| w1.mssxhb.com/prod/aa1571de-6a92-43c2-a8d9-f9168c962b5f/5e784cf0-83f1-40bc-a1d9-044ebee4ac31 | 23.22.137.191 | 302 Found | 332 B |
URL HTTP/1.1w1.mssxhb.com/prod/aa1571de-6a92-43c2-a8d9-f9168c962b5f/5e784cf0-83f1-40bc-a1d9-044ebee4ac31 IP23.22.137.191:0
File typeHTML document, ASCII text, with very long lines (332), with no line terminators Hash1f9e20327c044a9ddc9b0a4772480b9b 84ad20e625cb804db1d660f06edbfba06bc475b0 9509b20104bdda7568adb0573171ef2d903baa02da7e570a69cfbb73042fe744
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /prod/aa1571de-6a92-43c2-a8d9-f9168c962b5f/5e784cf0-83f1-40bc-a1d9-044ebee4ac31 HTTP/1.1
Host: w1.mssxhb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 16 Oct 2022 07:22:04 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 332
Connection: keep-alive
X-Powered-By: Express
Location: https://integrations.api.mailshake.com/beacon/click?emailID=aa1571de-6a92-43c2-a8d9-f9168c962b5f&linkID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31
Vary: Accept
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.27 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashbdb8b66c705a7b996496d780f50c00b5 403ae92039fcc933870f51f913f78ccaf9652256 c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 06:50:25 GMT
Expires: Sun, 16 Oct 2022 07:50:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WLN0aJvHLdT3uGAHuiUZl3qb50EDF-UiPXkdhAz-wTtuDxRxg_XanA==
Age: 1899
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash07b3389fc24c0f8eb82a9d05b546d17e 02716741b8952e548b9a223adbb3f16204eef2b2 25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3491
Expires: Sun, 16 Oct 2022 08:20:15 GMT
Date: Sun, 16 Oct 2022 07:22:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha57d0f62d9bd29668b94a513fa45d18e d7cb263502e21f9235b4523a596e2138d22042ec df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15221
Expires: Sun, 16 Oct 2022 11:35:45 GMT
Date: Sun, 16 Oct 2022 07:22:04 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dZexc9LGw+dhawESW++lUlUu7DIX7TW6GIX0enudxFui5cBtutsZLRLpScbjtXLqXDY1r9fdsZc=
x-amz-request-id: Z9RAH4E00666NSWK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 06:34:57 GMT
age: 2827
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 07:22:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.27 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.27:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 16 Oct 2022 07:07:43 GMT
Expires: Sun, 16 Oct 2022 07:25:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xis53RsWWhzj5b8yf-Q9UfXPf9r63iVEgh2Y2i8wkY9gJgiRwyl4DA==
Age: 861
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash3221ca95adb687c4f9e7d9c9a6152839 c02d1b2cc4998085cf3669ee89c988544208b069 4395c2b0f21837402c6917586b235e871db9cb8f9585e6689d33f3d105cc9d39
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156423
Date: Sun, 16 Oct 2022 07:22:04 GMT
Etag: "634b7123-1d7"
Expires: Tue, 18 Oct 2022 02:49:07 GMT
Last-Modified: Sun, 16 Oct 2022 02:49:07 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ytbL7q66pWCxmtlzJYbnOOfxh71Ae-2yLvwK0fga6RlbfvZlf7BHLw==
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash301aafc13bc66315321d9476df002258 e6bfd29899543fcd4d1b332623757bbad355306f c64315afdfcf146b16942d981588ed912650472c5e2bba7b6f8dee396d820860
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4400
Cache-Control: max-age=93490
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:05 GMT
Etag: "634a6a1f-1d7"
Expires: Mon, 17 Oct 2022 09:20:15 GMT
Last-Modified: Sat, 15 Oct 2022 08:06:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
|
|
| integrations.api.mailshake.com/beacon/click?emailID=aa1571de-6a92-43c2-a8d9-f9168c962b5f&linkID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31 | 34.197.172.216 | 302 Found | 188 B |
URL HTTP/2integrations.api.mailshake.com/beacon/click?emailID=aa1571de-6a92-43c2-a8d9-f9168c962b5f&linkID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31 IP34.197.172.216:0
File typeHTML document, ASCII text, with no line terminators Hashde7c7589c15e06601bfe5a3b7f92f367 f89262a18afaf96b490e858f448a3c3d4c4cf307 221fd5359938a965d5b7389ae9fb933e68a668041ef61761c49fff10eeb9fd50
GET /beacon/click?emailID=aa1571de-6a92-43c2-a8d9-f9168c962b5f&linkID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31 HTTP/1.1
