Report - w1.mssxhb.com/prod/a34e00c5-f59d-4a82-8903-d662ade62d3d/0af2bcd8-eb6d-4026-a6f0-c2703e63be11

Report Overview

Submitted URL
w1.mssxhb.com/prod/a34e00c5-f59d-4a82-8903-d662ade62d3d/0af2bcd8-eb6d-4026-a6f0-c2703e63be11
IP
34.204.222.45
ASN
#14618 AMAZON-AES
Submitted
2022-09-21 15:16:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
c.bing.com	247	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	795 B	204.79.197.200
leads.go-afs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	1.8 kB	104.17.210.37
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	80 kB	34.120.237.76
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	81 kB	104.17.25.14
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	46 kB	142.250.74.163
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	889 B	79 kB	104.18.11.207
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	16 kB	142.250.74.164
goafs.kartra.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	572 B	432 B	104.17.211.37
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	646 B	557 B	216.239.34.36
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	727 B	26 kB	13.107.219.53
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	850 B	576 B	20.75.32.255
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	768 B	2.0 kB	142.250.74.2
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	2.1 kB	142.250.74.3
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	452 B	555 B	20.234.93.27
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	717 B	88 kB	142.250.74.72
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.0 kB	10 kB	142.250.74.3
go-afs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.9 kB	3.2 MB	104.19.191.28
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	142.251.1.156
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	6.0 kB	172.64.156.26
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	142.250.74.174
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	746 B	216.58.211.10
w1.mssxhb.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	411 B	433 B	34.204.222.45
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.88.220.109

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	w1.mssxhb.com/prod/a34e00c5-f59d-4a82-8903-d662ade62d3d/0af2bcd8-eb6d-4026-a6f0-c2703e63be11	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580	22 kB	2023-03-07	2023-03-07
Pretty URL go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580 IP 104.19.191.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:37:24 Times Seen1 Hash b4feacd1b5afdaa8a8b06fec994920a4 f41f0a130e4dbd31215f4a2243bfb2bb3847e1b1 5f399c7dc40af951827bacd97b643aaa834c15e3bf188120eb19d283ed44a4d3 Loading...

	www.googletagmanager.com/gtag/js?id=UA-128791235-2&l=dataLayer&cx=c	109 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-128791235-2&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:37:24 Last Seen2023-03-07 22:37:24 Times Seen1 Hash 60dc6a90fa0afc42a400a90c828b95a6 357602aec0b820381de73c634b45135abed43fce 82e6761c618ec2382ea8703fdc116488e4e77503eec8868e870cdb2b6d6b747e Loading...

	www.googletagmanager.com/gtag/js?id=G-9QVVWF40FE&l=dataLayer&cx=c	212 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-9QVVWF40FE&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:37:24 Last Seen2023-03-07 22:37:24 Times Seen1 Hash 21f0d2942158f2835423fccb50b9f43e 28b170d5a4fe21b80fca9e17c267ae9449ab9443 cd4b94d43c86a67beaf25ab30c1c1855d048f01bdf234dae9b6b3fff5d74c91e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2	1.7 kB	2023-03-07	2023-03-07
Pretty URL www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2 IP 13.107.219.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:28 Last Seen2023-03-07 22:37:24 Times Seen1 Hash 40a12621bf25f4c5633b0760d5c39a7d 89fe4c4c2351c7fcf17cb4035cbd12cd94cdcf2d 747def2c6860a963b4090a760ce76904b7f7b115c10748fc7b9637bd207bd343 Loading...

	go-afs.com/	226 B	2023-03-07	2023-03-07
Pretty URL go-afs.com/ IP 104.19.191.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:37:24 Times Seen1 Hash 9db90a6d55b84e36d4d76747d4b7ee44 552264ababe6b14ba73b978fd862901a73f6a2f8 2acd88f3c6ffb08493def8ddd3f10ceccfd456f5b36e2d90a27879697baed6cc Loading...

	www.googletagmanager.com/gtag/js?id	92 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:37:24 Last Seen2023-03-07 22:37:24 Times Seen1 Hash e9f3c7c478044865c79fc1f8f87e47f3 f2ceb09e2db44978d553e886c9814fcf9bcd8bcd f3b12e7ddd4670bf7c681ea0cfbf423c3663b4d396da90abaddb0fdff4b03cbd Loading...

	go-afs.com/	281 B	2023-03-07	2023-03-10
Pretty URL go-afs.com/ IP 104.19.191.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:28 Last Seen2023-03-10 10:20:51 Times Seen1 Hash 2734adbb42dd407606732c98d9db8e3a 0a3c0241e95bcfd3b6563bf26847d958cbf3ef05 000e50cc5fb2c2148758ea7dbf0d415dd2449a1c997411809b86ed457cd1e77a Loading...

	www.googletagmanager.com/gtag/js?id=AW-444627646&l=dataLayer&cx=c	118 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=AW-444627646&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:37:24 Last Seen2023-03-07 22:37:24 Times Seen1 Hash 5ea961136d011d713a4a0c913e725c6c 07331a899e4717b25493573d49ae5a365541b089 30e66c34b546586f971e945b33fd348f241d95bcba533431480779e5b8eaea57 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-27 00:37:22 Times Seen118764 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:28:40 Last Seen2023-03-17 12:55:48 Times Seen1 Hash cedb242a337140e0dedb365b50a20508 cf2420a336b9405dfc7d236ec57873fe3ef0f726 5a39699f592d82029c73d15d80e407d51367dd5cf2d49172c9ad4aa8176ce67b Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/444627646/?random=1663773361053&cv=9&fst=1663773361053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&auid=2084906378.1663773361&hn=www.google.com&async=1&rfmt=3&fmt=4	2.3 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/444627646/?random=1663773361053&cv=9&fst=1663773361053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&auid=2084906378.1663773361&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:37:24 Last Seen2023-03-07 22:37:24 Times Seen1 Hash 11c182362aee88929223c02a63eaa203 6b118ec934df8a3f941a9bb9b7ebc934c367b1e3 893931ecff549f1c11bb98f1aaac4e3c894279396aaa4a801e05fd8e2d2bbf86 Loading...

