firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 02:08:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: remiOVrVlPRHec_DpqzvIFzXY42_YL96ntosvd-jGjQ_q0XERwL6lA==
Age: 2006
clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
149.28.224.6301 Moved Permanently 162 B URL HTTP/1.1 clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
IP 149.28.224.6:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912& HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 13 Sep 2022 02:42:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19180
Expires: Tue, 13 Sep 2022 08:01:40 GMT
Date: Tue, 13 Sep 2022 02:42:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WCzKkOHnj3W7ABe6o-tj7jg7V6EteUavWMFBs9Adblq4o0hejHw5WQ==
age: 69888
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 02:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 02:40:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rWka4CBlSVeujvYzQNHpldu7Bb6LqBJE_KgnP8dvWNck2kSpne6sxA==
Age: 2319
clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
149.28.224.6200 OK 13 kB URL HTTP/2 clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
IP 149.28.224.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3197), with CRLF line terminators
Hash afb07fa7694b99ccdda83b241c008749
f9c63b92d9e6faf26bee87579f287983caaacb58
a798096afab705706095e98b9f3738399a2e590d6c547d2da8e39987869322db
GET /lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912& HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/html; charset=UTF-8
content-length: 12843
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v; path=/
permissions-policy: vr=(); xr-spatial-tracking=('none');
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Last-Modified: Tue, 13 Sep 2022 01:46:53 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=G-Y04TL8NEE0
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-Y04TL8NEE0
IP 142.250.74.72:0
File type ASCII text, with very long lines (17807)
Hash a3ea33b4340a8a370b78e2e4a9d0b314
9f606fca3e036a3bd3f29b1c5a8b69cc4f84f719
f19366097ef02c8d74e5cd1e2b8425f65c27207d8a8d29854c82de843b14429a
GET /gtag/js?id=G-Y04TL8NEE0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 02:42:01 GMT
expires: Tue, 13 Sep 2022 02:42:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75222
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-126759577-4
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-126759577-4
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash e7235e10a573f1a7ac9bacd8d65d3d2c
63aac3a35e58151faf0fa0ab9ac60d5172f7c712
e2dc4e8743d7dcba4ab205f52a66567490432afcb6ad148e576ad3ebbd07d929
GET /gtag/js?id=UA-126759577-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 02:42:01 GMT
expires: Tue, 13 Sep 2022 02:42:01 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41973
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ec7a5bb8e310f5c9c992cf85832d5445
e32b8e200a79da9008985e8e6c272f35b02581c5
6391e4c68631e272509ade559b8f568b03dd88be1956906332ae584f9faee00a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clickintowealth.com/lp/fff/vid_files/lander.css
149.28.224.6200 OK 114 kB URL HTTP/2 clickintowealth.com/lp/fff/vid_files/lander.css
IP 149.28.224.6:0
Size 114 kB (114313 bytes)
Hash e533be7ffcdb85efdb04e3655ce6488a
aae6485c1e78b813633ae2dbe383c3430db90d5c
091eb79f57cfb9c206f585e87a14325583e49dcc45c1e860d160c0ed8b1b9230
GET /lp/fff/vid_files/lander.css HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/css
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-6a4a2"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clickintowealth.com/lp/fff/vid_files/closemodal.webp
149.28.224.6200 OK 672 B URL HTTP/2 clickintowealth.com/lp/fff/vid_files/closemodal.webp
IP 149.28.224.6:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 19754ed4d508cf576c80cf36e0db8c50
f459beac714e5be68aa75349fa806a5642af456a
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
Analyzer Verdict Alert fortinet Phishing
GET /lp/fff/vid_files/closemodal.webp HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: image/webp
content-length: 672
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
etag: "60730591-2a0"
cache-control: public, max-age=648000
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clickintowealth.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 457673
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clickintowealth.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 457673
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XdggueTkntWKKwNHh+cXig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4P/qrrlnWe01GpRO+AhNN2OHHvM=
