4cf6849a339595e36403bbe0ba47a5b856
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 13:35:48 GMT
Last-Modified: Thu, 02 Feb 2023 12:05:51 GMT
Server: ECS (dcb/7EEA)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -pgPIaD6VaCLX0BzKDyBUW-Qwft2OJDb6zQG8Urj21aA2iH1D4tioQ==
Age: 5397
topfinancialdebtrelief.com/favicon/favicon-16x16.png
34.159.25.198200 OK 1.1 kB URL HTTP/2 topfinancialdebtrelief.com/favicon/favicon-16x16.png
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 680274c09b697a6c21bb3a21df3632fb
732ffb578ef025695d4fd942e95904580753eafe
7d820960d51c324b2c47721fa6d6e96cb6a7bd966b3a8e271683e173e833618a
GET /favicon/favicon-16x16.png HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.1.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974; CallPixels-ou=aHR0cHM6Ly90b3BmaW5hbmNpYWxkZWJ0cmVsaWVmLmNvbS90MDExMTIzLz9vaWQ9NjQmYT0yMDIwJnI9OTI5MDI2NmFhMzc2NDE2ZWEyYjAzYTQwYzg4NGU3NmImYyZzMSZzMiZzMyZzNCZzNT1CUyZkZWJ0X3R5cGUmdXRtX2NhbXBhaWduPXRmZHJfZGFpbHlfam4mdXRtX21lZGl1bT1lbWFpbCZic2Z0X3VpZD1mYzYzYzQxMC0wYzI0LTRlNGEtYmM2Yi1jOGFhM2RhMTA1NzAmYnNmdF90dj00JmJzZnRfYWFpZD00MWU4YWYxMS00NTdmLTRmMWQtODU0Yy05MjM4YmQ5NjU1YjAmYnNmdF9taWQ9ZWIyMTRmZTUtMmJiMC00NTIyLTgyZjYtYzYyMGM3YTY5ZWY5JmJzZnRfY2xraWQ9MGMyNzlmYzktYWI4YS00YjdmLWE1YjUtNjY5N2MwZDg5ZDgyJmJzZnRfZWs9MjAyMy0wMi0wMVQxNiUzQTMwJTNBMzdaJmJzZnRfbWltZV90eXBlPWh0bWwmYnNmdF9laWQ9NWFiY2QxZjUtYWY1OC0zNWQ2LTRmZmItNDFkNWFjOTY4NjFiJnV0bV9jb250ZW50PXRvcGZpbmFuY2lhbF90ZXh0X2ludGVybmFsX3Bob25lJmJzZnRfbHg9MSZ1dG1fc291cmNlPWJsdWVzaGlmdA==; leadid_token-17B1014D-89D8-0A9A-D23F-B85698F480B4-C6386475-8274-7572-C7AC-BB7BA7BD96F6=F31568EB-3F7A-AF96-9D28-989100BB0DF5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 60058
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Wed, 01 Feb 2023 20:54:50 GMT
etag: "5504d5fb96718eac0ffa3c859db07859-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EBH575ER2E0EQ2G7G9V6
content-length: 1050
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 11:44:08 GMT
expires: Thu, 02 Feb 2023 13:44:08 GMT
cache-control: public, max-age=7200
age: 6700
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/574664987/?random=1675344973229&cv=11&fst=1675344973229&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&auid=1055272236.1675344973&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/574664987/?random=1675344973229&cv=11&fst=1675344973229&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&auid=1055272236.1675344973&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (3019), with no line terminators
Hash 1a19b4bcc43e66e71ed1046dfa556535
e29c1bb127c0c15960c376201b12480378e5a3a9
e4563bbefbcac5904073fa5a12a446fcd64a412d6a0a0843d9f4c0c7ec23448a
GET /pagead/viewthroughconversion/574664987/?random=1675344973229&cv=11&fst=1675344973229&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&auid=1055272236.1675344973&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 13:35:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1198
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 13:50:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.connectstreams.com/js/connectme-v3.min.js
169.61.92.18200 OK 9.1 kB URL HTTP/2 api.connectstreams.com/js/connectme-v3.min.js
IP 169.61.92.18:0
Hash 7edcd837c3c7e771d6afa65b9b3c1110
cd2ea5d660355f82ef320417a06b39d2c4ecc6ee
bac25568d01503261e63ea734de4713dcfc9e4a8e3564171a55476add52088c8
GET /js/connectme-v3.min.js HTTP/1.1
Host: api.connectstreams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: text/javascript
content-encoding: gzip
etag: V336.dce455c9cf914b2a8816ed49cf07419b
vary: Accept-Encoding
date: Thu, 02 Feb 2023 13:35:47 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: IjCU80qTzbgMLtTgrZ2sQgNG2UBzy7iFTk8wUaSZI2xJzBe9yYefmjG28J+ctTTp1AVOb2EDt6WY/2KhZIwZBw==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Thu, 02 Feb 2023 13:35:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bae868356becb6470806e213f97e8aa6
