r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Thu, 24 Nov 2022 07:02:02 GMT
Date: Thu, 24 Nov 2022 05:50:42 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:42 GMT
Last-Modified: Thu, 24 Nov 2022 04:20:58 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 05:18:56 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1906
alt-svc: clear
X-Firefox-Spdy: h2
fondlink.fond.co/ls/click?upn=dxcsLPn-2BPJghqstrxQR9L0MpN9H0tHaWu1Rg5VRqY0LTe5-2BP07kM3e9TaQXQH-2BiKAdH2L5mMChfFJtQqhzJUmOr3kzW-2BBeQJ2Ra8Id-2Bv9DebwyjMZV-2B1AUKHp39WcHFUbeJCOlghy6vEgEkVbBp9TG6aDypqo6VezwHsKevimJk-3DMUwo_tRSoNy6DHIKtyCaruBpIsPl4R-2Ffia-2FNLAp1hecF5WjiIerJ9pzD2GmCJaXbgVcPFVoLbCxfbiRMrCEdaaiv5erySitLEMGo3X68PUPXmgiLoCw6xCD-2BYkj0XUr-2BmKZPUmnLWUzBR1XghQeIXk-2B4bG7I-2Fvm0-2BVCHkKHXGW0sUZSeNvw-2Fxfn1zWoCIZy-2FCJl69vTKTfx7xdLkuu63Kv-2Fue98HauQmwDB2p4kyERLx57g7RMtKxNN6f2NpReNoyGH-2BUoJjxyyaBgh5v42sc4XY88SNjDogGhWsb1FSX0BEdwBYpLDCSC3PK0oWPBZ4ge8nuFHU87UZqLC52HX6-2B21rCsIWy-2FCnXnDCORIHJpjt7cHb6szmY2D5dwl4xKBXT8g7NcqDXFgFoPCZFnSls0Eb3RBqGROdwGpkcDn4ikrSL5O8-3D
302 Found 145 B URL HTTP/1.1 fondlink.fond.co/ls/click?upn=dxcsLPn-2BPJghqstrxQR9L0MpN9H0tHaWu1Rg5VRqY0LTe5-2BP07kM3e9TaQXQH-2BiKAdH2L5mMChfFJtQqhzJUmOr3kzW-2BBeQJ2Ra8Id-2Bv9DebwyjMZV-2B1AUKHp39WcHFUbeJCOlghy6vEgEkVbBp9TG6aDypqo6VezwHsKevimJk-3DMUwo_tRSoNy6DHIKtyCaruBpIsPl4R-2Ffia-2FNLAp1hecF5WjiIerJ9pzD2GmCJaXbgVcPFVoLbCxfbiRMrCEdaaiv5erySitLEMGo3X68PUPXmgiLoCw6xCD-2BYkj0XUr-2BmKZPUmnLWUzBR1XghQeIXk-2B4bG7I-2Fvm0-2BVCHkKHXGW0sUZSeNvw-2Fxfn1zWoCIZy-2FCJl69vTKTfx7xdLkuu63Kv-2Fue98HauQmwDB2p4kyERLx57g7RMtKxNN6f2NpReNoyGH-2BUoJjxyyaBgh5v42sc4XY88SNjDogGhWsb1FSX0BEdwBYpLDCSC3PK0oWPBZ4ge8nuFHU87UZqLC52HX6-2B21rCsIWy-2FCnXnDCORIHJpjt7cHb6szmY2D5dwl4xKBXT8g7NcqDXFgFoPCZFnSls0Eb3RBqGROdwGpkcDn4ikrSL5O8-3D
IP
File type HTML document, ASCII text
Hash 1c559ab308f95d72f326a7c0a5cdc5e0
45bb41ac0abbb971764546ff79165294bc9f4608
e6c492850b0fd35a05c93d89b21826487f8f4421512198b90f82dea6ac6d7402
GET /ls/click?upn=dxcsLPn-2BPJghqstrxQR9L0MpN9H0tHaWu1Rg5VRqY0LTe5-2BP07kM3e9TaQXQH-2BiKAdH2L5mMChfFJtQqhzJUmOr3kzW-2BBeQJ2Ra8Id-2Bv9DebwyjMZV-2B1AUKHp39WcHFUbeJCOlghy6vEgEkVbBp9TG6aDypqo6VezwHsKevimJk-3DMUwo_tRSoNy6DHIKtyCaruBpIsPl4R-2Ffia-2FNLAp1hecF5WjiIerJ9pzD2GmCJaXbgVcPFVoLbCxfbiRMrCEdaaiv5erySitLEMGo3X68PUPXmgiLoCw6xCD-2BYkj0XUr-2BmKZPUmnLWUzBR1XghQeIXk-2B4bG7I-2Fvm0-2BVCHkKHXGW0sUZSeNvw-2Fxfn1zWoCIZy-2FCJl69vTKTfx7xdLkuu63Kv-2Fue98HauQmwDB2p4kyERLx57g7RMtKxNN6f2NpReNoyGH-2BUoJjxyyaBgh5v42sc4XY88SNjDogGhWsb1FSX0BEdwBYpLDCSC3PK0oWPBZ4ge8nuFHU87UZqLC52HX6-2B21rCsIWy-2FCnXnDCORIHJpjt7cHb6szmY2D5dwl4xKBXT8g7NcqDXFgFoPCZFnSls0Eb3RBqGROdwGpkcDn4ikrSL5O8-3D HTTP/1.1
Host: fondlink.fond.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 24 Nov 2022 05:50:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 145
Connection: keep-alive
Location: https://fond.app.link/683C4x6xSjb?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals
X-Robots-Tag: noindex, nofollow
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5037
Expires: Thu, 24 Nov 2022 07:14:39 GMT
Date: Thu, 24 Nov 2022 05:50:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uK8wp0XF9QCvcMsE3O3JbYPWKBYj6yeHIXEXZ1vDcBAJRpzMgZiqk2sv4oOa2a+960HSeQyOusg=
x-amz-request-id: 9AE9KAWD2MC6R9VV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 05:43:17 GMT
age: 445
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:50:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 05:08:53 GMT
cache-control: public,max-age=3600
age: 2509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3940
Cache-Control: max-age=102111
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:42 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:12:33 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
fond.app.link/683C4x6xSjb?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals
307 Temporary Redirect 398 B URL HTTP/2 fond.app.link/683C4x6xSjb?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (398), with no line terminators
Hash 150131de0a7e7ac1afb8122bd7e9ed98
85400c127a25ea3a9559bfe18e7bc843e883dd0e
8291ce0cd7f6bb23e09fd32d4caa8c519a31dfb98605c0fe9f213dee35907f60
GET /683C4x6xSjb?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22+Black+Friday+Deals HTTP/1.1
Host: fond.app.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