Host: integrations.api.mailshake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 16 Oct 2022 07:22:05 GMT
content-type: text/html; charset=utf-8
content-length: 188
location: https://leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31
x-powered-by: Express
vary: Origin, Accept, Accept-Encoding
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hashf0bb734cd0a74dbd705cfa2b6d646d82 6dde725c89635253672b8464ca0a3ed78ee4d899 e83c59e27921aa5ebfef31336b21aa10c8d6b1fdb76aed0eafb8e7cee7caadfd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126524
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:05 GMT
Etag: "634afc59-116"
Expires: Mon, 17 Oct 2022 18:30:49 GMT
Last-Modified: Sat, 15 Oct 2022 18:30:49 GMT
Server: nginx
Content-Length: 278
|
|
| push.services.mozilla.com/ | 35.164.56.167 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.164.56.167:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 603FXg5NTSNLmK8h8L7wwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SyAzrDHXj9ZF7VxTYXGxqQgUCGc=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha239968682150ba8fb61f7b2101edba3 35724b1e7f236cddd2e9c542a0da63d9e915c310 e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 07:22:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha239968682150ba8fb61f7b2101edba3 35724b1e7f236cddd2e9c542a0da63d9e915c310 e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 07:22:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha239968682150ba8fb61f7b2101edba3 35724b1e7f236cddd2e9c542a0da63d9e915c310 e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 07:22:06 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha239968682150ba8fb61f7b2101edba3 35724b1e7f236cddd2e9c542a0da63d9e915c310 e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3747
Expires: Sun, 16 Oct 2022 08:24:33 GMT
Date: Sun, 16 Oct 2022 07:22:06 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdf5f38c3dc43ccc382d0274bffb6b350 9a305072cce8bb61ca3753bb98b999695fb4706e 20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j4GFPRLOwyEGJVrC4uk01vi858DLWzDtUNZkfmbJ1ybrMV4xEdOIVg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:50:24 GMT
age: 34302
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc0cabcd5467191890163abd8c081c0cb 37c76a9fe6833ee0fc50d92b2f8e32fc44d43e54 b3b17175a7899e8876d93a83271f9319b0cd76af7e091837b87aaba2ac2d3920
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4eb39673-9b77-4a82-8d34-c0e1405dca47.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8757
x-amzn-requestid: c384db56-c2e0-4a61-ab03-0688422929c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL3_ESBIAMFUIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b2699-1a0f51aa005d4a5e4f4ec4df;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:05 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 99u5SW_yKsRfnCMwl1syMlGCm5OZ7kd6ewz8vIYxFrRvwLZEmjNs1g==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:26:41 GMT
age: 32125
etag: "37c76a9fe6833ee0fc50d92b2f8e32fc44d43e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6432c2bf0bab32f918d931dd98a6e1e4 bba4f37b146e5aea2b6490f8f7da63fa61ffc849 bde0d98cb1dcd70f22cd2aee5860eb0cd824d1bb12ab18245ab8eed06a79cf1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7337
x-amzn-requestid: 43a16c4d-c5b9-4d01-8ba4-e811b09e96b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqEwVoAMFe5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-121eda8b7a73518849342e7a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HUtvwwtoxo38w1ZiKkBZJL0dL3G7aCdUNzvcUhJ7CZ_Taj_tMyfjAQ==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:03:21 GMT
age: 8325
etag: "bba4f37b146e5aea2b6490f8f7da63fa61ffc849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc19a4730-8fc7-4190-b6fa-ca3915d4be27.jpeg | 34.120.237.76 | 200 OK | 3.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc19a4730-8fc7-4190-b6fa-ca3915d4be27.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe7a177e668bb2845a434181c96aef438 8f7465dd7a14cb4200b2eece61c18be8179e1d9f 13bb37f17f8e8ae4433b8503b3eb2f35d6c55b4fca70ed2619441ec000113808
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc19a4730-8fc7-4190-b6fa-ca3915d4be27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3895