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clickintowealth.com
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 01:19:34 GMT
expires: Sun, 10 Sep 2023 01:19:34 GMT
cache-control: public, max-age=31536000
age: 264147
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clickintowealth.com/lp/fff/vid_files/10dollarsqueeze-k.png
149.28.224.6200 OK 408 kB URL HTTP/2 clickintowealth.com/lp/fff/vid_files/10dollarsqueeze-k.png
IP 149.28.224.6:0
File type PNG image data, 998 x 404, 8-bit/color RGBA, non-interlaced\012- data
Size 408 kB (408139 bytes)
Hash 2467afb1409fdf64c24837aa998199ad
910cef40e90d232ed5dd9c6e7fab3ae333987acc
a79c994ae8bff22635755684421b7bf7375deb8ef80d89d78373995381dfc3a1
GET /lp/fff/vid_files/10dollarsqueeze-k.png HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: image/png
content-length: 408139
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
etag: "60730591-63a4b"
cache-control: public, max-age=648000
accept-ranges: bytes
X-Firefox-Spdy: h2
clickintowealth.com/lp/fff/vid_files/email.png
149.28.224.6200 OK 1.9 kB URL HTTP/2 clickintowealth.com/lp/fff/vid_files/email.png
IP 149.28.224.6:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 695fd6ba1d1560afd7f7ca44f64f2c43
9e2a6448963d4b3a82e232d7601cce94f403dfbd
a6322e438f340951e51d083d0ceffa99864e4c3823c079d70229a6d6ede82b99
GET /lp/fff/vid_files/email.png HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid_files/lander.css
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v; _ga_Y04TL8NEE0=GS1.1.1663036909.1.0.1663036909.0.0.0; _ga=GA1.1.563067236.1663036909
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: image/png
content-length: 1871
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
etag: "60730591-74f"
cache-control: public, max-age=648000
accept-ranges: bytes
X-Firefox-Spdy: h2
player.vimeo.com/video/663719624?h=e9734ca969&autoplay=1&muted=1
162.159.128.61200 OK 5.0 kB URL HTTP/1.1 player.vimeo.com/video/663719624?h=e9734ca969&autoplay=1&muted=1
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (14660)
Hash 5875911c492c04a23eb8567eeb066238
bafba34fd1be5bee5c209b7a55a50491cad75d97
d47ce4aadcaaeb2cd10d69b06eeca9f709d47920abc04f207e4192bf9a4a011b
GET /video/663719624?h=e9734ca969&autoplay=1&muted=1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 02:42:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 15 Dec 1985 19:30:00 GMT
x-host: player-54c6bcb9bc-4wrsn
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-5
x-backend-proxy: playproxy6
x-bapp-server: player-54c6bcb9bc-4wrsn
Age: 0
X-Served-By: cache-cph2320051-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1663036922.639695,VS0,VE226
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=LpGP7jcmwvGCkJnm4IN53cTvdOYvbk4ds.LX.a8RboY-1663036921-0-ASACXWgeYZw19utxtP8EHzZSDaeVvrMjw6PZOfib63SbkhjqJM9K8c5VzEcAN5i0qtJqVxOytMc2EbC+ZkqnW+A=; path=/; expires=Tue, 13-Sep-22 03:12:01 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 749d86f829c80b61-OSL
Content-Encoding: gzip
f.vimeocdn.com/p/4.10.0/css/player.css
151.101.86.109200 OK 20 kB URL HTTP/2 f.vimeocdn.com/p/4.10.0/css/player.css
IP 151.101.86.109:0
File type ASCII text, with very long lines (65495)
Hash 4004ba0e2bb66b9aeaa32a8544f6eeab
5bf81fc199d0a7fcc805d154e33cdfc992a9689b
1bb8fbd867ab8d696b7ca95485fa59d154afb14213041f9d4d12bbff398da7fd
GET /p/4.10.0/css/player.css HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Sep 2022 02:42:01 GMT
age: 374434
x-served-by: cache-iad-kcgs7200157-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 64916
x-timer: S1663036922.968641,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
access-control-allow-origin: *
content-length: 20291
X-Firefox-Spdy: h2
f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
151.101.86.109200 OK 997 B URL HTTP/2 f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (1839)
Hash 0ad074ceab68348048a8100a67d36d2c
2a35d9429a411fd87aafd7e6c7fafe51cca82345
0445c9738353c896284236d8c98b5c8b5d7954621d4c4d2bd5cf138660d247aa
GET /js_opt/modules/utils/vuid.min.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
cache-control: public, max-age=2592000
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Sep 2022 02:42:01 GMT
age: 2021083
x-served-by: cache-iad-kiad7000127-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 257733
x-timer: S1663036922.980212,VS0,VE0
vary: Accept-Encoding,x-http-method-override
content-length: 997
X-Firefox-Spdy: h2
f.vimeocdn.com/p/4.10.0/js/player.js
151.101.86.109200 OK 212 kB URL HTTP/2 f.vimeocdn.com/p/4.10.0/js/player.js
IP 151.101.86.109:0
File type ASCII text, with very long lines (64649)
Size 212 kB (212200 bytes)
Hash 1bf1cd7e4980bdcf6fc5f33823b2280e