location: http://fond.co/perks/1185?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA
server: openresty
date: Thu, 24 Nov 2022 05:50:42 GMT
set-cookie: _s=%2F31SILt7P19jZ7KS8kYPQ1uvv6lIK49jS2sQqA846IjvTr%2Fva2wjaW9hs%2FuemTYW; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Fri, 24 Nov 2023 05:50:42 GMT; Secure
last-modified: Thu, 24 Nov 2022 05:50:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YwcbynikB6x8A3ibMkZF1849sXhkUif3UbLqTs-yPZAKttLvbmT3Yw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TqC7mztyHcIk+k4JxPyELg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3GK5WU5ahLpL4vDL8ROb68C9V4U=
ocsp.sectigo.com/
200 OK 472 B IP
Hash 84d0dc0cddfc1dbfdc07dac3caab559c
7ba2af972d8803f1eadfa668079e685571dc26f0
e1d4c6e19d2bbaa1ad28dcb04b0be2fe29a55f7fac17d04e2c4842967cd832e3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:50:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 17:22:12 GMT
Expires: Wed, 30 Nov 2022 17:22:11 GMT
Etag: "7ba2af972d8803f1eadfa668079e685571dc26f0"
Cache-Control: max-age=559287,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efde603f93b512-OSL
fond.co/perks/1185?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA
200 OK 15 kB URL HTTP/1.1 fond.co/perks/1185?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24290)
Hash 39f8ba6375331187715699b7227ffc2e
e3cd1b18288ef1d6231cc6fa5fa2f9901b07dd20
0237634c3611cd3502b60d76408702d7f81f3648f9f5a83adc38ac92e3073089
GET /perks/1185?utm_source=fond.co&utm_medium=email&utm_campaign=11%2F23%2F22%20Black%20Friday%20Deals&_branch_match_id=1062369509546216292&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA HTTP/1.1
Host: fond.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Nov 2022 05:50:43 GMT
ETag: W/"dd9b29e618e6df4f0cfea99bc6664628"
Link: <//d2ozb2dzx6fukc.cloudfront.net/assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css>; rel=preload; as=style; nopush,<//d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css>; rel=preload; as=style; nopush,<//d2ozb2dzx6fukc.cloudfront.net/assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js>; rel=preload; as=script; nopush,<//d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js>; rel=preload; as=script; nopush
Server: nginx
Set-Cookie: _anpk_session=831a42bbbaa7218d5ccd39e76d26d9ef; domain=.fond.co; path=/; secure; HttpOnly; SameSite=Lax
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 709c21ef-ba71-46bf-973f-78e5e59fb727
X-Runtime: 0.050847
X-UA-Compatible: IE=Edge,chrome=1
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked
Connection: keep-alive
d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css
200 OK 792 B URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css
IP
File type ASCII text, with very long lines (2291)
Hash a958c4b428470cdf6985863bd751fc6f
e13c4dd1db2cf2b0e7704626e7ce972febd2f461
7cb0ee71dde190b9269b845d70ef46575553121043137f5392c891da710b9bef
GET /assets/jquery.sidr.light-1aa3ba6d1caca8231b2149020173d828d95adc51fe7f34f04fdc7029dffcb406.css HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 792
content-encoding: gzip
last-modified: Tue, 18 Jul 2017 00:48:20 GMT
server: nginx
date: Wed, 23 Nov 2022 11:14:41 GMT
etag: W/"596d5ad4-8f4"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 75AmuyIdTgurpBVdXjy1j99NZCvcq5GLx1uGNtfExOY1ZbhR8dShdA==
age: 66962
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js
200 OK 202 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js
IP
File type C source, ASCII text, with very long lines (32750)
Size 202 kB (201829 bytes)
Hash 9dab4f3802f816bf4ef6967c1ac49d71
a1becab723d413f81a9995755aef587f84fd4b43
b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c
GET /assets/application-b762e7f388427acef2be2f83170435f0ce28bd500365f62e95848a7a70f4c06c.js HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 201829
accept-ranges: bytes
last-modified: Thu, 11 Aug 2022 23:01:57 GMT
server: nginx
date: Thu, 24 Nov 2022 05:50:43 GMT
etag: "62f58a65-31465"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cp2t1XlufBNpnwLaNaWHTVS6XUgn0md2rsgCLiGg5BZtBreYTVaWfw==
age: 79675
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2987
Cache-Control: max-age=159510
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:43 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 02:09:13 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js