x-amzn-requestid: 539a4058-ac16-49bf-83e7-5ebcf992f60e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL4uHqloAMFuuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269e-4e6edb1e1d7049572155425c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pLqDy8NvmMW0l257nHhjz6iDa42UD3gZsFTw5Ga4wXU9HPGzR1FoMQ==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:24:21 GMT
age: 32265
etag: "8f7465dd7a14cb4200b2eece61c18be8179e1d9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe21fcac8-5030-4cbc-ac8e-8a2364186db7.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe21fcac8-5030-4cbc-ac8e-8a2364186db7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9a2e0525ec1d258ba9dd1fa70812179f bb8af55cd6030afd31d47c1aa16780a45e751a4d 85000c8bb46a9d050d451498b7271aed62e7ea5e30ad0e600ef65f06c1ef3669
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe21fcac8-5030-4cbc-ac8e-8a2364186db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7246
x-amzn-requestid: 6ed66f46-4118-4d26-a235-d58a321661ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z4a0rGEBIAMFz-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634671b7-357b86f868174cef5629c66d;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 07:50:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5COcRwQxg1nqjTaq1Vut5JFJRexn6IXMrHKYL12CyhP6wYufq72SzQ==
via: 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:58:03 GMT
age: 33843
etag: "bb8af55cd6030afd31d47c1aa16780a45e751a4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F223c148f-e76c-4625-8d19-0d3ef6b3ab03.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F223c148f-e76c-4625-8d19-0d3ef6b3ab03.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash94dbefe5b048c0bebab2485de87367a1 a0df1068e09270f0b5ab7529dc31cc533a244cdd e6e10ade9f819cccc5a36790016d41bc5ccb02512075f750afc136486d0fbc2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F223c148f-e76c-4625-8d19-0d3ef6b3ab03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: b1678079-b51b-4b98-a44c-4024ad28451d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5XFbAIAMF08A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a2-1178963d495ce7232844459d;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oI7wIwMgMGO_PayAvPQqY9FWOxZa90tzWtQR9WEroTA6DpKn7lQO1Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:36:56 GMT
age: 35110
etag: "a0df1068e09270f0b5ab7529dc31cc533a244cdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0efa623bed47d42f69be9e523e7725f4 b301c00ee9ab5778b326edea3bc274f8ae46da15 c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5f309b801fdcff49c832652cf9f67fed f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13 53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0efa623bed47d42f69be9e523e7725f4 b301c00ee9ab5778b326edea3bc274f8ae46da15 c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH | 142.250.74.168 | 200 OK | 51 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-PX5QPGH IP142.250.74.168:0
File typeASCII text, with very long lines (3649) Hashffe71a8347d2ba4857aaf51c594eef76 70bc6bcda7d38c2c87933e957a887efb6b442daf 9f3a48eaa44c8ee5463c998bb5ac8ab386d774ce98e9da8183fbe0a27ba9ea0b
GET /gtm.js?id=GTM-PX5QPGH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 16 Oct 2022 07:22:07 GMT
expires: Sun, 16 Oct 2022 07:22:07 GMT
cache-control: private, max-age=900
last-modified: Sun, 16 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5f309b801fdcff49c832652cf9f67fed f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13 53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31 | 104.17.210.37 | 307 Temporary Redirect | 12 kB |
URL HTTP/2leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31 IP104.17.210.37:0
File typegzip compressed data, from Unix\012- data Hash5b6b8582f0c20be974fac0389de0d4f3 fa58e9104fe335e723ab9b9668315fa91782576a 83dc2ac0d6d94f606aa7cf755664bb7d1a607f1f791e5b7a18acd8436fc5db0f
GET /sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31 HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Sun, 16 Oct 2022 07:22:05 GMT
content-type: text/html; charset=UTF-8
location: https://leads.go-afs.com/front/domain_validation?step=1&domain=leads.go-afs.com&url=https%3A%2F%2Fleads.go-afs.com%2FsGy79%3FmsID%3D5e784cf0-83f1-40bc-a1d9-044ebee4ac31