1a3c7ffdce0f4e9c1f59aa0cd7715f22bade5117
c9930f2471f9a8a87fddfe3989391d65e1c41b3457a3f0fbf2e2357566f81a1b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4004
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:48 GMT
Last-Modified: Thu, 02 Feb 2023 12:29:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
topfinancialdebtrelief.com/favicon/apple-touch-icon.png
34.159.25.198200 OK 21 kB URL HTTP/2 topfinancialdebtrelief.com/favicon/apple-touch-icon.png
IP 34.159.25.198:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash bb80de94acf7f1421ec71e676459645f
75019d3803c064b22488a1c80d4316a00ee13617
fa7591cc419638d3be20c7f4834b9bd9bf2e30476b4dad01061757a0b1e2fac7
GET /favicon/apple-touch-icon.png HTTP/1.1
Host: topfinancialdebtrelief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/t011123/?oid=64&a=2020&r=9290266aa376416ea2b03a40c884e76b&c=&s1=&s2=&s3=&s4=&s5=BS&debt_type=&utm_campaign=tfdr_daily_jn&utm_medium=email&bsft_uid=fc63c410-0c24-4e4a-bc6b-c8aa3da10570&bsft_tv=4&bsft_aaid=41e8af11-457f-4f1d-854c-9238bd9655b0&bsft_mid=eb214fe5-2bb0-4522-82f6-c620c7a69ef9&bsft_clkid=0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82&bsft_ek=2023-02-01T16:30:37Z&bsft_mime_type=html&bsft_eid=5abcd1f5-af58-35d6-4ffb-41d5ac96861b&utm_content=topfinancial_text_internal_phone&bsft_lx=1&utm_source=blueshift
Cookie: _gcl_au=1.1.1055272236.1675344973; _ga_394XFC0NR3=GS1.1.1675344973.1.1.1675344973.0.0.0; _ga=GA1.1.371430578.1675344974; CallPixels-ou=aHR0cHM6Ly90b3BmaW5hbmNpYWxkZWJ0cmVsaWVmLmNvbS90MDExMTIzLz9vaWQ9NjQmYT0yMDIwJnI9OTI5MDI2NmFhMzc2NDE2ZWEyYjAzYTQwYzg4NGU3NmImYyZzMSZzMiZzMyZzNCZzNT1CUyZkZWJ0X3R5cGUmdXRtX2NhbXBhaWduPXRmZHJfZGFpbHlfam4mdXRtX21lZGl1bT1lbWFpbCZic2Z0X3VpZD1mYzYzYzQxMC0wYzI0LTRlNGEtYmM2Yi1jOGFhM2RhMTA1NzAmYnNmdF90dj00JmJzZnRfYWFpZD00MWU4YWYxMS00NTdmLTRmMWQtODU0Yy05MjM4YmQ5NjU1YjAmYnNmdF9taWQ9ZWIyMTRmZTUtMmJiMC00NTIyLTgyZjYtYzYyMGM3YTY5ZWY5JmJzZnRfY2xraWQ9MGMyNzlmYzktYWI4YS00YjdmLWE1YjUtNjY5N2MwZDg5ZDgyJmJzZnRfZWs9MjAyMy0wMi0wMVQxNiUzQTMwJTNBMzdaJmJzZnRfbWltZV90eXBlPWh0bWwmYnNmdF9laWQ9NWFiY2QxZjUtYWY1OC0zNWQ2LTRmZmItNDFkNWFjOTY4NjFiJnV0bV9jb250ZW50PXRvcGZpbmFuY2lhbF90ZXh0X2ludGVybmFsX3Bob25lJmJzZnRfbHg9MSZ1dG1fc291cmNlPWJsdWVzaGlmdA==; leadid_token-17B1014D-89D8-0A9A-D23F-B85698F480B4-C6386475-8274-7572-C7AC-BB7BA7BD96F6=F31568EB-3F7A-AF96-9D28-989100BB0DF5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Thu, 02 Feb 2023 13:35:48 GMT
etag: "bc7eb80b71e6e875439748d94e26b55c-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GR95EBH5EPVSZ3AV43ZW1AG8
content-length: 20892
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash fc0a113da033de711a980f6acba64744
e17c6edbaba6f006316f713a00a0db159867ba56
b4fff11f926a0c09cc47cd4e4c934b4cf6849a339595e36403bbe0ba47a5b856
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 13:35:48 GMT
Etag: "63db25f6-1d7"
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kw9o3tX_6RiAAKZmqyYUR7hw4djdXrgXFl_nh-wbwBUn6tOhrIqCNA==
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash e67a15439093a65f8e056a940bef11b3
e6b6fb4a7b8fccd69dbc225f655e8d7bebddbe37
5d5cf46203faa434eebe75cc958119689ef88bc1b5d71183945939bacf224c8e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96547
Date: Thu, 02 Feb 2023 13:35:49 GMT
Etag: "63da8b5a-1d7"
Expires: Fri, 03 Feb 2023 16:24:56 GMT
Last-Modified: Wed, 01 Feb 2023 15:55:06 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Tk6cuuWohfgUGH0Bssnd9HOogqb7xORqfzWkZP4pBp7U-r_sjqhJxg==
Age: 1790