200 OK 3.6 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js
IP
File type ASCII text, with very long lines (3520)
Hash 966337129ea0ba0935195597b0e5c5d6
56410a8b946ec5949d6357801766808e0ac2790e
da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69
GET /assets/jquery.sidr.min-da75d251d249389ca41a8b6e8611f89cc18ed7d79e28096a820ed462b1b9af69.js HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3641
accept-ranges: bytes
last-modified: Tue, 18 Jul 2017 00:48:20 GMT
server: nginx
date: Thu, 24 Nov 2022 05:50:43 GMT
etag: "596d5ad4-e39"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nkwKNYspOHy5hI2s537-EO6ZMCuDfM_JtOB9HxGCIbzETArawAw7Pg==
age: 71287
X-Firefox-Spdy: h2
cdn.optimizely.com/js/288518099.js
200 OK 64 kB URL HTTP/2 cdn.optimizely.com/js/288518099.js
IP
File type ASCII text, with very long lines (723)
Hash d242752c29c1140a1230958dcdec79cd
ec180fa14f301144520d8cc8d9df1507e7ad21b7
827c6d5d3642e985be446f0f7cc9bbd9dd3ad0f374136a8296d0d2e613df1b16
GET /js/288518099.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oRvO6ZwXkurRRJd6PaNPP38aoGvhfkFlr+3QRPMT4Xv/xVFvgAbAKq2NNV/v9cyRnmWC4pAHfxo=
x-amz-request-id: KV4JVG604ZP6Z97X
last-modified: Wed, 31 May 2017 16:49:58 GMT
etag: "d242752c29c1140a1230958dcdec79cd"
x-amz-meta-revision: 419
content-encoding: gzip
x-amz-version-id: J..LoSndXXLEVdxpmcMRUtdT4KTDVcvv
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 63916
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 24 Nov 2022 05:50:43 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="3";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash e82bac439b4e05b63bd8049769218cb8
fe8c2994c00b1d8c6212d9a7006ff58498375575
5b905305e33eb7e21beb21216242ed0af8a4288b3a36c6aa278755244e57c373
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2987
Cache-Control: max-age=159510
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:43 GMT
Etag: "637ec69e-1d7"
Expires: Sat, 26 Nov 2022 02:09:13 GMT
Last-Modified: Thu, 24 Nov 2022 01:19:26 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 55bc30743496fc60ba35a242c2d2f0a8
5119b5b017f39b3379556534f2ca4e3cedd4fa3b
0addb4cc5a85506efa7c0f820e1ebcb1383bf4d4cd53f895df54a402b196959c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.stripe.com/v3/
200 OK 98 kB IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 33ce25622a9174df5e500c4eaaa59025
6320c6bbbf3bb0fdb24c2d89429801de0f3f0cf3
0d2a1bcc296db5f01716d984140fc99a1da76591562adc3580355654c7dfb255
GET /v3/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 04:22:35 GMT
etag: "0811280c436e51c657484d591864732e"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:50:43 GMT
via: 1.1 varnish
age: 12
x-request-id: e2818331-f914-46a5-b559-5ed5f2a6cef9
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 97906
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion.js
200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP
File type ASCII text, with very long lines (2772)
Hash ac7574cbc5b2e85b7ddfa76b8657e59d
2bbeec5531576d6352b1c2b74e0e05c1ea10251d
bdf1e52afba9d671ea698707f97e8609de6360c502dc7b6eed2f40f979e08387
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:50:43 GMT
expires: Thu, 24 Nov 2022 05:50:43 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16359567893097152046
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-24269933-12
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-24269933-12
IP
File type ASCII text, with very long lines (1921)
Hash 95533d0f692e92a4c0693a70452a0ee1
c1e58b9358af701e38b4d0353b7e40a60f1ef4f2
d2fea6f585bb83f4d3d929c98247abddae924ef80c0963934a50948f61a5e161
GET /gtag/js?id=UA-24269933-12 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:50:43 GMT
expires: Thu, 24 Nov 2022 05:50:43 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43617
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NBWWFKS
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NBWWFKS
IP
File type ASCII text, with very long lines (1921)
Hash 9283db7d75e0a52d8d22c908bb408a51
4a69250046bdbb8d3f6aeb7d71091736b85f4be8
22c3fc7b0f7226ec51b92b213dd5efed8e4a7271494eb34868daf53ec396bd1c
GET /gtm.js?id=GTM-NBWWFKS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 05:50:43 GMT
expires: Thu, 24 Nov 2022 05:50:43 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05681a05de8df6e408ae41032401b73f