	www.clarity.ms/eus2/s/0.6.40/clarity.js	55 kB	2023-03-07	2023-08-11
Pretty URL www.clarity.ms/eus2/s/0.6.40/clarity.js IP 13.107.219.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:19 Last Seen2023-08-11 03:38:39 Times Seen27 Hash c238c096f4ff077be41b8296711e8641 a50be06611656993022a860865c30f85e8ff7832 bbffae0d03e6d48b808856596e595ab718c08bbc4476e7323bfcff4a6f833260 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 00:53:41 Times Seen37106780 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	go-afs.com/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js	3.2 kB	2023-03-07	2024-01-26
Pretty URL go-afs.com/App_Plugins/UmbracoForms/Assets/promise-polyfill/dist/polyfill.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2024-01-26 10:39:37 Times Seen23 Hash fee8ce04d8ed22b80dfe66669eb5c26c d00223ca2e22b8b3b8089cfe47a94190dc47c128 df478bf09bd155ec0b9dbb7c2a84a90b204b2723191506485d75e960c192381e Loading...

	static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194	14 kB	2023-03-07	2024-04-26
Pretty URL static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP 172.64.156.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 05:43:44 Times Seen1638 Hash 19514b1be5ee33b45d32c1fcd4c67ec2 bdeab77b43cafcc638df9d7c26f1aa7f46bf1fd5 fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Loading...

	go-afs.com/	497 B	2023-03-07	2023-03-07
Pretty URL go-afs.com/ IP 104.19.191.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-03-07 22:37:24 Times Seen1 Hash a465ee0b99b48096da66200200a031ef 76aba550f1095d04ddd4abbbbf3335e60045e24c faa98730205164d520271966f698c03f4de76f815c203f66fd7a58ccb53570b5 Loading...

	cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-26 23:45:34 Times Seen54703 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js	11 kB	2023-03-07	2023-10-25
Pretty URL go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js IP 104.19.191.28 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:29:36 Last Seen2023-10-25 18:51:45 Times Seen20 Hash 473c4fa8954f1669162026586df60fc3 c49c539aae5165c1f7a31e10372ef35f0b39739b 621f2b69df9da0134162e2d9214228b2eeca2e72c268cdf2abe8e0a9547eb86d Loading...

HTTP Transactions (83)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 15:13:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -cr1pbnP0SoU4OlY-q2vGCDYIQ5v3E9CpPiC6G_Mjdt1rL6mNpxLtA==
Age: 141

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10967
Expires: Wed, 21 Sep 2022 18:18:44 GMT
Date: Wed, 21 Sep 2022 15:15:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fYwrsWkYlq1sQSOqBEiK0pk_Iic72jt2k7Tr-oqnGawclhZ50vJBPA==
age: 38444
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 15:15:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 15:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 15:50:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2hVIwetYROezWKyCFAwzixsscs4w6vC9nz7eIM2hPN5VdTc7L3I7Ag==
Age: 756

w1.mssxhb.com/prod/a34e00c5-f59d-4a82-8903-d662ade62d3d/0af2bcd8-eb6d-4026-a6f0-c2703e63be11

34.204.222.45

302 Found

176 B

URL HTTP/1.1
w1.mssxhb.com/prod/a34e00c5-f59d-4a82-8903-d662ade62d3d/0af2bcd8-eb6d-4026-a6f0-c2703e63be11
IP
34.204.222.45:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
77fc8471ee370d4146e9133e46e17544
4ca36b2126ee242c13618d19f3e90da5c3e3d0d7
41ad9570fd8add1fcd14f0058a57665e4e14245eb6df6217fa5bba360640b624

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /prod/a34e00c5-f59d-4a82-8903-d662ade62d3d/0af2bcd8-eb6d-4026-a6f0-c2703e63be11 HTTP/1.1
Host: w1.mssxhb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 21 Sep 2022 15:15:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 176
Connection: keep-alive
X-Powered-By: Express
Location: https://leads.go-afs.com?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11
Vary: Accept

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff6d50919e56aed75c47feb45ee2f2ec
98f558a4b2d4f3c271abc93d0b74ece4ad7a59ef
b1b6f0e78b5a1e2092cba6d71d0d5a918066c0486176cef0a19f51e2d5a9962e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 461
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:15:58 GMT
Last-Modified: Wed, 21 Sep 2022 15:08:17 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.88.220.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.220.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MYUyDDn9ITdFgi3mOYnJDQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZM24xONH0TpA9OPwC97pM5AJ+B4=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20709
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:15:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20709
Expires: Wed, 21 Sep 2022 21:01:08 GMT
Date: Wed, 21 Sep 2022 15:15:59 GMT
Connection: keep-alive

static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

172.64.156.26

200 OK

5.6 kB

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP
172.64.156.26:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.6 kB (5649 bytes)
Hash
3b1bcec913632e1834cf639ba811490d
8160d6519de3f1e3e16bd23fcb848a52f4b84243
4b8caac4c94e2cd1846ed719cb86b5455bd13105ce53cb1a19c56811986972ea