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/574664987/?random=1675344973229&cv=11&fst=1675342800000&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=771901232&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/574664987/?random=1675344973229&cv=11&fst=1675342800000&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=771901232&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/574664987/?random=1675344973229&cv=11&fst=1675342800000&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=771901232&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 13:35:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/574664987/?random=1675344973229&cv=11&fst=1675342800000&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=771901232&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/574664987/?random=1675344973229&cv=11&fst=1675342800000&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=771901232&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/574664987/?random=1675344973229&cv=11&fst=1675342800000&bg=ffffff&guid=ON&async=1>m=2oa1u0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Ftopfinancialdebtrelief.com%2Ft011123%2F%3Foid%3D64%26a%3D2020%26r%3D9290266aa376416ea2b03a40c884e76b%26c%3D%26s1%3D%26s2%3D%26s3%3D%26s4%3D%26s5%3DBS%26debt_type%3D%26utm_campaign%3Dtfdr_daily_jn%26utm_medium%3Demail%26bsft_uid%3Dfc63c410-0c24-4e4a-bc6b-c8aa3da10570%26bsft_tv%3D4%26bsft_aaid%3D41e8af11-457f-4f1d-854c-9238bd9655b0%26bsft_mid%3Deb214fe5-2bb0-4522-82f6-c620c7a69ef9%26bsft_clkid%3D0c279fc9-ab8a-4b7f-a5b5-6697c0d89d82%26bsft_ek%3D2023-02-01T16%3A30%3A37Z%26bsft_mime_type%3Dhtml%26bsft_eid%3D5abcd1f5-af58-35d6-4ffb-41d5ac96861b%26utm_content%3Dtopfinancial_text_internal_phone%26bs&tiba=Top%20Financial%20Debt%20Relief&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=771901232&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 13:35:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 13:35:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash bfbcce76c7db17f59362905417c60e76
4122c314b9608caa887198d78aebadf3e592c2f8
030c2951bf68b71390ec630b14a4e71699443a1f8199631a1273c8bba1a71c5e
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 13:35:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 15023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 02 Feb 2023 12:44:30 GMT
Expires: Fri, 03 Feb 2023 12:44:30 GMT
ETag: "4122c314b9608caa887198d78aebadf3e592c2f8"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.routingapi.com/api/v1/numbers/replace_tags
34.230.103.224200 OK 0 B URL HTTP/2 api.routingapi.com/api/v1/numbers/replace_tags
IP 34.230.103.224:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/numbers/replace_tags HTTP/1.1
Host: api.routingapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://topfinancialdebtrelief.com/
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:49 GMT
content-type: text/plain
status: 200 OK
cache-control: no-cache
access-control-allow-origin: https://topfinancialdebtrelief.com
access-control-max-age: 1728000
x-request-id: 1f466e28-d018-413b-8ef5-9f04b9ddcde2
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
x-runtime: 0.001304
x-powered-by: Phusion Passenger Enterprise 6.0.7
server: nginx/1.18.0 + Phusion Passenger 6.0.7
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=17B1014D-89D8-0A9A-D23F-B85698F480B4&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&methods=48&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&uuid=5e13c5decfe4439188a2d730979372b7
52.72.8.210200 OK 495 B URL HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=17B1014D-89D8-0A9A-D23F-B85698F480B4&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&methods=48&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&uuid=5e13c5decfe4439188a2d730979372b7
IP 52.72.8.210:0
Hash 1fcbdfc7ec1f0caf5e5c0ce12ce9e2c3
2ebccf68df4186ba89c5ade10d9621ae90ea3a55
cc7f6a1393c182e6be2963cb7f9e5ce7ee62bc1914dc019100ba4effea64ac8c
GET /2.11.9/SaveDeviceId.js?lac=17B1014D-89D8-0A9A-D23F-B85698F480B4&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&methods=48&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&uuid=5e13c5decfe4439188a2d730979372b7 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:49 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:49 GMT; Max-Age=2592000; path=/