f4824b4863e26866b10cd45a8cb422c339997035
97ab2238b53d233622081c75f7c60621eea9ae85c19c7ae958cfdbd685f39ebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2ozb2dzx6fukc.cloudfront.net/assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css
200 OK 23 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash db4d4622d7cbffde0461ac6169b9438b
81e6a1c5f2600265778c674bdaec33846ddb1a7c
820aaf2b2fdc0e1530f6887b203cc395c08a1f7c3055f495681695da68f2748e
GET /assets/application-c2af7fc8ddd7b6836559458c149e875c2cc86dfbf148d7e66f16c692c5478eef.css HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fond.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 06 Oct 2022 22:05:22 GMT
server: nginx
date: Wed, 23 Nov 2022 10:45:46 GMT
etag: W/"633f5122-1b166"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AYwKTf4RR0HKXsYYODgHNvDLwqNO-qjFiLiw1yMvEBZK3PMIVw3Mcg==
age: 68697
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/fonts/GT-Walsheim-Pro-Regular-6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7.woff
200 OK 118 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/fonts/GT-Walsheim-Pro-Regular-6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7.woff
IP
File type Web Open Font Format, TrueType, length 117680, version 1.0\012- data
Size 118 kB (117680 bytes)
Hash a3db5049b9e83b55d319b954063b65c3
d411d70b0d817d4a0fe0f3dad20ff9634105ce3a
6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7
GET /assets/fonts/GT-Walsheim-Pro-Regular-6c858dcf2b93cfceb38af27262f0ed75f4252823ebbd4e175572ee26410c3ed7.woff HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fond.co
Connection: keep-alive
Referer: https://d2ozb2dzx6fukc.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 117680
accept-ranges: bytes
access-control-allow-origin: *
date: Wed, 23 Nov 2022 12:54:02 GMT
etag: "596d5ad4-1cbb0"
last-modified: Tue, 18 Jul 2017 00:48:20 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p09DqTU1bFRaiWroWpz1zikn5PW1zblPtBnxTKFo5gk06S7iBJFCqg==
age: 61002
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/fonts/AnyPerk-Regular-f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd.woff
200 OK 8.5 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/fonts/AnyPerk-Regular-f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd.woff
IP
File type Web Open Font Format, TrueType, length 8548, version 1.0\012- data
Hash 41b384daff555fa87116ff7ee991e33b
7e83d83d4f2690201a49ae8d76508fb4e4aefec4
f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd
GET /assets/fonts/AnyPerk-Regular-f5811349e1a65b0106a15a91912a2e347f42265428e43629950cbf09abebb6cd.woff HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fond.co
Connection: keep-alive
Referer: https://d2ozb2dzx6fukc.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/font-woff
content-length: 8548
accept-ranges: bytes
access-control-allow-origin: *
date: Wed, 23 Nov 2022 12:54:02 GMT
etag: "633f5122-2164"
last-modified: Thu, 06 Oct 2022 22:05:22 GMT
server: nginx
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -6DGVU6nFAlrpnKlvGBIctCAuXpMSJIOszBHgh04E43FZ00jDCADZg==
age: 61002
X-Firefox-Spdy: h2
js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffond.co&stripe_xdm_c=default890680&stripe_xdm_p=1
200 OK 449 B URL HTTP/2 js.stripe.com/v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffond.co&stripe_xdm_c=default890680&stripe_xdm_p=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 250041ec585b44caf68fa5da96deddb7
6181d59d0ff064f6247ceeeea57115a7047dd0c3
cb194361f8db863c735879c44ae409a928ced752d34e3dd703c47d11bf17fcb1
GET /v2/channel.html?stripe_xdm_e=https%3A%2F%2Ffond.co&stripe_xdm_c=default890680&stripe_xdm_p=1 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Oct 2021 15:24:12 GMT
etag: "19af0c6cc7a0bca20a355b3362dc64a0"
content-type: text/html; charset=utf-8
cache-control: public, max-age=300
content-security-policy: report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: default-src 'self'; connect-src https://api.stripe.com; base-uri 'none'; form-action 'none'; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-M1LJiJCn3XBCZ1erCVATqpCSJ5Yd9sUrS2npRlBZ6YE='; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:50:44 GMT
via: 1.1 varnish
age: 60
x-request-id: a0634736-9473-413a-93da-e019e3c97107
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 449