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75af0a97df0eb523-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash254c0f79943125eff7adbf9cb30d2b46 e24342391b47646fbbe9fa6a26dd95c0eadda7e5 35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.195 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 301679
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| leads.go-afs.com/js/build/front/pages/skeleton-below.js | 104.17.210.37 | 200 OK | 4.7 kB |
URL HTTP/2leads.go-afs.com/js/build/front/pages/skeleton-below.js IP104.17.210.37:0
Hash5a4cc89f8235066998029456c4e35757 01e1a983b18ed6468331d343edf5ddd63eac4ef5 e9ef3111224db7ce85e9dbfd0690cd1801b2ef9aacd38d1c7467a8e6918bf54e
GET /js/build/front/pages/skeleton-below.js HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31&r_done=1
Cookie: kartra_visited=42734b9cd53c85e56c54a7410dc1efc60797b7cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 01 Aug 2022 12:21:08 GMT
etag: W/"62e7c534-31ec"
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
expires: Sun, 16 Oct 2022 07:27:07 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
server: cloudflare
cf-ray: 75af0aa21da7b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 | 216.58.207.195 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data Hash44b4e1e6aecc684d11fe7501dd36df19 59e2710168a0d6889a24eaaa5134114f7e258461 6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
GET /s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 22:47:43 GMT
expires: Wed, 11 Oct 2023 22:47:43 GMT
cache-control: public, max-age=31536000
age: 376464
last-modified: Tue, 19 Apr 2022 18:08:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.195 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 05:42:51 GMT
expires: Fri, 13 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 265157
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash254c0f79943125eff7adbf9cb30d2b46 e24342391b47646fbbe9fa6a26dd95c0eadda7e5 35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE>m=2oeaa0&_p=2037506702&cid=1520921768.1665904930&ul=en-us&sr=1280x1024&_s=1&sid=1665904930&sct=1&seg=0&dl=https%3A%2F%2Fleads.go-afs.com%2FsGy79%3FmsID%3D5e784cf0-83f1-40bc-a1d9-044ebee4ac31%26r_done%3D1&dt=Thank%20you%20Agents%20-%20PPC&en=page_view&_fv=1&_nsi=1&_ss=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-9QVVWF40FE>m=2oeaa0&_p=2037506702&cid=1520921768.1665904930&ul=en-us&sr=1280x1024&_s=1&sid=1665904930&sct=1&seg=0&dl=https%3A%2F%2Fleads.go-afs.com%2FsGy79%3FmsID%3D5e784cf0-83f1-40bc-a1d9-044ebee4ac31%26r_done%3D1&dt=Thank%20you%20Agents%20-%20PPC&en=page_view&_fv=1&_nsi=1&_ss=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-9QVVWF40FE>m=2oeaa0&_p=2037506702&cid=1520921768.1665904930&ul=en-us&sr=1280x1024&_s=1&sid=1665904930&sct=1&seg=0&dl=https%3A%2F%2Fleads.go-afs.com%2FsGy79%3FmsID%3D5e784cf0-83f1-40bc-a1d9-044ebee4ac31%26r_done%3D1&dt=Thank%20you%20Agents%20-%20PPC&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://leads.go-afs.com
date: Sun, 16 Oct 2022 07:22:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| d1aettbyeyfilo.cloudfront.net/Kartra/3701724_15529854860113613118_1552298895139Backgrounds-2.webp | 54.230.245.37 | 200 OK | 21 kB |
URL HTTP/2d1aettbyeyfilo.cloudfront.net/Kartra/3701724_15529854860113613118_1552298895139Backgrounds-2.webp IP54.230.245.37:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashbebb6fecddb6a372e92201f5a8fe9dfa 843915090be3992a169b6b6a0540d36fb4f892fb d054bbdff6d57e7d8a21276c067e890ce0c738d69fc22ba3febea224204f2706
GET /Kartra/3701724_15529854860113613118_1552298895139Backgrounds-2.webp HTTP/1.1
Host: d1aettbyeyfilo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 20584
date: Wed, 09 Feb 2022 01:22:04 GMT
last-modified: Wed, 19 Feb 2020 10:24:38 GMT
etag: "bebb6fecddb6a372e92201f5a8fe9dfa"
cache-control: public, max-age=31536000
x-amz-version-id: _9N.rH6eP90uCGIygAj69aT9sld1BI51
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vVQZfxOdxWNOU2gDX0GhCIHwidiNbv9rRmdyMgpluB9kBvVEahkeWA==
age: 21535205
X-Firefox-Spdy: h2
|
|
| app.kartra.com/analytics/visitorTime/Ynfdryoewia4 | 104.17.209.37 | 200 OK | 20 kB |
URL HTTP/2app.kartra.com/analytics/visitorTime/Ynfdryoewia4 IP104.17.209.37:0