HTTP Headers

GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:15:59 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e3c26b8e79b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9227 bytes)
Hash
9556616ca10eb4383b1e15f360fbf6d4
cb328d0f66f4c2779bc64342ef89735636ae5ded
4f945ab342352aea3f4b2242d084d527bb517cf7c6efd0c10a828f0bee9f5d3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0be442b0-65b4-4d6f-bdd3-b9f3847359a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9227
x-amzn-requestid: 26d977d3-f4d2-4218-a8f4-a56c873e6a26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiFzKG2zIAMFoDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323e9ad-0bfac6c453e6ea5a311a28a8;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:12:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: K-lCBW5v2irK9UtfyGeaE7jkaIjQkpEUREIMd2hMXUrlsc6k-p6F1A==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 05:27:48 GMT
age: 35291
etag: "cb328d0f66f4c2779bc64342ef89735636ae5ded"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9201 bytes)
Hash
a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 63161
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10038 bytes)
Hash
dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 62915
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11832 bytes)
Hash
2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:09:43 GMT
age: 61576
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12048 bytes)
Hash
c2db94039cb675cb250519fe57b2b3c9
37222a70df5d9a69073b4b32ebc3a5da60006001
444f4359ac25747e7c5d7e09202f195d407bc94a4933ac7ebbbaf9839bf59aff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06a0b4c5-4223-42cf-b012-2e09b250c8c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12048
x-amzn-requestid: d9bd4ac9-5032-45d5-9689-c5c3347912d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO2wuFz4oAMFZug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3804-6fb7d6a52eecab471f67d9a9;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:08:52 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sfGk3C3HLGDYDSXw1d4R7wPRsGdHNKD31chUVzQ8KYBRnsIL0aOW1g==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:17 GMT
age: 63282
etag: "37222a70df5d9a69073b4b32ebc3a5da60006001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10244 bytes)
Hash
14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 12:08:27 GMT
age: 11252
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a79e3fb6006915f9224684bbf94e54f6
8634c28b2be5a6ee744fa4627853f5fc9a8547f8
500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5997
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Last-Modified: Wed, 21 Sep 2022 13:36:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js

104.17.25.14

200 OK

8.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32033)
Size
8.7 kB (8722 bytes)
Hash
76414c3526ac371cfa2bc8bfb3c12d55
656685d9714d0e3e1ba3f0031e3b573029f9cfbc
0740f3cbd3996283f7a1883aec212ea3d1f611f77e42763ca606e634fd74c19e

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 8722
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-90b5"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6113832
expires: Mon, 11 Sep 2023 15:16:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PytzhsYPqCKMdqS1%2BUMZGA7IHMuqMt1y5%2BzA2iyNqeEXJCHKECbBsOzKoKYjZhEIj%2FY1krtBRFcK%2Bl%2F70ipGNSNa2Rp8%2Bpab40lv3YfxYA23Ty6FkuMlEkzmRz6l3iAJCbMhJ4zy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3c26e4c2cb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

104.17.25.14

200 OK

30 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32077)
Size
30 kB (30360 bytes)
Hash
5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1117514
expires: Mon, 11 Sep 2023 15:16:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttMEyvuOSQyU%2B6cH0JIc8%2Fg1vDJpK%2FEKzz6XFa5DmSkN3EtxWQF7DAGDNH4JeQhtHlcdBayZb0mlrEtXbhPmBiMQv9AIP4GB67V%2FbEBiN4g4cZd5p27NOoWCLeKWxHiuRdI7u0GE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3c26e4c2ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css

104.17.25.14

200 OK

2.2 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (23192)
Size
2.2 kB (2209 bytes)
Hash
d1477fb3750ad4227cfa772eb8f59422
c91fe036833895dd86d86bd32ae665a0a606b57b
fa7d1f55a4e0d4a7c1837b0366a5a020493e2a29f610731f03314cd3fd4e6a3f

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: text/css; charset=utf-8
content-length: 2209
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-5b71"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9050999
expires: Mon, 11 Sep 2023 15:16:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjTaYXvY1J%2BEV5x40%2FMgc2PYwl0sLc5aQDNTyCc9ud0v2K7ju%2Faea8mptFXiqcb9qax9W8TsBrQ8RQQIzqZ921q%2BY5ynak4va9HClplDZU0uNle14EsNIBFg3x6buTrGNbx4lNFv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3c26e4c2fb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

104.17.25.14

200 OK

16 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65371)
Size
16 kB (16149 bytes)
Hash
875b3995d53e3efea3a5ed7361c379b7
f26a84d323fd0360bb187f14060dd63428001ae6
016fe2dcd08d54bdeacf2ad22011d1be4ff4af36b10d09877493b54bd96924ff

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: text/css; charset=utf-8
content-length: 16149
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1d970"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3000994
expires: Mon, 11 Sep 2023 15:16:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLw00%2FAUdQBKY0reMIlZWOykgSnPLlNouN7R99K8Vc%2B5QDURucvw5r2VaMs8x0IPYnxlVqsxpvGXCfot5Y3W%2FXFtsGlzWJpEvf%2FB6BOqcLFcYTInzT1AZWrybdKm2lZvhHmCYV5S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3c26e4c27b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a79e3fb6006915f9224684bbf94e54f6
8634c28b2be5a6ee744fa4627853f5fc9a8547f8
500e68bbfc37e3b9f22201367dad6c84dad258d60d3fd38b52555a413bb5b73e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5997
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Last-Modified: Wed, 21 Sep 2022 13:36:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580

104.19.191.28

200 OK

3.8 kB

URL HTTP/2
go-afs.com/DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (7833), with CRLF, LF line terminators
Size
3.8 kB (3835 bytes)
Hash
e4e7c43ae643c6cc5161a6063e057c4c
19781fce214fa5fbb8b308670dca7e4451c0f69b
3b28d27fb7b73d7c755dd73e221db4148eda13aa5c275e22e67c31124acc2cd5