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
200 OK 122 B URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 0fb49bf445ceac1dcb1b6c5d284a57a1
8988f3ceef20a494a419e595e8d802a0dc663c7a
5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:50:44 GMT
via: 1.1 varnish
age: 899119
x-request-id: 1d8aae78-d1f3-4b9f-9f9f-72f1e246c25c
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 229055
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
200 OK 332 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP
File type ASCII text, with very long lines (526)
Hash ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:50:44 GMT
via: 1.1 varnish
age: 899118
x-request-id: 6d40567e-898f-4f27-b784-87001c4c40e2
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 198896
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2248
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:50:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2248
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:50:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2248
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:50:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2248
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:50:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2248
Expires: Thu, 24 Nov 2022 06:28:12 GMT
Date: Thu, 24 Nov 2022 05:50:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 27748
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1404c6b865808ea73ca5b2062fefecc0
c66fd3a955cd81ab93474fb1aabc4c19d5775bcc
0a92ca52eff8baa4ba43bdb29008c59bcd37c55e78ac657de25819e980ea8e96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a9a0208-d5ae-4e15-bd4d-c5c19edf354e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 215b9f9b-4941-4c13-a1d4-6fdc5b453fad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtEkIIAMF3gg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-27081b9e0dc1de6522299e4e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SFO53-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xr183esurgfu-4jjQtCS5s_np_CtltrPx48zpq-NMwZbcGnAwTxtkg==
via: 1.1 68914922a694954838e87fc9b0aa10fe.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:51:07 GMT
age: 28777
etag: "c66fd3a955cd81ab93474fb1aabc4c19d5775bcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m.stripe.network/inner.html
200 OK 527 B URL HTTP/2 m.stripe.network/inner.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:50:44 GMT
via: 1.1 varnish
age: 93
x-request-id: 039e8230-37e8-45d5-a96d-cfc71d18be84
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 19
x-timer: S1669269044.330767,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:51 GMT
age: 27833
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ac60e832454b4658f4f7f09b2c120c4
4c20adfe72d6b01777f840445d57c891230e5b32
ec1f4393eebaf1c4229fbda2524bd150191ca4067fe368e6a35ad4d65b8df59c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7327507d-2df2-4ca9-b67f-331be1f7aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8776
x-amzn-requestid: 7c511f0c-198d-44d5-bc52-29f698fca910
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvynEFBoAMFdJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9343-686e25237fb06f5031ffa88e;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5lsQ6fLfCKcIKmn8Fzl1ZkjOSUh6YTn4lH1OWKUXhQeAW0HzSv51JQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:50:57 GMT
age: 28787
etag: "4c20adfe72d6b01777f840445d57c891230e5b32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:04 GMT
age: 28900
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 28972
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d2ozb2dzx6fukc.cloudfront.net/assets/common/fond_logo-54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6.png
200 OK 2.3 kB URL HTTP/2 d2ozb2dzx6fukc.cloudfront.net/assets/common/fond_logo-54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6.png
IP
File type PNG image data, 198 x 56, 8-bit colormap, non-interlaced\012- data
Hash 57da21f7984f1c0a95d223d9cc155f95
1eed55cae2cab5f8f690e19efa831de14aee130c
54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6
GET /assets/common/fond_logo-54008f58cea2fe647e6060ebd75fe7f89e12deb42954e26fc81a5e9b67c1d2c6.png HTTP/1.1
Host: d2ozb2dzx6fukc.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2304