3f9724f4a224915506d6ef7c96dc0564f2c51466
13d45c1b32674b0f6d60248713b74d4845ccbef7714b97799f76b3be286ca1d2
GET /p/4.10.0/js/player.js HTTP/1.1
Host: f.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Sep 2022 02:42:01 GMT
age: 374434
x-served-by: cache-iad-kcgs7200061-IAD, cache-bma1635-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 49462
x-timer: S1663036922.980034,VS0,VE0
vary: Accept-Encoding,x-http-method-override
cache-control: max-age=1209600
content-length: 212200
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 02:41:12 GMT
expires: Tue, 13 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 50
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-Y04TL8NEE0>m=2oe970&_p=269213544&cid=563067236.1663036909&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663036909&sct=1&seg=0&dl=https%3A%2F%2Fclickintowealth.com%2Flp%2Ffff%2Fvid-ts-k.php%3FAFFID%3D1006%26C1%3D190%26CID%3D12%26tr%3D10210717823859220912%26&dt=Click%20Into%20Wealth%20(FFF%20TS%20Vid)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Y04TL8NEE0>m=2oe970&_p=269213544&cid=563067236.1663036909&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663036909&sct=1&seg=0&dl=https%3A%2F%2Fclickintowealth.com%2Flp%2Ffff%2Fvid-ts-k.php%3FAFFID%3D1006%26C1%3D190%26CID%3D12%26tr%3D10210717823859220912%26&dt=Click%20Into%20Wealth%20(FFF%20TS%20Vid)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y04TL8NEE0>m=2oe970&_p=269213544&cid=563067236.1663036909&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663036909&sct=1&seg=0&dl=https%3A%2F%2Fclickintowealth.com%2Flp%2Ffff%2Fvid-ts-k.php%3FAFFID%3D1006%26C1%3D190%26CID%3D12%26tr%3D10210717823859220912%26&dt=Click%20Into%20Wealth%20(FFF%20TS%20Vid)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://clickintowealth.com
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://clickintowealth.com
date: Tue, 13 Sep 2022 02:42:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
clickintowealth.com/lp/fff/vid_files/v4-shims.css
149.28.224.6200 OK 6.1 kB URL HTTP/2 clickintowealth.com/lp/fff/vid_files/v4-shims.css
IP 149.28.224.6:0
Hash 646fd9628c34f22cc7118e8c3912a817
5dc9a51ccfbce863718e50ef73449ad1f1c2eb00
43a60f0a9acabf5281522cd439d2939d90b66e7af24670b7f79df8c8fcf862bc
GET /lp/fff/vid_files/v4-shims.css HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/css
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-6801"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2
clickintowealth.com/lp/fff/vid_files/mailcheck.js
149.28.224.6200 OK 1.2 kB URL HTTP/2 clickintowealth.com/lp/fff/vid_files/mailcheck.js
IP 149.28.224.6:0
Hash 08dbff4628cd6a8775ea8480015613d5
fe6b5e6685f0dd9a8f49e1a78544282a6a416bac
42a87e0647dc6c24438847e10e288949488125b4b438db6a5da33b47d7266827
Analyzer Verdict Alert fortinet Phishing
GET /lp/fff/vid_files/mailcheck.js HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: application/javascript
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-a8d"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2
clickintowealth.com/lp/fff/vid_files/css_002.css
149.28.224.6200 OK 66 kB URL HTTP/2 clickintowealth.com/lp/fff/vid_files/css_002.css
IP 149.28.224.6:0
Hash ab53fded77dba6caed63d6c23ddafa34
5f2336ee1eb7cc9fada616997a2c21941721b702
f40ad2a912a14aa359abeb3ad6e99f7f787ee0b291d59d0623030616e6b33e95
GET /lp/fff/vid_files/css_002.css HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/css
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-8e8"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 464cb31b7665a0bb97ce6d162627ca26
a9752c59d2f21b57c3e0f3f4b319b21e78391875
e80db1c216dbf6e80cb011e0a211b519ea35568e5801a64a9c7fc9fa3ab8b2d0
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 02:42:02 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 12 Sep 2022 21:42:35 GMT
Expires: Tue, 13 Sep 2022 21:42:35 GMT
ETag: "a9752c59d2f21b57c3e0f3f4b319b21e78391875"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
dev.visualwebsiteoptimizer.com/j.php?a=301780&u=https%3A%2F%2Fclickintowealth.com%2Flp%2Ffff%2Fvid-ts-k.php%3FAFFID%3D1006%26C1%3D190%26CID%3D12%26tr%3D10210717823859220912%26&f=1&r=0.15764996416397248
34.96.102.137200 OK 6.4 kB URL HTTP/2 dev.visualwebsiteoptimizer.com/j.php?a=301780&u=https%3A%2F%2Fclickintowealth.com%2Flp%2Ffff%2Fvid-ts-k.php%3FAFFID%3D1006%26C1%3D190%26CID%3D12%26tr%3D10210717823859220912%26&f=1&r=0.15764996416397248
IP 34.96.102.137:0
Hash e5748dafedead39cac8f67957b62b6b2
25c7c87c036c25bc7cfcd9fad821ffbdaa43abf9
04323fdbaa0a2d5f6b4a063858df0b05d3a239cefce5415b6b923aadda720c8b