HTTP Headers

GET /DependencyHandler.axd?s=L3NjcmlwdHMvbmF2aWdhdGlvbk1lbnUuanM7L3NjcmlwdHMvbG9hZEV2ZW50cy5qczsvc2NyaXB0cy9jb250YWN0Rm9ybS5qczsvc2NyaXB0cy9yZXNwb25zaXZlLmpzOw&t=Javascript&cdv=908616580 HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: application/x-javascript
cf-ray: 74e3c26e4f86b50b-OSL
cache-control: public, must-revalidate, proxy-revalidate, max-age=365212, s-maxage=365212
etag: W/"8184d85837fe845d751fe87b91b6590b"
expires: Sun, 25 Sep 2022 20:42:53 GMT
last-modified: Thu, 15 Sep 2022 20:42:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: ARRAffinity=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
ARRAffinitySameSite=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;SameSite=None;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id

142.250.74.72

200 OK

36 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
36 kB (36028 bytes)
Hash
e8515ad6a81a7977f81f00f2528ad881
e31f741cafcaedb0fc434df6229192babffc7925
352737843908b2767ac6b5deae248fa5bc1ec5428079cfff04ca6249a9e15951

HTTP Headers

GET /gtag/js?id HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 15:16:00 GMT
expires: Wed, 21 Sep 2022 15:16:00 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 36028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go-afs.com/media/w0tb3wi3/viewsolutions_button.png

104.19.191.28

200 OK

2.5 kB

URL HTTP/2
go-afs.com/media/w0tb3wi3/viewsolutions_button.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2533 bytes)
Hash
f87b2de9149ba2dfa737b0ddfd969267
03d71c869ee46d9007d8a490f551360db8919b92
e6c0d84008c99d9b66a23874653b076b573c79a727c93ed045a8ed90c8e92c23

HTTP Headers

GET /media/w0tb3wi3/viewsolutions_button.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 2533
cf-ray: 74e3c26e3f6db50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD6470ECF1"
last-modified: Tue, 27 Apr 2021 20:45:28 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH

142.250.74.72

200 OK

50 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3649)
Size
50 kB (50361 bytes)
Hash
4295161d5faf191044561d2b506f9175
407610aaf90099f3adb6b358c0e4827a95b6ca0f
85331be766039e98ea1593e7125d494910d93e077a36ada2da9516de7b59b766

HTTP Headers

GET /gtm.js?id=GTM-PX5QPGH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 15:16:00 GMT
expires: Wed, 21 Sep 2022 15:16:00 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c8ac2005f83e8a3a9da1a9837b6c2ff3
7c05f49683e49232c1e11b91253e684d2f96ab83
b0b42743b4c7e4b528fd78aadc5429ef34c2e127f3d5147330d428a47203dc0a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/yqylx5zc/afs-logo.png

104.19.191.28

200 OK

14 kB

URL HTTP/2
go-afs.com/media/yqylx5zc/afs-logo.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1127 x 269, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14086 bytes)
Hash
fcda80c0d6981e329a3f8ef62ea34b59
f2aec2e00b02579f92e2d4dbb027fab333fe5863
2d99db72788c6e470b5b55c7043add272660fbb8e9a2dc9a897c48604a36fc36

HTTP Headers

GET /media/yqylx5zc/afs-logo.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 14086
cf-ray: 74e3c26e3f68b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E440BCD0C5"
last-modified: Wed, 21 Apr 2021 16:41:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
35343b6981ed4c9eb2cd90bc8c2146cd
4e49432e50195a2bc528fb1745a2899306c79db8
cf55f53534e3e8b62513618cda90832a7b9bcd0d15b1a8f6bb51db6eb60daefd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/eqtlfkfq/learnmore_button.png

104.19.191.28

200 OK

1.9 kB

URL HTTP/2
go-afs.com/media/eqtlfkfq/learnmore_button.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1908 bytes)
Hash
57db6b0adf9eb65bb3d072d057cfd650
9d84b2da4e4882695733144ecb21530d2b34426e
67af8bc7ebb72efd06a3b561d3e7e6f1eb4ee58e273f362e1eaced1205781445

HTTP Headers

GET /media/eqtlfkfq/learnmore_button.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 1908
cf-ray: 74e3c26e3f6eb50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD641219DA"
last-modified: Tue, 27 Apr 2021 20:45:28 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/tcklmknd/home-prod-apexnow.jpg

104.19.191.28

200 OK

30 kB

URL HTTP/2
go-afs.com/media/tcklmknd/home-prod-apexnow.jpg
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, progressive, precision 8, 350x350, components 3\012- data
Size
30 kB (30166 bytes)
Hash
35ead69e610fa8d9a962fd32a880928d
9dfe5b161b5479837a570556b04fc32487193c0a
44685552aeffe93f55b3037665f67cc65efde710c10880b99c9293868eaafba4

HTTP Headers

GET /media/tcklmknd/home-prod-apexnow.jpg HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/jpeg
content-length: 30166
cf-ray: 74e3c26e4f79b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D9D784F6F572D9"
last-modified: Fri, 14 Jan 2022 17:40:32 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/kbebcvpt/home-prod-mobilesolutions.png

104.19.191.28

200 OK

130 kB

URL HTTP/2
go-afs.com/media/kbebcvpt/home-prod-mobilesolutions.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
130 kB (130156 bytes)
Hash
fe0cc8a6d85c20197f36856ac025fcb2
823541b158488c9ace9ee6a479c15b87e9a35236
5dadd940bf5d9b45a0cf5036febf4ea1bf315de4507084d1cb49e6386967f1bf