accept-ranges: bytes
last-modified: Tue, 16 Mar 2021 16:17:48 GMT
server: nginx
date: Thu, 24 Nov 2022 05:50:44 GMT
etag: "6050da2c-900"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v9YV2e7ibeAt2pkyKVgsjKcDUiHZmiVO01zeXarX0TW6JZPOETsmxQ==
age: 52651
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
200 OK 16 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:50:44 GMT
via: 1.1 varnish
age: 184
x-request-id: 83268a9b-811c-4ede-a8d1-e597fc2352dd
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 41
x-timer: S1669269044.381070,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 04:41:08 GMT
expires: Thu, 24 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 4176
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/981506770/?random=1669269043913&cv=9&fst=1669269043913&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&hn=www.googleadservices.com&rfmt=3&fmt=4
200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981506770/?random=1669269043913&cv=9&fst=1669269043913&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&hn=www.googleadservices.com&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2753), with no line terminators
Hash 922c28e1e381e858434dc033be788d28
cea88d584ab8a5a2be7975699d8b8640bf30dae1
69edd444d19832b49107e208ce5dfe6d39c2c5edfd7443bcce7abdc9d69d4239
GET /pagead/viewthroughconversion/981506770/?random=1669269043913&cv=9&fst=1669269043913&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:50:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1151
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 24-Nov-2022 06:05:44 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 3affd355de4cb12a78e6bdb74c2df116
214fc8d7e049b788fbd1ff583c40045040b11267
a1975d7c6b6e766136878973cfacceedd4eca11babfd32721a3e21b3dab03073
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 05:50:44 GMT
Last-Modified: Thu, 24 Nov 2022 04:17:47 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: emjWnQi5JTJej-0a84qduk4D5M94E3zhsXMvAxZY6gh6BpSAGLep4Q==
Age: 5577
fond.co/favicon.ico
200 OK 1.1 kB IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 34086811a61068665340083a7e840f07
097b7481cf0cce70af3983fa0d5cd8f3c12d1eed
c77cdf40319854a61306398d90e8592fc717a7230ceca67e2e343a9278db71ae
GET /favicon.ico HTTP/1.1
Host: fond.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Cookie: _anpk_session=831a42bbbaa7218d5ccd39e76d26d9ef; optimizelyEndUserId=oeu1669269043808r0.9152050123631799; optimizelySegments=%7B%22288737912%22%3A%22ff%22%2C%22288767519%22%3A%22false%22%2C%22288801161%22%3A%22campaign%22%7D; optimizelyBuckets=%7B%7D; optimizelyPendingLogEvents=%5B%5D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/x-icon
Date: Thu, 24 Nov 2022 05:50:44 GMT
ETag: "58e599af-451"
Last-Modified: Thu, 06 Apr 2017 01:28:15 GMT
Server: nginx
Content-Length: 1105
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d17yvb56124x4l.cloudfront.net/perks/images/1185/original.jpg?1665967942
200 OK 1 B URL HTTP/2 d17yvb56124x4l.cloudfront.net/perks/images/1185/original.jpg?1665967942
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /perks/images/1185/original.jpg?1665967942 HTTP/1.1
Host: d17yvb56124x4l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 127669
last-modified: Mon, 17 Oct 2022 00:52:23 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 24 Nov 2022 05:50:44 GMT
etag: "31d3fdcfc8697bb29c77372b25f950d6"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ld7xZVvFiBa-Clslg6z4dJNvODi2hSSQacKr8hgGgbJLzdM9g1Z6Ug==
age: 4404
X-Firefox-Spdy: h2
d1ikbwk92wlcol.cloudfront.net/production1/home.js?20221122221529
200 OK 1.1 MB URL HTTP/1.1 d1ikbwk92wlcol.cloudfront.net/production1/home.js?20221122221529
IP
File type Unicode text, UTF-8 text, with very long lines (54639)
Size 1.1 MB (1065653 bytes)
Hash 42654b562371c884a923ad01570fb242
57b3426b560cba8ccfb2fd721777ac90c7791b4a
17d4ce85d476c18348c50717ec6e38f04e263a2992fc242be7462959d03cb580
GET /production1/home.js?20221122221529 HTTP/1.1
Host: d1ikbwk92wlcol.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Content-Length: 1065653
Connection: keep-alive
Date: Tue, 22 Nov 2022 22:23:30 GMT
Last-Modified: Tue, 22 Nov 2022 22:14:14 GMT
ETag: "42654b562371c884a923ad01570fb242"
Cache-Control: max-age=315360000, no-transform, public