GET /j.php?a=301780&u=https%3A%2F%2Fclickintowealth.com%2Flp%2Ffff%2Fvid-ts-k.php%3FAFFID%3D1006%26C1%3D190%26CID%3D12%26tr%3D10210717823859220912%26&f=1&r=0.15764996416397248 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache,max-age=0
etag: W/"1662990569"
server: gams1
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
clickintowealth.com/favicon.ico
149.28.224.6302 Found 0 B URL HTTP/2 clickintowealth.com/favicon.ico
IP 149.28.224.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v; _ga_Y04TL8NEE0=GS1.1.1663036909.1.0.1663036909.0.0.0; _ga=GA1.1.563067236.1663036909
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 13 Sep 2022 02:42:02 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://clickintowealth.com/wp-content/uploads/2022/04/cropped-Logo-Gold-32x32.png
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://clickintowealth.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
permissions-policy: vr=(); xr-spatial-tracking=('none');
X-Firefox-Spdy: h2
player.vimeo.com/video/663719624?h=e9734ca969&autoplay=1&muted=1
162.159.128.61200 OK 4.9 kB URL HTTP/1.1 player.vimeo.com/video/663719624?h=e9734ca969&autoplay=1&muted=1
IP 162.159.128.61:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (15409)
Hash 80b3da53b54e56724d24be75fee78dc7
826ada78fb9e829a89f4927c35b81e49367abcf3
1805180f9c467873e6005e8dd894d7a4f7b9ac12d24b450f58d3580a5c564a9e
GET /video/663719624?h=e9734ca969&autoplay=1&muted=1 HTTP/1.1
Host: player.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 02:42:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-xss-protection: 1; mode=block
content-security-policy: script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin, <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
expires: Fri, 15 Dec 1985 19:30:00 GMT
x-host: player-54c6bcb9bc-2wmt9
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-varnish-cache: 0
x-vserver: playproxy-rollout-prod-varnish-5
x-backend-proxy: playproxy6
x-bapp-server: player-54c6bcb9bc-2wmt9
Age: 0
X-Served-By: cache-cph2320051-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1663036922.229017,VS0,VE249
Vary: Accept-Encoding
X-Player-Backend: p
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=poBODSBY_7p3lFTfWmozGgtqSENVsDFqff_8VK5szM4-1663036922-0-AdTEoZ0oXmrBQsmau4AgtWCpAckTBjQ7m+MUfHEI1Vja0UAgWSwSOi7Ac6ku0qeE6uUB77OiitVdTUpyQNwN2Zc=; path=/; expires=Tue, 13-Sep-22 03:12:02 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 749d86fbdac70b61-OSL
Content-Encoding: gzip
clickintowealth.com/wp-content/uploads/2022/04/cropped-Logo-Gold-32x32.png
149.28.224.6200 OK 839 B URL HTTP/2 clickintowealth.com/wp-content/uploads/2022/04/cropped-Logo-Gold-32x32.png
IP 149.28.224.6:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 32b3bb2ffff52dcd2c56632ca795011a
cb3b2b0590bf3699615d8e3596207c361932b6fc
27501a6dc93af8110a956a04d36f6e652fd7fa4c848715e3caa143ed5b891812
GET /wp-content/uploads/2022/04/cropped-Logo-Gold-32x32.png HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Connection: keep-alive
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v; _ga_Y04TL8NEE0=GS1.1.1663036909.1.0.1663036909.0.0.0; _ga=GA1.2.563067236.1663036909; _gid=GA1.2.1933366378.1663036910; _gat_gtag_UA_126759577_4=1; _vwo_uuid_v2=D420A221E6844086679BFFC61DDAFE531|1eb97a2d1148b5d1d59c9f8082069ae2; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:02 GMT
content-type: image/png
content-length: 839
last-modified: Wed, 20 Apr 2022 20:41:59 GMT
etag: "62607017-347"
cache-control: public, max-age=648000
accept-ranges: bytes
X-Firefox-Spdy: h2
i.vimeocdn.com/video/1343249046-6a0ba3827fa5f3b219a2c2b67d91dbfcf096a4b9acd5ae54e6b6b56bff8907e4-d?mw=800&mh=450
151.101.86.109200 OK 18 kB URL HTTP/2 i.vimeocdn.com/video/1343249046-6a0ba3827fa5f3b219a2c2b67d91dbfcf096a4b9acd5ae54e6b6b56bff8907e4-d?mw=800&mh=450
IP 151.101.86.109:0
File type gzip compressed data, from Unix\012- data
Hash 7b4ad23a57cff448e362a191d697d0f4
a28b7ac64a42102c2fc4c6826200b720c1e8514b
48ee6fb1db9270691d44056e9531da97f7fd7f2cb58b853af658b8e0399c4330
GET /video/1343249046-6a0ba3827fa5f3b219a2c2b67d91dbfcf096a4b9acd5ae54e6b6b56bff8907e4-d?mw=800&mh=450 HTTP/1.1
Host: i.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/avif
etag: 08e8d5daba94ada12ca2a33cec6d6b3e
x-viewmaster-lossless-format: automatic
viewmaster-server: viewmaster-us-central1-xblc
cache-control: public, max-age=2592000
via: vvarnish, 1.1 varnish, 1.1 varnish
x-backend-server: varnish
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
access-control-max-age: 86400
accept-ranges: bytes
date: Tue, 13 Sep 2022 02:42:02 GMT
age: 1768502
x-served-by: cache-dfw-kdfw8210032-DFW, cache-bma1635-BMA
x-cache: miss, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663036923.730056,VS0,VE1