HTTP Headers

GET /media/kbebcvpt/home-prod-mobilesolutions.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 130156
cf-ray: 74e3c26e4f80b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FBD35D4"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/ffblbefg/home-prod-apexgateway.png

104.19.191.28

200 OK

100 kB

URL HTTP/2
go-afs.com/media/ffblbefg/home-prod-apexgateway.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
100 kB (99639 bytes)
Hash
83e8ddd96fd70e5fef41346a2a35569a
a1ee75bc9dba6a2dccf08ed301521d91df054e75
6a857edee11cdf36d8233b8a8935593e322448dc96a43741f56f5a1841572bd9

HTTP Headers

GET /media/ffblbefg/home-prod-apexgateway.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 99639
cf-ray: 74e3c26e3f73b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FF258B4"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/ofvj21qx/home-prod-apexconnect.png

104.19.191.28

200 OK

145 kB

URL HTTP/2
go-afs.com/media/ofvj21qx/home-prod-apexconnect.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
145 kB (144628 bytes)
Hash
1163048b05db50b653140383f2a3a772
8d086b85d565ae0aea442edea57a9d0556b67e07
56fdaa32970710019cfb009c29c5680207efb3b893eff6529e58c5450a64a5b0

HTTP Headers

GET /media/ofvj21qx/home-prod-apexconnect.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 144628
cf-ray: 74e3c26e3f6fb50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43FD507A7"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

go-afs.com/media/4qzg0o0p/home-prod-cashdiscount.png

104.19.191.28

200 OK

215 kB

URL HTTP/2
go-afs.com/media/4qzg0o0p/home-prod-cashdiscount.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
215 kB (215396 bytes)
Hash
56256e8185c8a3c45079a9abe073ebe8
7d821f409a1b35a9036c028481cfbc43f54e4a20
d756ca504170af170f651d0e75f3bda483bdd8b7c2a227dca665e67f88e84b69

HTTP Headers

GET /media/4qzg0o0p/home-prod-cashdiscount.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 215396
cf-ray: 74e3c26e4f82b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E43F44E399"
last-modified: Wed, 21 Apr 2021 16:41:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2

104.17.25.14

200 OK

18 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /ajax/libs/twitter-bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 18028
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb04010-466c"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 157084
expires: Mon, 11 Sep 2023 15:16:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FX2NMpZ3Xswi%2FbC9eYiJXEiqEbtVqsT%2BgY1AeA%2Fk5YaP2bC%2FMfMWJmFEFLqt7w8aASZzwFErmV7e4uDHRMrbdYwgfuzrYi83gMPRdMNaQlOSV7R6RdYZeeUIPByn%2BOE2o3qZsKcu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e3c26fc8ae0af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

go-afs.com/media/z1kijiho/home-prod-pos.png

104.19.191.28

200 OK

180 kB

URL HTTP/2
go-afs.com/media/z1kijiho/home-prod-pos.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 350 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
180 kB (179530 bytes)
Hash
b5de5f81a83027c5f138d20a59334013
afae40d722d46afa59decc0175b8881227dc4387
b0580b7d38d646776cd31abb1c4b57dee757aff6341dad39e879e4b765155f80

HTTP Headers

GET /media/z1kijiho/home-prod-pos.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 179530
cf-ray: 74e3c26e4f85b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D904E4400BD891"
last-modified: Wed, 21 Apr 2021 16:41:02 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.11.207

200 OK

77 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 7f5c392a7b253c417f383a1f1637cee1
cdn-cache: HIT
cf-cache-status: HIT
age: 18322
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74e3c26ffe22fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 110699
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go-afs.com/media/sjikc3vs/greenbutton.png

104.19.191.28

200 OK

438 B

URL HTTP/2
go-afs.com/media/sjikc3vs/greenbutton.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 228 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
438 B (438 bytes)
Hash
bcb27513092300d14cab6e5f0b130d5c
8b9fe7bee3778564449dae849543d78a9e424723
bf9014283dce47aab3a32df8c60558c48e898c8f2f07dc3968d702505deffff6

HTTP Headers

GET /media/sjikc3vs/greenbutton.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 438
cf-ray: 74e3c26f88f8b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D909BD6379B579"
last-modified: Tue, 27 Apr 2021 20:45:27 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5149084af9bb01e5471e0be93a009ab0
1aaae44973461346130015cba0c36e9d1b5b77f2
db8a390c5bb50072d57429a45c470496139deb98e04b175f45600e5e4b2ac884

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

go-afs.com/media/qyonp1px/afswelcome_hero.png

104.19.191.28

200 OK

2.4 MB

URL HTTP/2
go-afs.com/media/qyonp1px/afswelcome_hero.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1918 x 957, 8-bit/color RGBA, non-interlaced\012- data
Size
2.4 MB (2381079 bytes)
Hash
1566baa63d14e1e12caf5c524a92af40
df8a320fc19be2acdcc3d75af183a1374010e885
84df20c5a880d21b5247e56936d93178fc6239275b75afddaadedc0ac6f1520b

HTTP Headers

GET /media/qyonp1px/afswelcome_hero.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: image/png
content-length: 2381079
cf-ray: 74e3c26f88f7b50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D960D005CCF6D8"
last-modified: Mon, 16 Aug 2021 16:08:01 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 21 Sep 2022 14:41:12 GMT
expires: Wed, 21 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 2089
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
41630fb2c7ef9e435a8762b0943e0980
04b6c8bfe97bc5408e1450b5921331c6ae6de682
e9e83895eef14a5a26e91c9574fc9f60eb2f47959406eabe87b4618412519476