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MJE7RnvEyeHDmzmLUkJO_M_E_OHVxM4SNl1l51GbM34fTfN9IrAxFw==
Age: 113235
go.toutapp.com/site/emmpd57j9c?title=Lenovo%20on%20Fond&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA
200 OK 0 B URL HTTP/2 go.toutapp.com/site/emmpd57j9c?title=Lenovo%20on%20Fond&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/emmpd57j9c?title=Lenovo%20on%20Fond&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA HTTP/1.1
Host: go.toutapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 05:50:44 GMT
content-type: text/javascript;charset=utf-8
content-length: 0
status: 200 OK
x-ua-compatible: IE=Edge,chrome=1
x-request-id: 3166a5c10d1d0b456c363564c61abb1c
set-cookie: linker_guid=1bb92149-171f-4a44-9d2c-5aee3849713b; domain=.toutapp.com; path=/; expires=Wed, 24-Nov-2027 10:54:34 GMT
cache-control: no-cache
x-rack-cache: miss
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/981506770/?random=1669269043913&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&fmt=3&is_vtc=1&random=3884471622&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/981506770/?random=1669269043913&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&fmt=3&is_vtc=1&random=3884471622&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981506770/?random=1669269043913&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&fmt=3&is_vtc=1&random=3884471622&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:50:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/981506770/?random=1669269043913&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&fmt=3&is_vtc=1&random=3884471622&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/981506770/?random=1669269043913&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&fmt=3&is_vtc=1&random=3884471622&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981506770/?random=1669269043913&cv=9&fst=1669266000000&num=1&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Ffond.co%2Fperks%2F1185%3Futm_source%3Dfond.co%26utm_medium%3Demail%26utm_campaign%3D11%252F23%252F22%2520Black%2520Friday%2520Deals%26_branch_match_id%3D1062369509546216292%26_branch_referrer%3DH4sIAAAAAAAAA8soKSkottLXT8vPS9FLLCjQy8nMy9Y3szB2NqkwqwjOSrIvLcmNL84vLUpOtQUrSs5XAwnlpqZklubapuYmZuaABZITcwsSM9PzbA0NVY3cjIxBhJG2U05icra2W1FmSmKltktqYk4xAP00f5RyAAAA&tiba=Lenovo%20on%20Fond&fmt=3&is_vtc=1&random=3884471622&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 05:50:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b6a795cdfedb5c954b3000dbb2dc7f90
b17bb97d224d89bc8227cddf5a8386e100751cda
78c411d16c1be2d8da51fc409cb45ec2aca8d32b77ab4d1a1a1fe5d1a33552e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 426133ba6dfc4d15e0cb4c7b2dabd3fe
17cddc28ede33c87d7dcb9700f39b70c19c644dd
4fcae487b293113493e2fc379ccc680a9189a7dc34165f25ed26f9e05d3a4c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4709
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 05:50:44 GMT
Last-Modified: Thu, 24 Nov 2022 04:32:16 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
m.stripe.com/6
200 OK 156 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 109ac483f5f57f88b71002d36e39a5df
9aaba8ee54710827d621d728900eaecb8f22bda3
8f52e391b3e152b88474e466789f905c85ca4b3342f645f7514e33b4a3c7b0f1
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2232
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 05:50:45 GMT
content-length: 156
set-cookie: m=c576423d-8a89-481a-8410-0232c61cc838f85b2d;Expires=Sat, 23-Nov-2024 05:50:45 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 640ac735900c76fea0d1601d03c169b2
85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3
0b6d19b0b5825dd47a7ae7c89fd61e8f3a10adb52913b2642874baa35500df63
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:50:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 21:46:56 GMT
Expires: Tue, 29 Nov 2022 21:46:55 GMT
Etag: "85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3"
Cache-Control: max-age=488769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efde6c8876b512-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 640ac735900c76fea0d1601d03c169b2
85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3
0b6d19b0b5825dd47a7ae7c89fd61e8f3a10adb52913b2642874baa35500df63
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:50:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 21:46:56 GMT