File typeASCII text, with very long lines (1325) Hashbd79aee5e714690177eaf1571a35e4f6 2872d3951402a3999ae27e346baa0093706e62a1 41fda8947ceb528dc95c7b699f40eba08e6af34b815e4e562d309a5c154babf8
POST /analytics/visitorTime/Ynfdryoewia4 HTTP/1.1
Host: app.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 178
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:08 GMT
content-type: text/html; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://leads.go-afs.com
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75af0aa76a720b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d1aettbyeyfilo.cloudfront.net/goafs/24536567_1638813972DmQAFS_Logo.webp | 54.230.245.37 | 200 OK | 22 kB |
URL HTTP/2d1aettbyeyfilo.cloudfront.net/goafs/24536567_1638813972DmQAFS_Logo.webp IP54.230.245.37:0
File typeRIFF (little-endian) data, Web/P image\012- data Hashe08974c55f2b4a9ca755de824797dc29 3fb5feb96f776dbb886d6a91bc400975388f85c0 9ba57b3ad94d3a3213c04cbe092bd2d7d86f7cc513e6b170bb680ab290c9d28e
GET /goafs/24536567_1638813972DmQAFS_Logo.webp HTTP/1.1
Host: d1aettbyeyfilo.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 22326
date: Sat, 15 Oct 2022 07:09:20 GMT
last-modified: Mon, 06 Dec 2021 18:06:16 GMT
etag: "e08974c55f2b4a9ca755de824797dc29"
cache-control: public, max-age=31536000
x-amz-version-id: tC0H6qI8GJs.sXgRbDDs.wmC7fAFxq9t
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LUCSHJ218YmeOYT5ZNCY_RjaUdx4C6djohT8jX28ybtYI48PjoFZmw==
age: 87169
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4f05f7d85c5d7c2aa09651804f80a019 cd118fbc41657bfdf0fcfb9e3a4a2813f3b08e5b 76a6c1ae0a435403ac10b6478f029bb8b871dbdcc2a2c7e3e97b56982a9767e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-128791235-2&cid=1520921768.1665904930&jid=1444134113&gjid=717772589&_gid=1264037728.1665904931&_u=YADAAEAAAAAAACAAI~&z=1146978453 | 173.194.73.156 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-128791235-2&cid=1520921768.1665904930&jid=1444134113&gjid=717772589&_gid=1264037728.1665904931&_u=YADAAEAAAAAAACAAI~&z=1146978453 IP173.194.73.156:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-128791235-2&cid=1520921768.1665904930&jid=1444134113&gjid=717772589&_gid=1264037728.1665904931&_u=YADAAEAAAAAAACAAI~&z=1146978453 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://leads.go-afs.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 16 Oct 2022 07:22:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4f05f7d85c5d7c2aa09651804f80a019 cd118fbc41657bfdf0fcfb9e3a4a2813f3b08e5b 76a6c1ae0a435403ac10b6478f029bb8b871dbdcc2a2c7e3e97b56982a9767e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hash35cdbcf4cd59b1134e4b1f5644c79c99 b5ea178a609364567e775a101329c3ec357ab71a 7ca1672f50aa704a20b3aed6b159def13e2f46f4d781bfee2c3e0fa5b722ad1d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141723
Date: Sun, 16 Oct 2022 07:22:08 GMT
Etag: "634b1e35-1d7"
Expires: Mon, 17 Oct 2022 22:44:11 GMT
Last-Modified: Sat, 15 Oct 2022 20:55:17 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J3lLljmzqwDk1cvGxAynm9VUTaHBBy_O1ZepxwRz5KjDX3ddnz06Dg==
Age: 6534
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash695cea3df950db7392b70395df1d8b05 b7fe7c9dd9f38fd23ad37dd92b9085f35a6fe823 4bad472e725699f54c9983fe6cb3ce0783b831ea2877b1a22f80197b953cfaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash231a5834edd086a67640c2c0cc18c55c 3427d0baffebad62c95754da193be354ca2b270c 2533d2d520b731b0073fcd224375cdd6dc2fde77908f93dcb0c659ec6dc7501b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.clarity.ms/eus2/s/0.6.42/clarity.js | 13.107.246.53 | 200 OK | 23 kB |
URL HTTP/2www.clarity.ms/eus2/s/0.6.42/clarity.js IP13.107.246.53:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
File typeUnicode text, UTF-8 text, with very long lines (54141) Hash664e2ed8299397c0996255f6e14b3aa4 537fcec373b5123ac8f4bbcba38a3c93e0f7d3a6 e4421f29faebfb7939e60170d91a826302a320a0bb68f5d7eac36a5141cf11b9
GET /eus2/s/0.6.42/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8de484d1af7d4"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0ILFLYwAAAAAWYZX8Hp1lQYwr99HNm+3aU1ZHMjBFREdFMDYxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 16 Oct 2022 07:22:07 GMT