rguserid=95ec8375-1022-41f8-946f-2b5b83e646ff; expires=Sat, 04-Mar-2023 13:35:49 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:49 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:49 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.36.js
54.230.111.60200 OK 38 kB URL HTTP/2 cdn.trustedform.com/trustedform-1.8.36.js
IP 54.230.111.60:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5fe09f9f03d7adcd13cfd9b1391bf385
2db371ee5436ee2cb2261f93d0feb4a47a0e8ab4
2ba1b6a70e27ea7806970c898fd25951c5f559b7a034d724f47a47b5d4ce4641
GET /trustedform-1.8.36.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 01 Feb 2023 18:49:02 GMT
x-amz-version-id: Mqcqqrzy.RXbhnQRoVqKGkM3Wpast1N1
server: AmazonS3
content-encoding: gzip
date: Thu, 02 Feb 2023 13:35:49 GMT
etag: W/"d8fb6b4461e9e25761ede952f2943811"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B_CC-gY_77mgg9FSgkr4x-0QKbuUqWnhTUsalgwBfQQpJXoD1k8_NA==
age: 25
X-Firefox-Spdy: h2
api.trustedform.com/certs/dba350619e09d70631f11f69a5e47b89d7fa7fb6/fingerprints
3.92.140.101204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/dba350619e09d70631f11f69a5e47b89d7fa7fb6/fingerprints
IP 3.92.140.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/dba350619e09d70631f11f69a5e47b89d7fa7fb6/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 606
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 13:35:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=6&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060535
52.72.8.210200 OK 20 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060535
IP 52.72.8.210:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /2.11.9/Snap?msn=6&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060535 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 32843
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:50 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguserid=f56b149e-74cc-4b1d-b54d-62a11788e143; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap
IP 142.250.74.74:0
GET /css2?family=Nunito:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 13:35:46 GMT
date: Thu, 02 Feb 2023 13:35:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Material+Icons
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Material+Icons
IP 142.250.74.74:0
GET /css?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 13:35:46 GMT
date: Thu, 02 Feb 2023 13:35:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=5&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060534
52.72.8.210200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=5&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060534
IP 52.72.8.210:0
POST /2.11.9/Snap?msn=5&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060534 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 173160
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:50 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguserid=9992bcb9-2188-4a18-8def-4e7fbede8c90; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:100,300,400,500,700,900&display=swap
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Nunito:100,300,400,500,700,900&display=swap
IP 142.250.74.74:0
GET /css?family=Nunito:100,300,400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 13:35:46 GMT
date: Thu, 02 Feb 2023 13:35:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-574664987
142.250.74.168200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-574664987
IP 142.250.74.168:0
GET /gtag/js?id=AW-574664987 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 02 Feb 2023 13:35:46 GMT
expires: Thu, 02 Feb 2023 13:35:46 GMT
cache-control: private, max-age=900
last-modified: Thu, 02 Feb 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.routingapi.com/api/v1/numbers?&campaign_key=ab3a968456a8514a58d06b5c457f8975