vary: Accept
content-length: 16264
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.1 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash 731860f0c8228c9e3215252dce81ce01
bdf9ce28a3c80197eed201e36e433625c92e0c38
8c2c8a6ac108c3a818f2c0ec3d00bb3d15ed4dbf5c7b3d8ebc4d3690e6927805
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984,53634e6b,8eafa091,d03b9c73,d6cd3858/audio/6427f03f,7969395b/master.json?query_string_ranges=1&base64_init=1
104.123.68.171200 OK 43 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984,53634e6b,8eafa091,d03b9c73,d6cd3858/audio/6427f03f,7969395b/master.json?query_string_ranges=1&base64_init=1
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c8aa8956f1dbf71ec5d4e08c2aa93fcb
41175a295ca25d58f319502c423e50eb9a8b2fb3
49a390f87614024b1ab9f19c31a3704a9b939515a78440a1afed2641c475940c
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984,53634e6b,8eafa091,d03b9c73,d6cd3858/audio/6427f03f,7969395b/master.json?query_string_ranges=1&base64_init=1 HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
origin-retrieved-hour: 1657983600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Content-Encoding: gzip
Aka-c-hit: cache-hit
Content-Length: 42776
Cache-Control: max-age=30779177
Date: Tue, 13 Sep 2022 02:42:02 GMT
Connection: keep-alive
Vary: Accept-Encoding
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
AK-REFERENCE-ID: 0.a7447b68.1663036922.1858e550
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126759577-4&cid=563067236.1663036909&jid=574038228&gjid=2118598210&_gid=1933366378.1663036910&_u=YADAAUAAAAAAAC~&z=1867717894
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126759577-4&cid=563067236.1663036909&jid=574038228&gjid=2118598210&_gid=1933366378.1663036910&_u=YADAAUAAAAAAAC~&z=1867717894
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126759577-4&cid=563067236.1663036909&jid=574038228&gjid=2118598210&_gid=1933366378.1663036910&_u=YADAAUAAAAAAAC~&z=1867717894 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://clickintowealth.com
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://clickintowealth.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Sep 2022 02:42:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Tue, 13 Sep 2022 05:42:42 GMT
Date: Tue, 13 Sep 2022 02:42:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Tue, 13 Sep 2022 05:42:42 GMT
Date: Tue, 13 Sep 2022 02:42:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Tue, 13 Sep 2022 05:42:42 GMT
Date: Tue, 13 Sep 2022 02:42:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Tue, 13 Sep 2022 05:42:42 GMT
Date: Tue, 13 Sep 2022 02:42:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10840
Expires: Tue, 13 Sep 2022 05:42:42 GMT
Date: Tue, 13 Sep 2022 02:42:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: jj0LCxD4MdspTSEvLVsUaEbdNjjae7G-gogDBKtx1IE9VZauS4BblQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:11:59 GMT
age: 12603
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b9c6d44f93a72d6c03ebcfadda1a48a
f6100190de6244ae74b6c1250b997749a381ed89
4bf351795fb3a9e8a1a917d6ab202b1c75007bd5dc450a869b4db5dbfdd81dc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 8335006d-add1-4ab7-9930-e2304a6d1de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQn93FGxIAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ced25-067cb6e120bd359b719bb421;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 20:01:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1L31YAxvPdmy1k0o-p11NcSM6ujk8NNaii936rsRrI9XoAxYF7CjIg==
via: 1.1 04e6cfc6f03b8f5e6f5459aacc86b372.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:11 GMT
age: 17031
etag: "f6100190de6244ae74b6c1250b997749a381ed89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c824a7db30839607b01c7a164f6f6ec
bbab791971056750a46dd6ed9c5d7c8e12ab457e
872262a28a383a9eafd1f453014a3edfde4872160b772874271be6358a47449f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb9bab12-4fd5-4be7-b453-25dfb0d4c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9606
x-amzn-requestid: bf72ce8c-1272-42df-8958-d392210106c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIR7NFh2oAMFXIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631996ad-4646091a428db21e2dce1a61;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:15:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4skZVE5BinFMAJV196j5-qtDez6m26DtU8NZvU6K2VuhFnC7E1zXWw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:19 GMT
age: 17143