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-128791235-2&cid=1520921768.1665904930&jid=1444134113&_u=YADAAEAAAAAAACAAI~&z=58440284 | 142.250.74.164 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-128791235-2&cid=1520921768.1665904930&jid=1444134113&_u=YADAAEAAAAAAACAAI~&z=58440284 IP142.250.74.164:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-128791235-2&cid=1520921768.1665904930&jid=1444134113&_u=YADAAEAAAAAAACAAI~&z=58440284 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 16 Oct 2022 07:22:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash695cea3df950db7392b70395df1d8b05 b7fe7c9dd9f38fd23ad37dd92b9085f35a6fe823 4bad472e725699f54c9983fe6cb3ce0783b831ea2877b1a22f80197b953cfaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 07:22:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| leads.go-afs.com/cdn-cgi/rum? | 104.17.210.37 | 200 OK | 491 B |
URL HTTP/2leads.go-afs.com/cdn-cgi/rum? IP104.17.210.37:0
Hash31cb7127c929ff0331ec278ee0096984 07e55f40fd67936116b81f57b6b1021f7832e222 7441754f11c93f8b68ab99f3eebd93f1cefb4101b332855c30a23a063b0a6854
POST /cdn-cgi/rum? HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 8808
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31&r_done=1
Cookie: kartra_visited=42734b9cd53c85e56c54a7410dc1efc60797b7cb; _gcl_au=1.1.1762216975.1665904930; _ga_9QVVWF40FE=GS1.1.1665904930.1.0.1665904930.0.0.0; _ga=GA1.2.1520921768.1665904930; _gid=GA1.2.1264037728.1665904931; _gat_UA-128791235-2=1; _clck=1eeqq41|1|f5r|0; kartrapage_popwindow%2FsGy79=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:08 GMT
content-type: text/plain
access-control-allow-origin: https://leads.go-afs.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 75af0aab7ac5b523-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kartrausers.s3.amazonaws.com/goafs/24537376_61ae59b50df84_AFS_Graphic.png | 52.217.45.196 | 200 OK | 3.3 kB |
URL HTTP/1.1kartrausers.s3.amazonaws.com/goafs/24537376_61ae59b50df84_AFS_Graphic.png IP52.217.45.196:0
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data Hashe94f01ab3429d0064271dad9b7ec1f1c 97525af680c1aefbc7cae2126978237af040b5a8 b56863dc2c1b0cec6aa525cea307cb56813fa04d8362b73075048ead10bd7552
GET /goafs/24537376_61ae59b50df84_AFS_Graphic.png HTTP/1.1
Host: kartrausers.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: XjHoiocCcjsexKk0Bn+KPmmaKb5gRD5UZJ1nb5ZMnVzJrK2f/q4Qjyfg6XS9/mKWa6yjNyxR2po=
x-amz-request-id: CYW1Y8Y0Q7Z9RMCP
Date: Sun, 16 Oct 2022 07:22:09 GMT
Last-Modified: Mon, 06 Dec 2021 18:43:02 GMT
ETag: "e94f01ab3429d0064271dad9b7ec1f1c"
Cache-Control: public, max-age=31536000
x-amz-version-id: BzvY2kcUvcrB3uVlymOhQJP5Mu3HLnAD
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 3306
|
|
| c.clarity.ms/c.gif | 20.234.93.27 | 302 Found | 0 B |
IP20.234.93.27:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&RedC=c.clarity.ms&MXFR=19DAD4063340652C1848C63937406BEB
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=19DAD4063340652C1848C63937406BEB; domain=.clarity.ms; expires=Fri, 10-Nov-2023 07:22:08 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 16 Oct 2022 07:22:07 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.bing.com/c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&RedC=c.clarity.ms&MXFR=19DAD4063340652C1848C63937406BEB | 204.79.197.200 | 302 Found | 0 B |
URL HTTP/2c.bing.com/c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&RedC=c.clarity.ms&MXFR=19DAD4063340652C1848C63937406BEB IP204.79.197.200:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&RedC=c.clarity.ms&MXFR=19DAD4063340652C1848C63937406BEB HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leads.go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&MUID=19C0EE1DC140658119DBFC22C0176411
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=19C0EE1DC140658119DBFC22C0176411; domain=c.bing.com; expires=Fri, 10-Nov-2023 07:22:08 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A22ABE80A5C4342A5FE107322B1F6D6 Ref B: OSL30EDGE0412 Ref C: 2022-10-16T07:22:08Z
date: Sun, 16 Oct 2022 07:22:08 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| c.clarity.ms/c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&MUID=19C0EE1DC140658119DBFC22C0176411 | 20.234.93.27 | 200 OK | 42 B |