Expires: Tue, 29 Nov 2022 21:46:55 GMT
Etag: "85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3"
Cache-Control: max-age=488769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efde6c88851bfe-OSL
js-agent.newrelic.com/nr-1216.min.js
200 OK 14 kB URL HTTP/2 js-agent.newrelic.com/nr-1216.min.js
IP
File type ASCII text, with very long lines (32022)
Hash b7c09cc097b2847f9edc784adba62dcb
5aa648623cf5e3b4b215fe5d068a7904c59f2925
6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Nov 2022 05:50:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 602
x-timer: S1669269046.531721,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
sessions.bugsnag.com/
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: sessions.bugsnag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Referer: https://fond.co/
Origin: https://fond.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Thu, 24 Nov 2022 05:50:45 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 640ac735900c76fea0d1601d03c169b2
85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3
0b6d19b0b5825dd47a7ae7c89fd61e8f3a10adb52913b2642874baa35500df63
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:50:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 21:46:56 GMT
Expires: Tue, 29 Nov 2022 21:46:55 GMT
Etag: "85eda21f03a65f4b7ea6a9e41bd18e048f3d0cd3"
Cache-Control: max-age=488769,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76efde6f0a35b512-OSL
sessions.bugsnag.com/
202 Accepted 21 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1807ffa1d44e667592a0f91c668ba65b
4d48849fa0f6917c9c57ed958680e9a1e722382b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
POST / HTTP/1.1
Host: sessions.bugsnag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Content-Type: application/json
Bugsnag-Api-Key: 45f87da0e729716791f4c429aa8a9954
Bugsnag-Payload-Version: 1
Bugsnag-Sent-At: 2022-11-24T05:50:44.963Z
Content-Length: 396
Origin: https://fond.co
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
access-control-allow-origin: *
content-type: application/json
date: Thu, 24 Nov 2022 05:50:45 GMT
content-length: 21
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bam.nr-data.net/1/f835ddceab?a=2895449&v=1216.487a282&to=JV5dEBRYWlpQExgTUhRaQEsVX1lB&rst=3843&ck=1&ref=https://fond.co/perks/1185&ap=51&be=2060&fe=3649&dc=2474&af=err,xhr&perf=%7B%22timing%22:%7B%22of%22:1669269041507,%22n%22:0,%22f%22:1195,%22dn%22:1198,%22dne%22:1198,%22c%22:1198,%22s%22:1355,%22ce%22:1672,%22rq%22:1672,%22rp%22:1885,%22rpe%22:2040,%22dl%22:2047,%22di%22:2409,%22ds%22:2473,%22de%22:2490,%22dc%22:3647,%22l%22:3647,%22le%22:3649%7D,%22navigation%22:%7B%7D%7D&fcp=2395&jsonp=NREUM.setToken
200 OK 72 B URL HTTP/1.1 bam.nr-data.net/1/f835ddceab?a=2895449&v=1216.487a282&to=JV5dEBRYWlpQExgTUhRaQEsVX1lB&rst=3843&ck=1&ref=https://fond.co/perks/1185&ap=51&be=2060&fe=3649&dc=2474&af=err,xhr&perf=%7B%22timing%22:%7B%22of%22:1669269041507,%22n%22:0,%22f%22:1195,%22dn%22:1198,%22dne%22:1198,%22c%22:1198,%22s%22:1355,%22ce%22:1672,%22rq%22:1672,%22rp%22:1885,%22rpe%22:2040,%22dl%22:2047,%22di%22:2409,%22ds%22:2473,%22de%22:2490,%22dc%22:3647,%22l%22:3647,%22le%22:3649%7D,%22navigation%22:%7B%7D%7D&fcp=2395&jsonp=NREUM.setToken
IP
File type ASCII text, with no line terminators
Hash 107d93e382e2c9b00fbf9fb0edc65d86
77e750e3ebf9706f4f6dd253785602d70be17c6c
a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/f835ddceab?a=2895449&v=1216.487a282&to=JV5dEBRYWlpQExgTUhRaQEsVX1lB&rst=3843&ck=1&ref=https://fond.co/perks/1185&ap=51&be=2060&fe=3649&dc=2474&af=err,xhr&perf=%7B%22timing%22:%7B%22of%22:1669269041507,%22n%22:0,%22f%22:1195,%22dn%22:1198,%22dne%22:1198,%22c%22:1198,%22s%22:1355,%22ce%22:1672,%22rq%22:1672,%22rp%22:1885,%22rpe%22:2040,%22dl%22:2047,%22di%22:2409,%22ds%22:2473,%22de%22:2490,%22dc%22:3647,%22l%22:3647,%22le%22:3649%7D,%22navigation%22:%7B%7D%7D&fcp=2395&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fond.co/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 05:50:46 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 76efde6f79c50b69-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=d4a2adde7d37ed4a; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
167.89.115.120
151.101.84.176
104.18.32.68
23.36.76.226
93.184.220.29