etag: "bbab791971056750a46dd6ed9c5d7c8e12ab457e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 85df5ad9-f229-4d33-90b9-5dd28c77578a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YH396F2SIAMFnGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63196d25-3ee08f1e27cd37e96dba0f40;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 04:18:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Oep2UJdadBnTBuCy7CexUcezT0cCvm_9hroZnV-UrC9lQQxwUc4rkw==
via: 1.1 07c02ae6c53d85283eb15380264d9998.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 05:35:24 GMT
age: 75998
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15c4bbfd3d31955ae2beb1e47f1fda18
9e08828ce3d8d3170875c017ce70230fb60be657
c7cedd44499cf59595fd01e8ddd3bce3e93a86daeec18a7a0868c445f9ac5d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4810
x-amzn-requestid: 9fd1552d-1306-4164-a187-e8dee3cb7a27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqjEBdoAMFY8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-6c15aad5779bf7d625b2ffd7;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2vrSdQU9eQx35iv0ENwLlT1MX6G4zcnZTkPwy_ysh4VkJorpLjfH6A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 16815
etag: "9e08828ce3d8d3170875c017ce70230fb60be657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 17984
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash fa1fc17e98b6ce863de61247576a0632
9508526ab08e10d3fe26497982d8e3df3eec8403
7a0e2c983f904415075a7d944f24999481eacda72e054b8e83b24d829b643741
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash fa1fc17e98b6ce863de61247576a0632
9508526ab08e10d3fe26497982d8e3df3eec8403
7a0e2c983f904415075a7d944f24999481eacda72e054b8e83b24d829b643741
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-test-impression?beacon=1
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-test-impression?beacon=1
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-test-impression?beacon=1 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 116
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Sep 2022 02:42:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1473
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Sep 2022 02:42:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/5Ylu76wHhgo
IP 142.250.74.3:0
Hash fa1fc17e98b6ce863de61247576a0632
9508526ab08e10d3fe26497982d8e3df3eec8403
7a0e2c983f904415075a7d944f24999481eacda72e054b8e83b24d829b643741
POST /s/gts1d4/5Ylu76wHhgo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 02:42:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1764
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Sep 2022 02:42:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
player-telemetry.vimeo.com/player-events/log/play
34.120.202.204200 OK 0 B URL HTTP/2 player-telemetry.vimeo.com/player-events/log/play
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /player-events/log/play HTTP/1.1
Host: player-telemetry.vimeo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 668
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 02:42:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922
34.120.202.204200 OK 0 B URL HTTP/2 fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922
IP 34.120.202.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /add/player-stats?beacon=1&session-id=22c6aa14b16b7ce929573073f4f04119705fa7e61663036922 HTTP/1.1
Host: fresnel.vimeocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1766
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://player.vimeo.com
date: Tue, 13 Sep 2022 02:42:03 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/8eafa091/chop/segment-1.m4s?r=dXM%3D
104.123.68.171200 OK 96 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/8eafa091/chop/segment-1.m4s?r=dXM%3D
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Hash 9bb44f7d424f1697001ec7b130a7cd3c
3953ab28182a77a1e4a6d4291d6d775e672ac4e0
fb7259c3e2f7e66d528d36e4449d032bc07d1bef13ab7be25199aac692917ceb
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/8eafa091/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 95937
using-starlord: true
origin-retrieved-hour: 1657904400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30698829
Date: Tue, 13 Sep 2022 02:42:03 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036923.1858e558
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/parcel/video/53634e6b.mp4?r=dXM%3D&range=3769-31123
104.123.68.171200 OK 27 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/parcel/video/53634e6b.mp4?r=dXM%3D&range=3769-31123
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Hash 89abaf000b050a8e7fbe34e14ee5ecee
1d21a6ab56e8e172f773f34e16f41befcb72a6f8
53bbbec0b81e699c513380aae67eb5b3352ca51324fce6a7222bf0fde29c4480