34.230.103.224200 OK 0 B URL HTTP/2 api.routingapi.com/api/v1/numbers?&campaign_key=ab3a968456a8514a58d06b5c457f8975
IP 34.230.103.224:0
POST /api/v1/numbers?&campaign_key=ab3a968456a8514a58d06b5c457f8975 HTTP/1.1
Host: api.routingapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 736
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:49 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://topfinancialdebtrelief.com
vary: Origin
x-xss-protection: 1; mode=block
access-control-max-age: 1728000
x-request-id: 4c843b53-4a88-4dd3-bc91-31f7b402c4fb
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
etag: W/"8fff013bff307c1b9797b7f29657e7bf"
x-frame-options: ALLOWALL
x-runtime: 0.118274
x-content-type-options: nosniff
set-cookie: CallPixels-vid=47ed0f9e895c159250c2c74ed5f88b5e; path=/
x-powered-by: Phusion Passenger Enterprise 6.0.7
server: nginx/1.18.0 + Phusion Passenger 6.0.7
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060533
52.72.8.210200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060533
IP 52.72.8.210:0
POST /2.11.9/InitFormData?msn=4&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060533 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1079
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:50 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguserid=5e6c89d4-8653-4a92-a397-ad0552872434; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.routingapi.com/api/v1/numbers?&campaign_key=ab3a968456a8514a58d06b5c457f8975
34.230.103.224200 OK 0 B URL HTTP/2 api.routingapi.com/api/v1/numbers?&campaign_key=ab3a968456a8514a58d06b5c457f8975
IP 34.230.103.224:0
POST /api/v1/numbers?&campaign_key=ab3a968456a8514a58d06b5c457f8975 HTTP/1.1
Host: api.routingapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1531
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:49 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://topfinancialdebtrelief.com
vary: Origin
x-xss-protection: 1; mode=block
access-control-max-age: 1728000
x-request-id: 58ea19a2-5193-4859-8073-0f4a0ff4d2fe
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
etag: W/"8fff013bff307c1b9797b7f29657e7bf"
x-frame-options: ALLOWALL
x-runtime: 0.041037
x-content-type-options: nosniff
set-cookie: CallPixels-vid=47ed0f9e895c159250c2c74ed5f88b5e; path=/
x-powered-by: Phusion Passenger Enterprise 6.0.7
server: nginx/1.18.0 + Phusion Passenger 6.0.7
X-Firefox-Spdy: h2
trk-consulatu.com/scripts/push/script/q2gownzerv?url=topfinancialdebtrelief.com&alturl=/t011123/
172.64.206.35200 OK 0 B URL HTTP/2 trk-consulatu.com/scripts/push/script/q2gownzerv?url=topfinancialdebtrelief.com&alturl=/t011123/
IP 172.64.206.35:0
GET /scripts/push/script/q2gownzerv?url=topfinancialdebtrelief.com&alturl=/t011123/ HTTP/1.1
Host: trk-consulatu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:47 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
x-content-type-options: nosniff
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; fullscreen 'self'; payment 'none'
cf-cache-status: MISS
last-modified: Thu, 02 Feb 2023 13:35:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsqDq9i%2FIoi3w1NVR%2Fiev7JRVDT%2F0XaDNLGtz9%2FiDG3kq%2FW3YoJcJLIHaj3D1gUFuScYzl7O%2Br5qGxqmywTUKFMKwVKjEf84M2y2I9eh25L%2BUCJrMfgOUdMwS58M4bLgDMEmzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79334fdff8fd743b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
52.5.219.215200 OK 0 B URL HTTP/2 deviceid.trueleadid.com/iframe.html?token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4
IP 52.5.219.215:0
GET /iframe.html?token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=C6386475-8274-7572-C7AC-BB7BA7BD96F6&lac=17B1014D-89D8-0A9A-D23F-B85698F480B4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:49 GMT
content-type: text/html
server: nginx