URL HTTP/2c.clarity.ms/c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&MUID=19C0EE1DC140658119DBFC22C0176411 IP20.234.93.27:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeGIF image data, version 89a, 1 x 1\012- data Hash32023bb33cfb2a1990a4ef2d85b6ac16 23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=AF936F3F0F6A4E0990F078EF895A31EF&MUID=19C0EE1DC140658119DBFC22C0176411 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leads.go-afs.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 16-Oct-2022 07:32:08 GMT; path=/; SameSite=None; Secure;
date: Sun, 16 Oct 2022 07:22:08 GMT
content-length: 42
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.195 | 200 OK | 24 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 17:10:21 GMT
expires: Wed, 11 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 396707
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| b.clarity.ms/collect | 20.75.32.255 | 204 No Content | 0 B |
IP20.75.32.255:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12819
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://leads.go-afs.com
access-control-allow-credentials: true
date: Sun, 16 Oct 2022 07:22:08 GMT
X-Firefox-Spdy: h2
|
|
| app.kartra.com/analytics/track/Agq61PWk?kartra_page_tracking[]=Ynfdryoewia4&device=desktop | 104.17.209.37 | 200 OK | 116 B |
URL HTTP/2app.kartra.com/analytics/track/Agq61PWk?kartra_page_tracking[]=Ynfdryoewia4&device=desktop IP104.17.209.37:0
File typePNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data Hashec6aae2bb7d8781226ea61adca8f0586 d82b3bad240f263c1b887c7c0cc4c2ff0e86dfe3 b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
GET /analytics/track/Agq61PWk?kartra_page_tracking[]=Ynfdryoewia4&device=desktop HTTP/1.1
Host: app.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:09 GMT
content-type: image/png
set-cookie: tracking_210877=%7B%22lead_id%22%3A0%2C%22device%22%3A%22desktop%22%2C%22type%22%3A%22kp%22%2C%22link_id%22%3A%22%22%2C%22sources%22%3A%7B%22pages%22%3A79%7D%2C%22goals_triggered%22%3A%5B%5D%2C%22tracking_links%22%3A%5B%5D%2C%22tracking_link_unique_ids%22%3A%5B%5D%2C%22video_tags%22%3A%5B%5D%2C%22tracking_tags%22%3A%5B%5D%2C%22videos_played%22%3A%5B%5D%2C%22videos_completed%22%3A%5B%5D%2C%22videos_cta%22%3A%5B%5D%2C%22video_visit%22%3A%5B%5D%2C%22videopage%22%3A%5B%5D%2C%22checkouts%22%3A%5B%5D%2C%22optins%22%3A%5B%5D%2C%22calendars%22%3A%5B%5D%2C%22surveys%22%3A%5B%5D%2C%22last_page_visited%22%3A%7B%22type%22%3A%22kartra_page%22%2C%22page_id%22%3A79%7D%2C%22pages_visited%22%3A%7B%22kartra_pages%22%3A%7B%2279%22%3A%7B%22id%22%3A17712%2C%22time%22%3A1665904929%7D%7D%2C%22external_pages%22%3A%5B%5D%7D%7D; expires=Wed, 19-Oct-2022 07:22:09 GMT; Max-Age=259200; path=/; domain=.kartra.com; secure; HttpOnly; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75af0ab1ae8e0b4d-OSL
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 | 172.64.156.26 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP172.64.156.26:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leads.go-afs.com
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:07 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75af0aa2791d0afa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,900,900i|Open+Sans+Condensed:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Spectral:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,900,900i|Open+Sans+Condensed:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Spectral:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap IP142.250.74.10:0
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,900,900i|Open+Sans+Condensed:300,300i,400,400i,600,600i,700,700i,900,900i|Roboto:300,300i,400,400i,600,600i,700,700i,900,900i|Lato:300,300i,400,400i,600,600i,700,700i,900,900i|Spectral:300,300i,400,400i,600,600i,700,700i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 07:22:07 GMT
date: Sun, 16 Oct 2022 07:22:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| app.kartra.com/resources/js/analytics/Agq61PWk | 104.17.209.37 | 200 OK | 0 B |
URL HTTP/2app.kartra.com/resources/js/analytics/Agq61PWk IP104.17.209.37:0
GET /resources/js/analytics/Agq61PWk HTTP/1.1
Host: app.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:07 GMT
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75af0aa26c780b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2 | 13.107.246.53 | 200 OK | 0 B |