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/parcel/video/53634e6b.mp4?r=dXM%3D&range=3769-31123 HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 27355
Last-Modified: Sat, 08 Jan 2022 17:27:49 GMT
Server: parcel
origin-retrieved-hour: 1653231600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: private, max-age=30692293
Expires: Sun, 03 Sep 2023 08:20:16 GMT
Date: Tue, 13 Sep 2022 02:42:03 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036923.1858e6b4
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
Set-Cookie: aka_debug=cpcode:877678~clientip:91.90.42.154~ghostip:104.123.68.171~requestid:1858e6b4~time:1663036923~ghostforwardip:23.3.90.97~edgecache:cache-miss~rtt:7~region:NO-; path=/; domain=.akamaized.net;
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-1.m4s?r=dXM%3D
104.123.68.171200 OK 192 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-1.m4s?r=dXM%3D
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Size 192 kB (191827 bytes)
Hash 939837ebf0f6a8375629942c9e42e685
dc8ba4bd6c4d748d3f74edbf46d08c6dae695908
a67c21b059ba2e270596e9e384bf0d88ce89355100214931ef1f8c04a9cf63bd
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 191827
using-starlord: true
origin-retrieved-hour: 1658912400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Tue, 13 Sep 2022 02:42:03 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036923.1858e6ba
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-1.m4s?r=dXM%3D
104.123.68.171200 OK 63 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-1.m4s?r=dXM%3D
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Hash a37c2654e660aa4eb9fac85bae09d6c9
1ca1500c1014c5886ba3067d464aff33cfe8eca1
07ffd6313bd25268e15321de12968bf604ab08309419e80aacf8d926b366ab78
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-1.m4s?r=dXM%3D HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 63439
using-starlord: true
origin-retrieved-hour: 1657897200
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30692079
Date: Tue, 13 Sep 2022 02:42:03 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036923.1858e709
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-2.m4s?r=dXM%3D
104.123.68.171200 OK 191 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-2.m4s?r=dXM%3D
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Size 191 kB (191146 bytes)
Hash 1db788fb7fe4bce48e8f29372b933ac4
b61188f8073120e35d9670015c53cbd38ec10464
e6ccfb535e7f8b443b7012522644568f19580e75f5ab794cc14c85f535c2f26c
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-2.m4s?r=dXM%3D HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 191146
using-starlord: true
origin-retrieved-hour: 1658908800
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31535992
Date: Tue, 13 Sep 2022 02:42:04 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036924.1858e71b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-2.m4s?r=dXM%3D
104.123.68.171200 OK 128 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-2.m4s?r=dXM%3D
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Size 128 kB (127501 bytes)
Hash a8556e9b5c1a3dbcd03155ed2a06dd18
7b0cab6924fb95814190206c8a270f83fe6a67ea
468bae1a72e59ca38af5d4f284c47f2f8d09e5b7b302e5d71fa272b79e7a7dcb
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-2.m4s?r=dXM%3D HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 127501
using-starlord: true
origin-retrieved-hour: 1657911600
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=30707092
Date: Tue, 13 Sep 2022 02:42:05 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036925.1858e970
X-VIM-CACHEBC: EP:H11,E:m,TD0:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-3.m4s?r=dXM%3D
104.123.68.171200 OK 192 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-3.m4s?r=dXM%3D
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Size 192 kB (191826 bytes)
Hash 241d90bf3fa0b15c6975b7ab6f6c90ad
2bdfc160b9f39cceb4a5617d56ff47c40491410c
0e2a0c4e67d85525a2f2ae00d46c63d7016509b064d65c2a1a60461d86312b57
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/audio/4e90e984/chop/segment-3.m4s?r=dXM%3D HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 191826
using-starlord: true
origin-retrieved-hour: 1656576000
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31536000
Date: Tue, 13 Sep 2022 02:42:05 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036925.1858e97b
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,CW:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-3.m4s?r=dXM%3D
104.123.68.171200 OK 83 kB URL HTTP/1.1 98vod-adaptive.akamaized.net/exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-3.m4s?r=dXM%3D
IP 104.123.68.171:0
ASN #20940 Akamai International B.V.