last-modified: Wed, 07 Dec 2022 21:18:32 GMT
etag: W/"63910328-1049"
expires: Fri, 03 Feb 2023 13:35:49 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
api.connectstreams.com/js/lib/jquery-3.5.1.min.js
169.61.92.18200 OK 0 B URL HTTP/2 api.connectstreams.com/js/lib/jquery-3.5.1.min.js
IP 169.61.92.18:0
GET /js/lib/jquery-3.5.1.min.js HTTP/1.1
Host: api.connectstreams.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=21600
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 30 Apr 2021 13:50:51 GMT
accept-ranges: bytes
etag: "1d73dc7d4e1f203"
vary: Accept-Encoding
date: Thu, 02 Feb 2023 13:35:47 GMT
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16753449732570.911443988108736
54.230.111.60200 OK 0 B URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16753449732570.911443988108736
IP 54.230.111.60:0
GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16753449732570.911443988108736 HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topfinancialdebtrelief.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 02 Feb 2023 13:35:48 GMT
last-modified: Wed, 01 Feb 2023 18:49:01 GMT
x-amz-version-id: q61vihgH0mfP5BBJp41Pws6wJ4DXMrAf
etag: W/"e1c948a46d4c9c8ad3dd8a36caeb2065"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n3bo3zixhkdr7eoQSVsdw1i3z9L4csDAvo-eyoAZ6aMvxQd2QnAZcA==
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/c6386475-8274-7572-c7ac-bb7ba7bd96f6.js?snippet_version=2
172.67.41.229200 OK 0 B URL HTTP/2 create.lidstatic.com/campaign/c6386475-8274-7572-c7ac-bb7ba7bd96f6.js?snippet_version=2
IP 172.67.41.229:0
GET /campaign/c6386475-8274-7572-c7ac-bb7ba7bd96f6.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:47 GMT
content-type: text/javascript
x-amz-id-2: pSGC6J/6u9sn50b0lhepo+aTFczCcxQqu3wlck0erJysAQcE7ehTYLW8wKoZizU6lZX0O2Yhza8=
x-amz-request-id: TZ0VH4RVP2XD3H37
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Nov 2021 15:47:46 GMT
etag: W/"9caa72d700de20a2072f3e3b44ff06e9"
cache-control: max-age=1800
x-amz-version-id: uD2hJvZ2ou0KniRlRZolQSkV8jjNFrdF
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 79334fdf8d93fabc-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
api.routingapi.com/api/v1/numbers/replace_tags
34.230.103.224200 OK 0 B URL HTTP/2 api.routingapi.com/api/v1/numbers/replace_tags
IP 34.230.103.224:0
POST /api/v1/numbers/replace_tags HTTP/1.1
Host: api.routingapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 217
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:49 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://topfinancialdebtrelief.com
vary: Origin
x-xss-protection: 1; mode=block
access-control-max-age: 1728000
x-request-id: c4d48db8-2afe-4745-a709-12c08efde7d3
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
etag: W/"33726ab12c45887efa90fed92ab3810a"
x-frame-options: ALLOWALL
x-runtime: 0.107974
x-content-type-options: nosniff
set-cookie: CallPixels-vid=47ed0f9e895c159250c2c74ed5f88b5e; path=/
x-powered-by: Phusion Passenger Enterprise 6.0.7
server: nginx/1.18.0 + Phusion Passenger 6.0.7
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=7&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060536
52.72.8.210200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=7&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060536
IP 52.72.8.210:0
POST /2.11.9/Snap?msn=7&pid=824407e4-9141-4619-8c0d-65f536167723&token=F31568EB-3F7A-AF96-9D28-989100BB0DF5&_=645060536 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 43864
Origin: https://topfinancialdebtrelief.com
Connection: keep-alive
Referer: https://topfinancialdebtrelief.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 13:35:50 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguserid=e23b0f0a-295a-4db5-8eb8-ab579977bd9e; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 04-Mar-2023 13:35:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2