URL HTTP/2www.clarity.ms/tag/9jl1qyl5kp?ref=gtm2 IP13.107.246.53:0 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /tag/9jl1qyl5kp?ref=gtm2 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=43028d43c70c40f9805d3295d450840c.20221016.20231016; expires=Mon, 16 Oct 2023 07:22:08 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-cache: CONFIG_NOCACHE
x-azure-ref: 0ILFLYwAAAAB0TzQRrbD6QaUWhIMeVc3kU1ZHMjBFREdFMDYxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Sun, 16 Oct 2022 07:22:07 GMT
X-Firefox-Spdy: h2
|
|
| leads.go-afs.com/js/build/front/pages/skeleton-immediate.js | 104.17.210.37 | 200 OK | 0 B |
URL HTTP/2leads.go-afs.com/js/build/front/pages/skeleton-immediate.js IP104.17.210.37:0
GET /js/build/front/pages/skeleton-immediate.js HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31&r_done=1
Cookie: kartra_visited=42734b9cd53c85e56c54a7410dc1efc60797b7cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 09:43:17 GMT
etag: W/"620cc735-1c52"
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
expires: Sun, 16 Oct 2022 07:27:07 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
server: cloudflare
cf-ray: 75af0aa21da2b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| app.kartra.com/resources/js/kartra_embed_wild_card?type=kartra_page&owner=Agq61PWk | 104.17.209.37 | 200 OK | 0 B |
URL HTTP/2app.kartra.com/resources/js/kartra_embed_wild_card?type=kartra_page&owner=Agq61PWk IP104.17.209.37:0
GET /resources/js/kartra_embed_wild_card?type=kartra_page&owner=Agq61PWk HTTP/1.1
Host: app.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:07 GMT
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75af0aa26c710b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| app.kartra.com/css/new/css/pages/font-awesome.css | 104.17.209.37 | 200 OK | 0 B |
URL HTTP/2app.kartra.com/css/new/css/pages/font-awesome.css IP104.17.209.37:0
GET /css/new/css/pages/font-awesome.css HTTP/1.1
Host: app.kartra.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=29915
etag: W/"620e0412-74db"
last-modified: Thu, 17 Feb 2022 08:15:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 3478
expires: Sun, 16 Oct 2022 07:27:07 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
server: cloudflare
cf-ray: 75af0aa24c3e0b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31&r_done=1 | 104.17.210.37 | 200 OK | 0 B |
URL HTTP/2leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31&r_done=1 IP104.17.210.37:0
GET /sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31&r_done=1 HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: kartra_visited=42734b9cd53c85e56c54a7410dc1efc60797b7cb
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:06 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75af0a9fba4fb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css | 143.204.42.220 | 200 OK | 0 B |
URL HTTP/2d2uolguxr56s4e.cloudfront.net/internal/pages/css/kartra_components.css IP143.204.42.220:0
GET /internal/pages/css/kartra_components.css HTTP/1.1
Host: d2uolguxr56s4e.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 11 Oct 2022 14:00:27 GMT
x-amz-version-id: g8oH1mnZrphv595Pjz8_uxhaSwWbh3m6
server: AmazonS3
content-encoding: gzip
date: Sat, 15 Oct 2022 12:07:14 GMT
etag: W/"e448ed7e4cd7822627f1bad6a957c5e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GbNb6fHLXD5_i4-paQavJO3LVjXZGlnO_nhDcxliwy-a0_SaHz13JA==
age: 69398
X-Firefox-Spdy: h2
|
|
| leads.go-afs.com/js/build/front/pages/skeleton-above.js | 104.17.210.37 | 200 OK | 0 B |
URL HTTP/2leads.go-afs.com/js/build/front/pages/skeleton-above.js IP104.17.210.37:0
GET /js/build/front/pages/skeleton-above.js HTTP/1.1
Host: leads.go-afs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leads.go-afs.com/sGy79?msID=5e784cf0-83f1-40bc-a1d9-044ebee4ac31&r_done=1
Cookie: kartra_visited=42734b9cd53c85e56c54a7410dc1efc60797b7cb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 07:22:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 01 Aug 2022 12:21:08 GMT
etag: W/"62e7c534-2d68c"
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: MISS
expires: Sun, 16 Oct 2022 07:27:07 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
server: cloudflare
cf-ray: 75af0aa21d9fb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|