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1654)
Size
16 kB (15693 bytes)
Hash
890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 21 Sep 2022 15:16:01 GMT
expires: Wed, 21 Sep 2022 15:16:01 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j97&a=1472255744&t=pageview&_s=1&dl=https%3A%2F%2Fgo-afs.com%2F&ul=en-us&de=UTF-8&dt=AFS%20Agile%20Financial%20Systems%20Home&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAAC~&jid=1665479486&gjid=106545893&cid=479855901.1663773361&tid=UA-128791235-2&_gid=911407151.1663773361&_r=1&gtm=2wg9j0PX5QPGH&z=2019103601

142.250.74.174

200 OK

2 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j97&a=1472255744&t=pageview&_s=1&dl=https%3A%2F%2Fgo-afs.com%2F&ul=en-us&de=UTF-8&dt=AFS%20Agile%20Financial%20Systems%20Home&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAAC~&jid=1665479486&gjid=106545893&cid=479855901.1663773361&tid=UA-128791235-2&_gid=911407151.1663773361&_r=1&gtm=2wg9j0PX5QPGH&z=2019103601
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

HTTP Headers

POST /j/collect?v=1&_v=j97&a=1472255744&t=pageview&_s=1&dl=https%3A%2F%2Fgo-afs.com%2F&ul=en-us&de=UTF-8&dt=AFS%20Agile%20Financial%20Systems%20Home&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAAC~&jid=1665479486&gjid=106545893&cid=479855901.1663773361&tid=UA-128791235-2&_gid=911407151.1663773361&_r=1&gtm=2wg9j0PX5QPGH&z=2019103601 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://go-afs.com
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

go-afs.com/media/2dpb1oqo/favicon.png

104.19.191.28

200 OK

687 B

URL HTTP/2
go-afs.com/media/2dpb1oqo/favicon.png
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 25 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
687 B (687 bytes)
Hash
383c2ee8e0aabc3c65afc4cd2dcd2bed
2e4060252e611c1c1214be7c556e84f7cfd0cab0
adaf7d160c4cc7e300f5b7d4f623ed1839b3d8d1baf4b674f36fc98a62947585

HTTP Headers

GET /media/2dpb1oqo/favicon.png HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1; _gcl_au=1.1.2084906378.1663773361; _ga_9QVVWF40FE=GS1.1.1663773360.1.0.1663773360.0.0.0; _ga=GA1.1.479855901.1663773361
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:01 GMT
content-type: image/png
content-length: 687
cf-ray: 74e3c2729d5cb50b-OSL
accept-ranges: bytes
cache-control: public, must-revalidate, max-age=604800
etag: "0x8D91F0FA11DF441"
last-modified: Mon, 24 May 2021 23:57:03 GMT
vary: Accept-Encoding
cf-cache-status: MISS
accept-range: bytes
server: cloudflare
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1b33d59cf038a3fe7273f78fda2cce3a
0b367731ef6df8e1f6c1b8774198daa9959d7cf5
b02b1756112479f92786994de8e884986b0a7eb3d5885300bfd8a64f597f7cc4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
77f9b5e468180a8976a641e40dceedbf
9873db160721dc9f41d3ff2d711db700d6f5d4d7
cae6929c00ed37fc097432c9ac1d6800244479d3877b17662c67bafeeff23aba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/444627646/?random=1663773361053&cv=9&fst=1663773361053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&auid=2084906378.1663773361&hn=www.google.com&async=1&rfmt=3&fmt=4

142.250.74.2

200 OK

1.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/444627646/?random=1663773361053&cv=9&fst=1663773361053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&auid=2084906378.1663773361&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
142.250.74.2:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2266), with no line terminators
Size
1.0 kB (1044 bytes)
Hash
64d9c17b6489ab41110776e42e037836
b71e271cd0fa1df510505acfb8f911ad9250a981
11b63b42cca1b700e67e6ce8e2255c4f73f5985105117fe03c408698f32f9823

HTTP Headers

GET /pagead/viewthroughconversion/444627646/?random=1663773361053&cv=9&fst=1663773361053&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&auid=2084906378.1663773361&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1044
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Sep-2022 15:31:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1145244563&gjid=1519426487&_gid=911407151.1663773361&_u=YADAAUABAAAAAC~&z=2037183501

142.251.1.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1145244563&gjid=1519426487&_gid=911407151.1663773361&_u=YADAAUABAAAAAC~&z=2037183501
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1145244563&gjid=1519426487&_gid=911407151.1663773361&_u=YADAAUABAAAAAC~&z=2037183501 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://go-afs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1665479486&gjid=106545893&_gid=911407151.1663773361&_u=YADAAEAAAAAAAC~&z=30127233

142.251.1.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1665479486&gjid=106545893&_gid=911407151.1663773361&_u=YADAAEAAAAAAAC~&z=30127233
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1665479486&gjid=106545893&_gid=911407151.1663773361&_u=YADAAEAAAAAAAC~&z=30127233 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://go-afs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ef019ce781ddbb79938868e1bf969be
27db5803c535a597bb29c96fc111255b14f4219d
60ade2388afdea80bb7c88016be34c92f7005c21dda6fe6ad07d4dba060744d2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1145244563&_u=YADAAUABAAAAAC~&z=840725003

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1145244563&_u=YADAAUABAAAAAC~&z=840725003
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1145244563&_u=YADAAUABAAAAAC~&z=840725003 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/444627646/?random=1663773361053&cv=9&fst=1663772400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=1457898962&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/444627646/?random=1663773361053&cv=9&fst=1663772400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=1457898962&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/444627646/?random=1663773361053&cv=9&fst=1663772400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgo-afs.com%2F&tiba=AFS%20Agile%20Financial%20Systems%20Home&async=1&fmt=3&is_vtc=1&random=1457898962&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f675396b1827a50c78e358358f256144
451b788273e06a08f762735c23c13028e32a3f3c
6bd9e2ec423bf8f0f681a92f4ad0b28cdb53f5df6ca4b571c9697b678c20c126