Hash 74a46a1409f1aa11668f5eee710eca17
5740c92e0dff7b55a429d73703dacc200fe94e0f
ae08fd483a96aaa8dcae8a21b4d972d6342a2c12b5df6458358ed58a91fe5ba1
GET /exp=1663043034~acl=%2F933b900f-73b5-4368-8e96-e5e11c0b4b41%2F%2A~hmac=43da34dbb5b01baa69b86a712e4f59d5a6dd8a4fb1e20435d625832e7a952d64/933b900f-73b5-4368-8e96-e5e11c0b4b41/sep/video/4e90e984/chop/segment-3.m4s?r=dXM%3D HTTP/1.1
Host: 98vod-adaptive.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.vimeo.com
Connection: keep-alive
Referer: https://player.vimeo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 82613
using-starlord: true
origin-retrieved-hour: 1656284400
Access-Control-Max-Age: 86400
timing-allow-origin: *
Aka-c-hit: cache-hit
Cache-Control: max-age=31308045
Date: Tue, 13 Sep 2022 02:42:06 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 877678
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Type: video/mp4
AK-REFERENCE-ID: 0.a7447b68.1663036926.1858eb06
X-VIM-CACHEBC: EP:H11,E:m,TD0:m,PE:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, X-Akamai-Request-ID, AK-REFERENCE-ID
Akamai-Edge-IP: 104.123.68.171
Access-Control-Allow-Headers: Content-Type, Accept-Encoding, Range, X-OTT-Agent,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
Access-Control-Allow-Origin: *
clickintowealth.com/lp/fff/vid_files/lander.js
149.28.224.6200 OK 0 B URL HTTP/2 clickintowealth.com/lp/fff/vid_files/lander.js
IP 149.28.224.6:0
Analyzer Verdict Alert fortinet Phishing
GET /lp/fff/vid_files/lander.js HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: application/javascript
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-f58e1"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2
clickintowealth.com/lp/fff/vid_files/pushcrew.js
149.28.224.6200 OK 0 B URL HTTP/2 clickintowealth.com/lp/fff/vid_files/pushcrew.js
IP 149.28.224.6:0
Analyzer Verdict Alert fortinet Phishing
GET /lp/fff/vid_files/pushcrew.js HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: application/javascript
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-27d"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/all.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/all.css
IP 172.67.169.247:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/css
x-amz-id-2: 5R63sGXcq2LptVgWp1Hbu23fLcn6t7yox4MdVDD4fYkPpwwpE0tP8nap3nE7BUsLxb2kn6BawAQ=
x-amz-request-id: FW5J89H89QA35JM6
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 521106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rW5Sk7YoZXTtzdaP2lOVpLUWtYiYaFSXcQd6jkBsmocsF%2Fuyu56mxfGpEXNKtIvbt3isRDoFNHSuiDW1fkpTgEUAlOJ571Fi2JrlbMY3NYCMzh11EyHnQIEZgZOP0TmQWZGjUh9f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749d86f61ec70af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 02:42:01 GMT
date: Tue, 13 Sep 2022 02:42:01 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
clickintowealth.com/lp/fff/vid_files/powerscripts.js
149.28.224.6200 OK 0 B URL HTTP/2 clickintowealth.com/lp/fff/vid_files/powerscripts.js
IP 149.28.224.6:0
Analyzer Verdict Alert fortinet Phishing
GET /lp/fff/vid_files/powerscripts.js HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: application/javascript
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-e1f"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
IP 172.67.169.247:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/css
x-amz-id-2: 29dQf2WVNOHot5Ay8pBeGC9Jp0pul03AFXB61uD4zFysCnT6qW6VHySxi6MC8oLZjApsDY/NPq0=
x-amz-request-id: B6FTANBTWNEFCW5M
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 442680
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLGqszXqshrjGlhVviMMs4z%2B93xosoYqxEZ%2Bza%2FW04lHzIZzmWNUS5%2FDxW%2B8HTKNIwQbq3B5YamGxvFQgXPt6bRnr01LTW2nprhUUkFniWE81Hih%2FbdfvUwh8dfumnE%2F7GwhkQGq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749d86f62ec80af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
clickintowealth.com/lp/fff/vid_files/all.css
149.28.224.6200 OK 0 B URL HTTP/2 clickintowealth.com/lp/fff/vid_files/all.css
IP 149.28.224.6:0
GET /lp/fff/vid_files/all.css HTTP/1.1
Host: clickintowealth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://clickintowealth.com/lp/fff/vid-ts-k.php?AFFID=1006&C1=190&CID=12&tr=10210717823859220912&
Cookie: PHPSESSID=5plrpul465sbm18q9n54llhs0v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 02:42:01 GMT
content-type: text/css
last-modified: Sun, 11 Apr 2021 14:20:01 GMT
vary: Accept-Encoding
etag: W/"60730591-da9f"
cache-control: public, max-age=648000
content-encoding: gzip
X-Firefox-Spdy: h2