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1665479486&_u=YADAAEAAAAAAAC~&z=131036850

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1665479486&_u=YADAAEAAAAAAAC~&z=131036850
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-128791235-2&cid=479855901.1663773361&jid=1665479486&_u=YADAAEAAAAAAAC~&z=131036850 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE&gtm=2oe9j0&_p=1472255744&cid=479855901.1663773361&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663773360&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE&gtm=2oe9j0&_p=1472255744&cid=479855901.1663773361&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663773360&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-9QVVWF40FE&gtm=2oe9j0&_p=1472255744&cid=479855901.1663773361&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663773360&sct=1&seg=0&dl=https%3A%2F%2Fgo-afs.com%2F&dt=AFS%20Agile%20Financial%20Systems%20Home&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://go-afs.com
date: Wed, 21 Sep 2022 15:16:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c7b623b7bcd37d436886346d495f9577
eb5688f0df28fa33b202e78d916e35387178636d
74037773d23c4426c3717e239e9dc228904f9cc8b8f084c655e26dcd9e345a96

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 15:16:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2

13.107.219.53

200 OK

1.7 kB

URL HTTP/2
www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2
IP
13.107.219.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1749), with no line terminators
Size
1.7 kB (1749 bytes)
Hash
40a12621bf25f4c5633b0760d5c39a7d
89fe4c4c2351c7fcf17cb4035cbd12cd94cdcf2d
747def2c6860a963b4090a760ce76904b7f7b115c10748fc7b9637bd207bd343

HTTP Headers

GET /tag/9jl1qyl5kp?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1749
content-type: application/x-javascript
expires: -1
set-cookie: CLID=b6ca617995704844bfb4787d0e1269d2.20220921.20230921; expires=Thu, 21 Sep 2023 15:16:03 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0sSorYwAAAACA00heZUpVQahuXOjzTZ81T1NMMjMxMDUwMjA1MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 21 Sep 2022 15:16:03 GMT
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.40/clarity.js

13.107.219.53

200 OK

23 kB

URL HTTP/2
www.clarity.ms/eus2/s/0.6.40/clarity.js
IP
13.107.219.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (54745)
Size
23 kB (23442 bytes)
Hash
6a87d835543a151541da0ae963173dd7
80bac2abc74d2fa93a63ff82514fd64ee8caf9a0
c806647a143cb92f41ed1e60c6be245cd4e78b447c90adbed881ca54ecfa7337

HTTP Headers

GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8c7baa5622330"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0syorYwAAAADj/lTciKGbTJA9ucfsM4MET1NMMjMxMDUwMjA1MDIzADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Wed, 21 Sep 2022 15:16:03 GMT
X-Firefox-Spdy: h2

c.bing.com/c.gif?CtsSyncId=667AA991D9B4427582722558F3BC2281&RedC=c.clarity.ms&MXFR=1C08B74898416B2413C1A56E9C416589

204.79.197.200

302 Found

0 B

URL HTTP/2
c.bing.com/c.gif?CtsSyncId=667AA991D9B4427582722558F3BC2281&RedC=c.clarity.ms&MXFR=1C08B74898416B2413C1A56E9C416589
IP
204.79.197.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif?CtsSyncId=667AA991D9B4427582722558F3BC2281&RedC=c.clarity.ms&MXFR=1C08B74898416B2413C1A56E9C416589 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=667AA991D9B4427582722558F3BC2281&MUID=2A3496C4AF876A712EE684E2AE726BBF
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=2A3496C4AF876A712EE684E2AE726BBF; domain=c.bing.com; expires=Mon, 16-Oct-2023 15:16:04 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5D685EF8141437CA20D3AD880F40BF6 Ref B: OSL30EDGE0216 Ref C: 2022-09-21T15:16:04Z
date: Wed, 21 Sep 2022 15:16:04 GMT
content-length: 0
X-Firefox-Spdy: h2

c.clarity.ms/c.gif?CtsSyncId=667AA991D9B4427582722558F3BC2281&MUID=2A3496C4AF876A712EE684E2AE726BBF

20.234.93.27

200 OK

42 B

URL HTTP/2
c.clarity.ms/c.gif?CtsSyncId=667AA991D9B4427582722558F3BC2281&MUID=2A3496C4AF876A712EE684E2AE726BBF
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

HTTP Headers

GET /c.gif?CtsSyncId=667AA991D9B4427582722558F3BC2281&MUID=2A3496C4AF876A712EE684E2AE726BBF HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 21-Sep-2022 15:26:04 GMT; path=/; SameSite=None; Secure;
date: Wed, 21 Sep 2022 15:16:03 GMT
content-length: 42
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 919
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 15:16:03 GMT
X-Firefox-Spdy: h2

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 38928
Origin: https://go-afs.com
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://go-afs.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 15:16:04 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9574 bytes)
Hash
eff7103898a5102e685ce6741cdf19f8
3371965b4417ee0b74a3a5094adfc1632d4849b1
c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 63302
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

leads.go-afs.com/cdn-cgi/rum?

104.17.210.37

200 OK

0 B

URL HTTP/2
leads.go-afs.com/cdn-cgi/rum?
IP
104.17.210.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 330
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11&r_done=1
Cookie: kartra_visited=06a6f0b006d6afb18873c21f541ac7fb9516dff2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: text/plain
access-control-allow-origin: https://leads.go-afs.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 74e3c26def9bb4fd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

leads.go-afs.com/front/domain_validation?step=1&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11

104.17.210.37

307 Temporary Redirect

0 B

URL HTTP/2
leads.go-afs.com/front/domain_validation?step=1&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11
IP
104.17.210.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /front/domain_validation?step=1&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11 HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 307 Temporary Redirect
date: Wed, 21 Sep 2022 15:15:59 GMT
content-type: text/html; charset=UTF-8
location: https://goafs.kartra.com/front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
set-cookie: kartra_visited=06a6f0b006d6afb18873c21f541ac7fb9516dff2; expires=Thu, 21-Sep-2023 15:15:59 GMT; Max-Age=31536000; path=/; domain=leads.go-afs.com; secure; HttpOnly; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e3c2658c1fb4fd-OSL
X-Firefox-Spdy: h2

leads.go-afs.com/?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11&r_done=1

104.17.210.37

200 OK

0 B

URL HTTP/2
leads.go-afs.com/?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11&r_done=1
IP
104.17.210.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11&r_done=1 HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: kartra_visited=06a6f0b006d6afb18873c21f541ac7fb9516dff2
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:15:59 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e3c269fa2cb4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

go-afs.com/

104.19.191.28

200 OK

0 B

URL HTTP/2
go-afs.com/
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: text/html; charset=utf-8
cf-ray: 74e3c26c5cf0b50b-OSL
cache-control: private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; path=/; HttpOnly; SameSite=Lax
__RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1; path=/; HttpOnly
ARRAffinity=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
ARRAffinitySameSite=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;SameSite=None;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
x-frame-options: SAMEORIGIN
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

go-afs.com/DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580

104.19.191.28

200 OK

0 B

URL HTTP/2
go-afs.com/DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /DependencyHandler.axd?s=L2Nzcy9BcnRpY2xlLUxpc3QuY3NzOy9jc3MvRm9vdGVyLUJhc2ljLmNzczsvY3NzL05hdmlnYXRpb24tQ2xlYW4xLmNzczsvY3NzL05ld3MtQ2FyZHMuY3NzOy9jc3MvU3R5bGVzRHJvcGRvd24uY3NzOy9jc3Mvc3R5bGVzLmNzczsvY3NzL3RpbGVzLWNhcm91c2VsLmNzczsvY3NzL0Nhcm91c2VsLUhlcm8uY3NzOy9jc3MvQWJvdXRVcy5jc3M7L2Nzcy9OZXdzQmxvZy5jc3M7L2Nzcy9DYXJlZXJzLmNzczsvY3NzL1BheW1lbnRTb2x1dGlvbnMuY3NzOy9jc3MvTGFuZGluZy1QYWdlcy5jc3M7L2Nzcy92aWRlb01vZGFsLmNzczs&t=Css&cdv=908616580 HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: text/css
cf-ray: 74e3c26e3f56b50b-OSL
cache-control: public, must-revalidate, proxy-revalidate, max-age=365212, s-maxage=365212
etag: W/"4bd459398052b0208c952e4051514dbd"
expires: Sun, 25 Sep 2022 20:42:53 GMT
last-modified: Thu, 15 Sep 2022 20:42:53 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
set-cookie: ARRAffinity=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
ARRAffinitySameSite=b1ef89074c71e161dc4fc9e1fb894062be585b15fd3db58dcfd3dfb656c73999;Path=/;HttpOnly;SameSite=None;Secure;Domain=a99cf50f-9e0d-4f64-b469-18205ba19ad9.azurewebsites.net
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

goafs.kartra.com/front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11

104.17.211.37

307 Temporary Redirect

0 B

URL HTTP/2
goafs.kartra.com/front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11
IP
104.17.211.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /front/domain_validation?step=2&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11 HTTP/1.1
Host: goafs.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 307 Temporary Redirect
date: Wed, 21 Sep 2022 15:15:59 GMT
content-type: text/html; charset=UTF-8
location: https://leads.go-afs.com/?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11&r_done=1
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e3c266be490b31-OSL
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,700

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 15:16:00 GMT
date: Wed, 21 Sep 2022 15:16:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

leads.go-afs.com/?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11

104.17.210.37

302 Found

0 B

URL HTTP/2
leads.go-afs.com/?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11
IP
104.17.210.37:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?msID=0af2bcd8-eb6d-4026-a6f0-c2703e63be11 HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 21 Sep 2022 15:15:58 GMT
content-type: text/html; charset=UTF-8
location: https://leads.go-afs.com/front/domain_validation?step=1&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2F%3FmsID%3D0af2bcd8-eb6d-4026-a6f0-c2703e63be11
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e3c2626f45b4fd-OSL
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 13084167
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74e3c26e7c28b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js

104.19.191.28

200 OK

0 B

URL HTTP/2
go-afs.com/App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js
IP
104.19.191.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /App_Plugins/UmbracoForms/Assets/aspnet-validation/dist/aspnet-validation.min.js HTTP/1.1
Host: go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go-afs.com/
Cookie: ASP.NET_SessionId=p2j4s0hlbcww3loit03bs1tn; __RequestVerificationToken=6cV7WJU5RtWHMTY2lo5uUEH9iVXGesjfEK3N9xu6_gTD7Bkbw1UghUdONkgPg8aD4YDjCPeOFIlTF1ZPv45qFTtRo5J-SATcAZPWcP1pJrM1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Sep 2022 15:16:00 GMT
content-type: application/x-javascript
cf-ray: 74e3c26e3f5cb50b-OSL
etag: W/"86755d19bcbd71:0"
last-modified: Wed, 27 Oct 2021 08:17:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations