www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
199.60.103.30301 Moved Permanently 0 B URL HTTP/1.1 www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
IP 199.60.103.30:0
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect HTTP/1.1
Host: www.contrastsecurity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 23:38:54 GMT
Content-Length: 0
Connection: keep-alive
Location: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
Cache-Control: s-maxage=3600,max-age=120
Strict-Transport-Security: max-age=31536000
X-Hs-Https-Only: worker
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bX%2BO2waQRr1zudA9%2BpvlCP1hZW789j1ob5VDUzSu8sKXo4aT0MRWM%2FpP67LqyB4c5padNd47bImWKhcDQxpG9iSX13J2tcEJ6BYx14%2FCVd4TKmeej0pvXgbS%2Fs1SxjX7WemdQepCMbqkKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Set-Cookie: __cf_bm=W5EYv668XSpszA8UNAJWpVXisIu.llW49DCrFp3MbCM-1675467534-0-AfxIP5/uqieTnjpKGkf8EK7tnT/i7v12AVUWLGyPlepeknbq5ZEBa71MtnL3f+0w5FjXSUiiCdfDDw3xlWCkOok=; path=/; expires=Sat, 04-Feb-23 00:08:54 GMT; domain=.www.contrastsecurity.com; HttpOnly; SameSite=None
__cfruid=f838655309372284dce4f945a47a6be08be806af-1675467534; path=/; domain=.www.contrastsecurity.com; HttpOnly
Server: cloudflare
CF-RAY: 793f00b8bc040b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4803
Expires: Sat, 04 Feb 2023 00:58:57 GMT
Date: Fri, 03 Feb 2023 23:38:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3248
Expires: Sat, 04 Feb 2023 00:33:02 GMT
Date: Fri, 03 Feb 2023 23:38:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 22:43:35 GMT
content-type: application/json
age: 3319
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4128
Expires: Sat, 04 Feb 2023 00:47:42 GMT
Date: Fri, 03 Feb 2023 23:38:54 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EwTuatLste48p74vvSwt7caNRdn7HLLfsGQZ0FldyIdhMg69TOGAsCifD7tpaM9IofgKCaZwjsb6DA7QoBmEtw==
x-amz-request-id: 3YMXW34AJ66DASTZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 22:52:35 GMT
age: 2779
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash d318ee0ddd3ae8c3768dcf7d4245fb0c
9784ac774fd5003e3a6b48c51fc2c5e27788715f
70d29e4d12258afb614006cc11f8efada004ef181749fcb56e293217dd1bf433
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:54 GMT
Etag: "63da66b8-116"
Server: ECS (amb/6BA0)
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:38:54 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 23:07:19 GMT
age: 1896
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10320
Expires: Sat, 04 Feb 2023 02:30:55 GMT
Date: Fri, 03 Feb 2023 23:38:55 GMT
Connection: keep-alive
push.services.mozilla.com/
44.235.159.98101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.235.159.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FBYPt7jDg6ICC3Bjc9StUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yN5AZBvBDIGllk4iTeqdFE8WHGs=
www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
199.60.103.30200 OK 19 kB URL HTTP/2 www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
IP 199.60.103.30:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1520)
Hash 82b062eb1a2aea0c87ba6ad9640928bb
1a962e8b2aa497036064c0bb7dff030693332ce7
5f5d962c13c17bb8c5e303b9e6c27df558ab8e5666bdbdcafa7b7cd9c29b2372
GET /security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect HTTP/1.1
Host: www.contrastsecurity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:55 GMT
content-type: text/html; charset=UTF-8
etag: W/"0bff39ef66bf78e3874e8997f2c9e982"
last-modified: Fri, 03 Feb 2023 22:31:04 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-100983843633,CG-1493724588,CG-203759,P-203759,CW-63370865255,CW-63372231476,CW-65626090029,E-1787458339,E-63747633477,E-63854006692,E-63854083398,E-63860703006,E-63861701158,E-63863738482,E-65473034250,E-67980816270,E-68647724412,E-68648114856,MENU-63761649167,PGS-ALL,SW-0,B-1493724588,GC-63755362050,GC-63758295990,GC-64005890817,GC-64133034278,GC-65701617199,TS-63863433485
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-content-id: 100983843633
x-hs-hub-id: 203759
x-hs-prerendered: two-phase;Fri, 03 Feb 2023 22:31:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHKelNndU%2FoplGuBI%2BTYfiVky%2B5N7yskqtfAxauFEMEfOjd1zC7shrsCwg3P5IeSfbu4W7wio6jqUtGGM5gXm7QT3eM5TL3Ph5UTYyay%2FLlcXSsaVwSJoJjudZQ%2B8lg1IML6LHV3hY3XmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=xI3U.p.X2wOo09y5UXdz02rudLruKUv8NZvgfdCJPmI-1675467535-0-AcAIgXsR0NXbe4Ya+KjX14hOi7IJKsKWRudWR4yrNimWaiG3eSB117VxLSXv9MK9KRwMuVplJXCxlfWk5TJF3M0=; path=/; expires=Sat, 04-Feb-23 00:08:55 GMT; domain=.www.contrastsecurity.com; HttpOnly; Secure; SameSite=None
__cfruid=7adadf9ba0c98326560cd8a9a0b50a6245a0a8a2-1675467535; path=/; domain=.www.contrastsecurity.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 793f00bb1e0b0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</_hcms/forms/v2.js>
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
104.17.25.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (59158)
Hash a20f2b1b0e73086a7546d004092fb368
3c0e3c8c74971acac179bb55951410cdfc26abab
185c5af2acbae7972165d8c67887a7300e85cb3f03882048437b6e5177c1fe2a
GET /ajax/libs/font-awesome/5.15.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:55 GMT
content-type: text/css; charset=utf-8
content-length: 10491
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-e7d0"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 33964
expires: Wed, 24 Jan 2024 23:38:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dH%2Bboqy%2FjqoCkTp8qs9mgbzvEalq0YWsttPca5MUVD8PRYkA2AOejxowaaS%2BjYpI3Shjt9rxY2lMrjxOd7J%2FZRiBvkFkKs3wYy24vh7GiB54ktMr0UvKSoi3MCJ4e3IbsF4vm4Vb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793f00c1fa6b0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1675435038712/module_-2712622_Site_Search_Input.min.css
104.17.240.204200 OK 720 B URL HTTP/2 cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1675435038712/module_-2712622_Site_Search_Input.min.css
IP 104.17.240.204:0
File type ASCII text, with very long lines (612), with no line terminators
Hash 450d8c2a336369a19800bf3042bf4e59
7483bbb5f53507fa5620b2743cdc8660db0a4a75
6eb903babba249133b8e7239f71cbe3bc41b8a0f45a0e566599d3aa0d4bc34f6
GET /hub/-1/hub_generated/module_assets/-2712622/1675435038712/module_-2712622_Site_Search_Input.min.css HTTP/1.1
Host: cdn2.hubspot.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:55 GMT
content-type: text/css
cf-ray: 793f00c24959b4f3-OSL
access-control-allow-origin: *
age: 32295
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"c708989561e0cdbfcf996d1b7f47482c"
last-modified: Fri, 03 Feb 2023 14:37:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: IAD89-P1
x-amz-meta-created-unix-time-millis: 1675435038712
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX%2FDDt5wVDM%2BUyyCx%2F8QTfd0jeZr%2F4k6bZYLMnI%2BMIVpIe40r926amtVaJ5LlSFgrZ%2FlF%2BCz1IsysNiuozX8VJoDacRZ1FfbEignhSAS%2BBwhRq60b4iz6jtYkB4n%2Bcy0mIM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js
194.242.11.186301 Moved Permanently 112 B URL HTTP/2 cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 7c65297a6e129c60b91b9bcb52387ef1
54d8bbe0dddb3741406d0b0db39e97f9e9ab9459
7e79314f019fd64997a199e0284af426e5d8a4dad3113e5ad44e47e6c0b56f37
GET /google/code-prettify/master/loader/run_prettify.js HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 23:38:55 GMT
content-type: text/plain; charset=utf-8
content-length: 112
location: https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js
server: BunnyCDN-NO1-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 53123
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 02/03/2023 23:38:55
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra-eddf8230067-FRA, cache-chi-kigq8000104-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 5b4244f6b7003e72502515a26336709c
cdn-cache: HIT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40faa5479c5edb53d6308af7dee26eb5
6c4fa8bc43236c63087e86cb7aafb2dcef2d10ad
577f472a1a0a6457935fb6a0b265716ebc2fec8122b5ab940f4d2c0a52514613
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "577F472A1A0A6457935FB6A0B265716EBC2FEC8122B5AB940F4D2C0A52514613"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12342
Expires: Sat, 04 Feb 2023 03:04:37 GMT
Date: Fri, 03 Feb 2023 23:38:55 GMT
Connection: keep-alive
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1675435037411/module_-2712622_Site_Search_Input.min.js
104.17.240.204200 OK 15 kB URL HTTP/2 cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1675435037411/module_-2712622_Site_Search_Input.min.js
IP 104.17.240.204:0
File type Unicode text, UTF-8 text, with very long lines (29060), with no line terminators
Hash a44b44884e6fec46cf10b3c0518475cf
7686efcb55608296b583d49d5146a74af4da2bb2
62be52de3c7efed28c66f66f6a65d29e09858e8590c90eaa02b2e05c082c5ba1
GET /hub/-1/hub_generated/module_assets/-2712622/1675435037411/module_-2712622_Site_Search_Input.min.js HTTP/1.1
Host: cdn2.hubspot.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:55 GMT
content-type: text/plain;charset=utf-8
cf-ray: 793f00c23956b4f3-OSL
access-control-allow-origin: *
age: 32294
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
etag: W/"ed9599b00b9a6c225d342a5a9cb0d0a0"
last-modified: Fri, 03 Feb 2023 14:37:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-methods: GET
x-amz-cf-pop: IAD89-P1
x-amz-meta-created-unix-time-millis: 1675435037411
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256
x-amz-storage-class: INTELLIGENT_TIERING
x-hs-alternate-content-type: text/plain
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yt9psC42H2%2FZa%2B4aB0Di1VXebPCNv0%2FcX8Ku7nCR5ghtk32jFr7VAHKeQgMv2elw127RqdFBqNG3jm7Ot2nit%2B682M8ITco06Zj%2BYdXBennzwE8Qr9EbXs%2FDcv9pbbmMJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash feb36e7d777d372a161b2530767d92db
005db9dd7a748b01b2b8870f33cf7211dccec0bf
27cdca65957459485c880a6435b7cc1f7286a1644391c75c0c82b5b065d5ae1b
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:55 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A3704F6276D3AE6C6F4A7CDD6127F619A7D95A32"
Expires: Sat, 04 Feb 2023 10:00:00 GMT
Last-Modified: Fri, 03 Feb 2023 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2217
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f00c31a50b509-OSL
platform.linkedin.com/in.js
23.36.76.121200 OK 163 kB URL HTTP/2 platform.linkedin.com/in.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (41562)
Size 163 kB (163383 bytes)
Hash 4c1cfdf1b2fbe23ccdce88ea61a4ba97
1f4b852522db70c016ddf65a7b1e46faaa231fab
46567c70c7f0f102be8cf7736a42b59cf7f0818c6c3bde5f6d4908f8afb00294
GET /in.js HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Play
expires: Sat, 4 Feb 2023 00:09:51 GMT
cache-control: public, max-age=3600
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
content-length: 163383
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
x-li-uuid: AAXz08dYRv6T/RVviI013A==
date: Fri, 03 Feb 2023 23:38:55 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
142.250.74.168200 OK 99 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
IP 142.250.74.168:0
Hash 973f2837f0d8cb755690f501762b516b
73773c2dac99bb1c04285ce3e4aa4d60ca6b8e95
65e8ef4b78317e1dba9c3e7906b1083461cb0ade709587fcbbf29e9ec9c25ee6
GET /gtm.js?id=GTM-5XQWKJ9 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 03 Feb 2023 23:38:56 GMT
expires: Fri, 03 Feb 2023 23:38:56 GMT
cache-control: private, max-age=900
last-modified: Fri, 03 Feb 2023 23:02:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
104.17.25.14200 OK 86 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
IP 104.17.25.14:0
Hash 9444158e0e2c49b6af7fe38365f4a782
3b9d0fd58881284d2e4ec21539650ad0e2f629e2
fec455718392b06f568f78c9b577d883d5df4f8f45323bece55f5ca82b9a1577
GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:56 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 80300
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-139ac"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8058290
expires: Wed, 24 Jan 2024 23:38:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8puvzE599HADSA40vJuzabWdoY4d9J9andJ%2F9dZEFo%2F90suFWPE4yrkFsAF3B%2Bjia8QQZ6kzaWw%2FsCCsM3xOQMe%2FR9GfFq0IEtM5g1EGFuWMta4ejMGLbesHcHOdz%2BfP%2BT5C%2F%2Fhc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 793f00c699d91c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9f01938839c6521590d71922deab94d2
0f3345b328545a35dd3bc7f34bdb4447c8095ff4
f1b0aaf2a88a5e0915f1199ac28c8197e32fac3ad8e32334340f2956e1ca13b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2497
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:56 GMT
Last-Modified: Fri, 03 Feb 2023 22:57:20 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8f7c6121b30dc2512199ebec67c65fa3
50a3f2907a3f53e56657fce6e656a5504fa13db9
6ebe82519e70b55b89dbcc4e0c03d36df2c8b11051a865d54f75c71d5e1c032c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5492
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:56 GMT
Last-Modified: Fri, 03 Feb 2023 22:07:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:38:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:38:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:38:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:38:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10367
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:38:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:59:51 GMT
age: 5945
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:55:01 GMT
age: 6235
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ThTL_OlFd4yMELCmSzH4ziqxa8gdYgAAbxLY9VZPVaIldOUkvFVF_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:12:43 GMT
age: 5173
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 5556
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 5615
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: 5ae7dc8b-55a8-4500-84ef-938727459c1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqHskoAMFpyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-662f24ed24651faa2323de32;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mk-qCGW538M5F88fom6XC1UmuzHd7qqEDUQQBdu-tVFn7-I4r547sg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:42:12 GMT
age: 3404
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/80926?d=contrastsecurity.com
54.230.111.48401 Unauthorized 6.6 kB URL HTTP/2 api.omappapi.com/v2/embed/80926?d=contrastsecurity.com
IP 54.230.111.48:0
Hash 53e8c5fd3636a38a83af2e878a36a5c0
7484f48615f54cc13c78f43ec5c452c99f373e95
804c27d769f494e349fc00736728fc7c3857f6b8794328be1f7043e215af8d60
GET /v2/embed/80926?d=contrastsecurity.com HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: application/json
content-length: 165
date: Fri, 03 Feb 2023 23:39:04 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Fri, 03 Feb 2023 23:40:56 GMT
cache-control: public, max-age=120, stale-while-revalidate=1800
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
server: Pagely Gateway/1.5.1
x-cache: Error from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wjJZVdCHJTl0RqdBf5Nx7I6NpeOBlaLcunIw-McKHreLWsQhWFm4Ng==
X-Firefox-Spdy: h2
www.redditstatic.com/ads/pixel.js
151.101.193.140200 OK 7.4 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.193.140:0
File type ASCII text, with very long lines (23347)
Hash 03d5db9dfd00a5719bb4c9261e6fa1bb
be9899225f59b4d3ef6fefcf0e66b72568353a94
e90f19642062e4311b58ede732592e8f29b7799661086a0bbfc68e259fd81398
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 23:38:56 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7356
X-Firefox-Spdy: h2
fast.wistia.com/static/integrations-hubspot-v1.js
151.101.66.110200 OK 4.0 kB URL HTTP/2 fast.wistia.com/static/integrations-hubspot-v1.js
IP 151.101.66.110:0
File type ASCII text, with very long lines (15042), with no line terminators
Hash c4b9c137dc4e560a04cc1f2c591e35a5
9f560a57f1824b88d691ea12e18abceafd1701c5
793a1c3239d865474ea7d196d39a8d3b14713753aa9c951775ebdccabf66b837
GET /static/integrations-hubspot-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63dd7c82-fa5"
last-modified: Fri, 03 Feb 2023 21:28:34 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 23:38:56 GMT
age: 3457
x-served-by: cache-iad-kcgs7200097-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 46, 1
x-timer: S1675467537.993941,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 4005
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4ac380c70627c8136b1c3028d42a351f
ebc62797c18b2aaad1289d6494f394909ed3da13
768927cec2214e27eb431f5d7406d0ed4e0e69def775cae30872073c986b6f06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123720
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Etag: "63dcdb59-117"
Expires: Sun, 05 Feb 2023 10:00:57 GMT
Last-Modified: Fri, 03 Feb 2023 10:00:57 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2ecb7ec803449cbc0ccc37bf25116f6b
bd8942236dae4293d67e7b4dcf89f57491fe646a
a2028be8f966297de5df0f05b976a680c4132c91ea3437925ee36b84bacaa9c8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3454
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Last-Modified: Fri, 03 Feb 2023 22:41:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2d8d23c6d130fd6a00e8a1365cda570b
64ceabd9832a5d972b503b650bee015644d81b41
e52a4271970a8c326cd267b19b3a3771e9715be28371506dadb8894894f547a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3461
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Last-Modified: Fri, 03 Feb 2023 22:41:16 GMT
Server: ECS (amb/6B99)
X-Cache: HIT
Content-Length: 278
fast.wistia.com/assets/external/embed_shepherd-v1.js
151.101.66.110200 OK 120 kB URL HTTP/2 fast.wistia.com/assets/external/embed_shepherd-v1.js
IP 151.101.66.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 120 kB (120536 bytes)
Hash f9b8f420a19d0f7bb2a93ab87bbd0648
61e957c8c2c452700e7a362afdc9d6b0a477625a
15617858f3279400fd8fa4aa6039ffd904bf18956e119df9fe90daa76694721d
GET /assets/external/embed_shepherd-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: br
content-type: application/javascript
etag: "63dd7c82-1d6d8"
last-modified: Fri, 03 Feb 2023 21:28:34 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 03 Feb 2023 23:38:57 GMT
age: 3457
x-served-by: cache-iad-kjyo7100179-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 50, 1
x-timer: S1675467537.031322,VS0,VE1
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 120536
X-Firefox-Spdy: h2
kriya.ai/tracking.min.js?t=1675468800000
104.24.68.11301 Moved Permanently 471 B URL HTTP/2 kriya.ai/tracking.min.js?t=1675468800000
IP 104.24.68.11:0
Hash c466d60d55b6258a92bf362b4627ac1e
8462a4360fe49062c48448c3be1621ad692df2d6
487327fda85e98f8efde912bc0d9bb1cb62428c5f2f8290ee83b72869afa7b8d
GET /tracking.min.js?t=1675468800000 HTTP/1.1
Host: kriya.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 03 Feb 2023 23:38:56 GMT
location: https://kalendar.ai/tracking.min.js?t=1675468800000
cache-control: max-age=3600
expires: Sat, 04 Feb 2023 00:38:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NODNEyweVKSGHJNKSuVDbfjgv%2FOTPAEUhv7nX4wd3PCOlv6uNJsDlYk9yLZe6W0HlkU0UFd0E1q%2F02y6kWm1BjDSj4BdQmMVqf8ONsYJn%2BT6b73q1P6C7iP9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f00c83fb4b517-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 69e9a8125baf9036891d70207fe629e6
fbc0291e180a0f2060631ac8e60ce2fccca148f8
524c3d6ae6ab855ff7c361ee285b4fd4accd5e0d6deac98663cdbb6de68198a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1829
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Etag: "63dd4927-117"
Last-Modified: Fri, 03 Feb 2023 23:08:28 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2d8d23c6d130fd6a00e8a1365cda570b
64ceabd9832a5d972b503b650bee015644d81b41
e52a4271970a8c326cd267b19b3a3771e9715be28371506dadb8894894f547a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2890
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Last-Modified: Fri, 03 Feb 2023 22:50:47 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/s/gts1d4/zVnlZCVtVEw
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/zVnlZCVtVEw
IP 142.250.74.131:0
Hash 83fd6f243ca889286be36976395a7f14
8d8fa649ee23e942752e92e3e26844f8b8f0b96d
313f5876a5ddf5207400cc1102a5336fb7b3de29d1e5fcec31f452664fd0b14b
POST /s/gts1d4/zVnlZCVtVEw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/zVnlZCVtVEw
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/zVnlZCVtVEw
IP 142.250.74.131:0
Hash 83fd6f243ca889286be36976395a7f14
8d8fa649ee23e942752e92e3e26844f8b8f0b96d
313f5876a5ddf5207400cc1102a5336fb7b3de29d1e5fcec31f452664fd0b14b
POST /s/gts1d4/zVnlZCVtVEw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 264c757814627b3fd5c373f962d25a4b
971e0e82b9c625cf25ff908ae58f56d00562c118
895b9e9b27703db1c6cb28dd7100dba2e600cb628a9122e7bd92c2990db1cec7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2421
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Last-Modified: Fri, 03 Feb 2023 22:58:36 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&pageId=100983843633&pid=203759&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=t&pg=eafb7e72-9819-43d8-8d17-63c5cc055525
104.19.155.83200 OK 2.2 kB URL HTTP/2 cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&pageId=100983843633&pid=203759&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=t&pg=eafb7e72-9819-43d8-8d17-63c5cc055525
IP 104.19.155.83:0
File type JSON data\012- , ASCII text, with very long lines (5468), with no line terminators
Hash 848ecc95c6e0ee90fc710c097a48f294
d437a1bd7dee907d919ef96964f8ab811d9860bd
6f65a8358be423994a1242e474114004e80319aac7ab4181556a6832cb52b68d
GET /ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&pageId=100983843633&pid=203759&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=t&pg=eafb7e72-9819-43d8-8d17-63c5cc055525 HTTP/1.1
Host: cta-service-cms2.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: application/json;charset=utf-8
x-trace: 2B7661664BD30E53A0C069BD7CDDAC5E98E2315687000000000000000000
cache-control: max-age=0, no-cache, no-store
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: fd062e46-b1dc-4e0d-9000-399da8968bea
access-control-allow-origin: https://www.contrastsecurity.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
access-control-max-age: 180
x-robots-tag: noindex, follow
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=zVCjSIAdOWkbJQLQ3bryEdk5NgTU7lA5HGJhZLbMYkQ-1675467537-0-Afh/DfRICrEZoBUoybOXuZ8lfYFK6DOdC2GAIT2ZHnZH0PEeYKeChz2rGtp3IlP83IhjEAy5ErNgNmwq5/rE+hw=; path=/; expires=Sat, 04-Feb-23 00:08:57 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xp8zzpbv6gV4Q%2FXb3q%2Bydmt7CITuOZhwtGINv6Ae8MWcmO9pK5vPDlWaAssNvypWLMd6MCN6Yt9JE1xnl2p5HBznHPgDhT9m%2FMQaCk6kEEJ8nZk1GjHSALyCbys7ZhszWfPX5gTsDyifkoMfqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 793f00caeea10b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1675467570098&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4
34.111.208.231200 OK 0 B URL HTTP/2 ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1675467570098&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4
IP 34.111.208.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /a/gif.gif?actTypeId=31&cid=16560021&r=1675467570098&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4 HTTP/1.1
Host: ibc-flow.techtarget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ibc_rate_tier
Referer: https://www.contrastsecurity.com/
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-guploader-uploadid: ADPycdscsW3QgdiMsue6SO1mpHrqFXJlVNr4zBbpANvrgl5Z-r-eZra0G7aANxjQ5GFvCkF9MvKmcUDb71zTXE6ggYpU6K3XOvtn
vary: Origin
expires: Fri, 03 Feb 2023 23:38:57 GMT
cache-control: private, max-age=0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/zVnlZCVtVEw
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/zVnlZCVtVEw
IP 142.250.74.131:0
Hash 83fd6f243ca889286be36976395a7f14
8d8fa649ee23e942752e92e3e26844f8b8f0b96d
313f5876a5ddf5207400cc1102a5336fb7b3de29d1e5fcec31f452664fd0b14b
POST /s/gts1d4/zVnlZCVtVEw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trk.techtarget.com/tracking.js
104.18.12.159200 OK 1.3 kB URL HTTP/2 trk.techtarget.com/tracking.js
IP 104.18.12.159:0
File type ASCII text, with very long lines (2932), with no line terminators
Hash 8b548ba6be2d4fa1c2d9ea877e40c0e2
bc82cbd24d21455df73c2f1bb27196997a5581a3
fb98dbb625d62053feb494aae985efb922312564e554948b3e3f4ded452c438d
GET /tracking.js HTTP/1.1
Host: trk.techtarget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: text/javascript
cache-control: max-age=1200
cf-bgj: minify
expires: Fri, 03 Feb 2023 23:44:17 GMT
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 200
set-cookie: __cf_bm=M51dMNdXc3Rt_ngPyesI4wGSfNvrohDnOFiWlScDYsE-1675467537-0-Ae/8epkod974k9Wu6rxKh+cjlslES3iuShKgwgqpUqvL55mINrAbXPEs7jF9UDTbzk6axa1APYy1H0dmC7FdcjU=; path=/; expires=Sat, 04-Feb-23 00:08:57 GMT; domain=.techtarget.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 793f00ca988db4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 264c757814627b3fd5c373f962d25a4b
971e0e82b9c625cf25ff908ae58f56d00562c118
895b9e9b27703db1c6cb28dd7100dba2e600cb628a9122e7bd92c2990db1cec7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2421
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Last-Modified: Fri, 03 Feb 2023 22:58:36 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1675467570098&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4
34.111.208.231200 OK 43 B URL HTTP/2 ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1675467570098&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4
IP 34.111.208.231:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /a/gif.gif?actTypeId=31&cid=16560021&r=1675467570098&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4 HTTP/1.1
Host: ibc-flow.techtarget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
ibc_rate_tier: 16560021
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdtuRVofMZPIup_31rZUSrrU50u9lhngRsm4l0oWYrn8r-UhkXOb_Ytqj8k8rMg6QazwoKv4LhGRgcloy2T1ybGFIFlQwEGQ
expires: Sat, 04 Feb 2023 00:38:57 GMT
cache-control: public, max-age=3600
vary: X-Goog-Allowed-Resources, Origin
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
x-goog-generation: 1670534369365034
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 256ae164ecef6b5632ca6bcdb1207741
64c5f2701257e4d47a21a56e974024b203b4ba77
65dcfc3cd4f5a0716fe80d5f1d426e89c6be2be4a5323574398cdfcf8d01d479
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 10:24:03 GMT
Expires: Fri, 10 Feb 2023 10:24:02 GMT
Etag: "64c5f2701257e4d47a21a56e974024b203b4ba77"
Cache-Control: max-age=556504,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f00ca5f83b4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f3264fc39ba41a1e0f3cf9274f5f3cc8
10f11b62e4660cfd63326b83b7bdf48f8ceee9c9
9f16d423b1a57d7e127c9cec81fbfe6209f0e2c557fd5c8978203e940432c03f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 05:33:43 GMT
Expires: Thu, 09 Feb 2023 05:33:42 GMT
Etag: "10f11b62e4660cfd63326b83b7bdf48f8ceee9c9"
Cache-Control: max-age=452684,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f00cbe94bb4ee-OSL
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 934d92d64a97e2c162566a2093bccbaa
011d29150d0f9ebf892805399d5a99cf2487dc15
35ea028c51d0ff034c725aeb925a34a5ef558c2df9ba1d8c75ace9201d0a80ac
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 03 Feb 2023 23:38:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 04:31:13 GMT
Expires: Sat, 04 Feb 2023 04:31:13 GMT
ETag: "011d29150d0f9ebf892805399d5a99cf2487dc15"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
js.hs-banner.com/cookie-banner-public/v1/activity/view
172.64.154.85200 OK 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/activity/view
IP 172.64.154.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cookie-banner-public/v1/activity/view HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.contrastsecurity.com/
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www.contrastsecurity.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793f00ccb804b524-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kalendar.ai/tracking.min.js?t=1675468800000
172.67.73.224200 OK 2.3 kB URL HTTP/2 kalendar.ai/tracking.min.js?t=1675468800000
IP 172.67.73.224:0
File type ASCII text, with very long lines (5274)
Hash ac713e02b96840b01662be35af970194
48c7f19eb865c98fb36e8d76eed15d08c19797ca
79e74434daf51f102ab936204a8ed46f16c0ff477a1bf26420c5dafb0e8f15f4
GET /tracking.min.js?t=1675468800000 HTTP/1.1
Host: kalendar.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 22:11:47 GMT
etag: W/"63dd86a3-14f2"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8%2BzMdFSddXgTzChMPy9EAlaZz7fI98Ie0DuyP1J3hq5SS7fBl1KSK8mDu4ezk2%2F4h32FMwTXA6ykpPDL4HK%2BaMw9sY2MNFsaHEb5cYcNf%2FSL1eWS3%2FtHyLTPXB3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f00cac8f7b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.kickfire.com/gip
209.128.92.239200 OK 18 B IP 209.128.92.239:0
File type ASCII text, with no line terminators
Hash f4398b933c00e674af8dea0f698111c7
18bec7219f4f2e54bb3117a482b314d1546e59cf
331dda252f46ec2a46ef3efcbc927d0f295cfe3d0d226947cb43d648af44ef80
GET /gip HTTP/1.1
Host: api.kickfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:57 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Access-Control-Allow-Origin: *
Content-Length: 18
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
js.hs-banner.com/cookie-banner-public/v1/activity/view
172.64.154.85204 No Content 0 B URL HTTP/2 js.hs-banner.com/cookie-banner-public/v1/activity/view
IP 172.64.154.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cookie-banner-public/v1/activity/view HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 151
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 03 Feb 2023 23:38:57 GMT
x-trace: 2B0CF8B1E64BC33795DA421E46C7848E6755171050000000000000000000
x-hubspot-correlation-id: 728db0f3-5033-408c-9d38-c9dbc6a25c49
access-control-allow-origin: https://www.contrastsecurity.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793f00cd78b5b524-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
google.com/ccm/form-data/950431113?em=tv.1>m=45He3210&auid=872776185.1675467570
216.58.207.206204 No Content 0 B URL HTTP/2 google.com/ccm/form-data/950431113?em=tv.1>m=45He3210&auid=872776185.1675467570
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ccm/form-data/950431113?em=tv.1>m=45He3210&auid=872776185.1675467570 HTTP/1.1
Host: google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.contrastsecurity.com
date: Fri, 03 Feb 2023 23:38:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=33821&tdr=&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cb=22386027033070156term=value
44.238.33.223200 OK 3.9 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=33821&tdr=&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cb=22386027033070156term=value
IP 44.238.33.223:0
File type ASCII text, with very long lines (14558), with no line terminators
Hash f86872b54201673f132dab77dd5c1219
29fc7da057274b5eb369b9dfd6978a4c404eff3d
7894effdcf85a61a9ab763df6b1303996b467e0f092ef3f3c1f3b06302c34498
GET /spx?dxver=4.0.0&shaid=33821&tdr=&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cb=22386027033070156term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Fri, 03 Feb 2023 23:38:56 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 256ae164ecef6b5632ca6bcdb1207741
64c5f2701257e4d47a21a56e974024b203b4ba77
65dcfc3cd4f5a0716fe80d5f1d426e89c6be2be4a5323574398cdfcf8d01d479
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 10:24:03 GMT
Expires: Fri, 10 Feb 2023 10:24:02 GMT
Etag: "64c5f2701257e4d47a21a56e974024b203b4ba77"
Cache-Control: max-age=556504,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f00cd5b01b4ee-OSL
region1.analytics.google.com/g/collect?v=2&tid=G-LVG2KS7RHZ>m=45je3210&_p=884558270&_gaz=1&cid=851955478.1675467570&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467570&sct=1&seg=0&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&dt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-LVG2KS7RHZ>m=45je3210&_p=884558270&_gaz=1&cid=851955478.1675467570&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467570&sct=1&seg=0&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&dt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LVG2KS7RHZ>m=45je3210&_p=884558270&_gaz=1&cid=851955478.1675467570&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675467570&sct=1&seg=0&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&dt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.contrastsecurity.com
date: Fri, 03 Feb 2023 23:38:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-LVG2KS7RHZ&cid=851955478.1675467570>m=45je3210&aip=1
64.233.161.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-LVG2KS7RHZ&cid=851955478.1675467570>m=45je3210&aip=1
IP 64.233.161.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LVG2KS7RHZ&cid=851955478.1675467570>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.contrastsecurity.com
date: Fri, 03 Feb 2023 23:38:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.kickfire.com/v2/company:(all)?ip=UUrd746lG6iWd2oz&key=a87c7733efaab751
209.128.92.239429 Too Many Requests 143 B URL HTTP/1.1 api.kickfire.com/v2/company:(all)?ip=UUrd746lG6iWd2oz&key=a87c7733efaab751
IP 209.128.92.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 29f3d26e9beaa5e961a85a8dfbb5953a
2ad401ab6fed98a80d1da126eeb4a8720ac6269b
2cabb172719c507c74a377112eee344baab7b522fdcb5a90f516b076589a6e13
GET /v2/company:(all)?ip=UUrd746lG6iWd2oz&key=a87c7733efaab751 HTTP/1.1
Host: api.kickfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 429 Too Many Requests
Date: Fri, 03 Feb 2023 23:38:57 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: *
Content-Length: 143
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/json
scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDU2OX0.FyjMKNdXuG4_eAesJd9uLpQ36wLg_UDlYdXtWhoTRs8
52.23.25.67200 OK 41 B URL HTTP/2 scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDU2OX0.FyjMKNdXuG4_eAesJd9uLpQ36wLg_UDlYdXtWhoTRs8
IP 52.23.25.67:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c9857ea2f242bf3f15e43b5c2668a5b1
ede8e375f70ebc3908af61dca3921ef59195f86d
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
GET /r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDU2OX0.FyjMKNdXuG4_eAesJd9uLpQ36wLg_UDlYdXtWhoTRs8 HTTP/1.1
Host: scout.salesloft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: application/json; charset=utf-8
content-length: 41
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.contrastsecurity.com
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: 81cd8cd28cd9aea1cddfe3b4ed6f01d1
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 998 B IP 93.184.220.29:0
Hash ce495af48bc14db1f743b4825fe30fcf
67751346dbb115a875046300e491df923ac563f4
b214ef328887b75902b1da241f9e095a8fccd540b74ae033b85a61672a10f184
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=121230
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Etag: "63dcb849-2d7"
Expires: Sun, 05 Feb 2023 09:19:27 GMT
Last-Modified: Fri, 03 Feb 2023 07:31:21 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 4f6c6f792af90ed4ca84a3398edebe6c
1cc35ba885b62ef0d65ab77723d4b2a65ffcd7c1
1ddb885081a91c9b90d3fa58029d54416a6658812daff91f3bc33993cc3b6155
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:57 GMT
Etag: "63dcb849-2d7"
Server: ECS (amb/6BA0)
Content-Length: 727
scout.salesloft.com/i
52.23.25.67200 OK 48 B IP 52.23.25.67:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 76af2d07c9897cb9710d5c21a321ee45
a33a2e4be4138c66ef21d351f8b65a7d92881581
38931c53c0392ccf2660f8d0ac4bf9a76ce467058e746a1ba3c7135a9f39c674
GET /i HTTP/1.1
Host: scout.salesloft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: application/json; charset=utf-8
content-length: 48
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.contrastsecurity.com
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: 8b21543573428f350d5ec61c4d6cfca2
set-cookie: site_identity=d690e0ed-6b8c-4e29-a64b-67144935a7b5; path=/; expires=Sat, 03 Feb 2024 23:38:57 GMT; max-age=31536000; HttpOnly
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 3dc14e0dcf6c3aec4b8e70bef80d9ead
762e7ebf7d0bb792a432aaadc693dae41f3bb9da
a45d1c7b4792a60b82a0180014372ca8fb16b997d0fea655fefd73aa5796046a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 11:36:14 GMT
Expires: Thu, 09 Feb 2023 11:36:13 GMT
Etag: "762e7ebf7d0bb792a432aaadc693dae41f3bb9da"
Cache-Control: max-age=474434,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f00d0beb4b4ee-OSL
abm2.listenloop.com/api/v1/public/retargeting_segments
52.45.207.127200 OK 53 B URL HTTP/1.1 abm2.listenloop.com/api/v1/public/retargeting_segments
IP 52.45.207.127:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6c5dd70f00847b765e0076c5d014f95d
1231cad64b4aa6792fbc446d16c325e307fe18a3
1f42bbfd15d18fed524b8ae4828ffff381fc7eda9d7a9d6cad0c6c4dc76f7b8d
POST /api/v1/public/retargeting_segments HTTP/1.1
Host: abm2.listenloop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 161
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Access-Control-Allow-Origin: https://www.contrastsecurity.com
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Type: application/json; charset=utf-8
Date: Fri, 03 Feb 2023 23:38:58 GMT
ETag: W/"1f42bbfd15d18fed524b8ae4828ffff3"
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Request-Id: 8603cf4d-d827-412a-adda-e5e0eba08a9f
X-Runtime: 0.005028
Content-Length: 53
Connection: keep-alive
abm2.listenloop.com/api/v1/public/organizations/me?public_key=efuwGqFyAE2223hAzxSB
52.45.207.127200 OK 344 B URL HTTP/1.1 abm2.listenloop.com/api/v1/public/organizations/me?public_key=efuwGqFyAE2223hAzxSB
IP 52.45.207.127:0
File type JSON data\012- , ASCII text, with very long lines (574), with no line terminators
Hash 4aaa427c755f46288b17e949b88849b8
971e2d5c08acb59ba1500503c0db77fa815bf9fe
4971c5e07b504194f566876fbb5261f45bc3a650d4dda9c68986788d9db9d321
GET /api/v1/public/organizations/me?public_key=efuwGqFyAE2223hAzxSB HTTP/1.1
Host: abm2.listenloop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Access-Control-Allow-Origin: https://www.contrastsecurity.com
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Type: application/json; charset=utf-8
Date: Fri, 03 Feb 2023 23:38:58 GMT
ETag: W/"4971c5e07b504194f566876fbb5261f4"
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Request-Id: 682a41a5-f80e-40f9-a4ca-dd0cad5a97c2
X-Runtime: 0.005306
Content-Length: 344
Connection: keep-alive
34.215.155.61/is
34.215.155.61200 OK 32 B IP 34.215.155.61:0
File type ASCII text, with no line terminators
Hash 0f2febd39a10946291fc75c7f5299aad
00973f2ce5f0116c28be6d70d8389467305559c6
4b621899bc59e72277c4faacd61f8f4ddc93ed8400a2a2bba32440b05c2a5113
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 34.215.155.61
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 23:38:58 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=52990
date: Fri, 03 Feb 2023 23:38:58 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 28 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (38752)
Hash 8aa708f5eebf10bd82e942dabf1623a5
326a6d469222302a80ecf29039e7837d8870ee47
fcfdc2930fdd7f4b3c7f0c1308ce2e89fcc5082ae6a0a1e16ecf0f7e417f1368
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 594
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Fri, 03 Feb 2023 23:38:58 GMT
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 27630
bat.bing.com/bat.js
204.79.197.200200 OK 68 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 8bfdff1b96b026d2413bc1ffddefc2bd
264812bcd52b90b5eb31df28f09e52953d631041
3d0f43fc136f1ab44173fcb49caf946c9fc8f0fd51b2b5e1e1edadf1aba5747b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2363AEA2FD74BA8B325F4AAC28C6AB4 Ref B: OSL30EDGE0110 Ref C: 2023-02-03T23:38:58Z
date: Fri, 03 Feb 2023 23:38:57 GMT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 18 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
Hash da22cec61090e9b6f6e8ae395a04718e
e69aa50c67e0081c9933212a138ffde23346c974
379fc131d8cada74f4ce6e2cb30f2340a07aa1eb1205626961f018b7204defa9
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Fri, 03 Feb 2023 23:38:58 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5443
Cache-Control: max-age=121618
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Etag: "63dcbde2-1d7"
Expires: Sun, 05 Feb 2023 09:25:56 GMT
Last-Modified: Fri, 03 Feb 2023 07:55:14 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Last-Modified: Fri, 03 Feb 2023 22:00:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/950431113/?random=1675467569839&cv=11&fst=1675467569839&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=872776185.1675467570&rfmt=3&fmt=4
142.250.74.130200 OK 1.9 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/950431113/?random=1675467569839&cv=11&fst=1675467569839&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=872776185.1675467570&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (521)
Hash 19bb95739f31102f28c855a39f2038c0
1a2543cdc678678d23e2813b454486a7d89927e3
c591e0ccef583d153c3a8a171573c5353f59fc18062c5727ba05c1222f58d334
GET /pagead/viewthroughconversion/950431113/?random=1675467569839&cv=11&fst=1675467569839&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=872776185.1675467570&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:38:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 953
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 23:53:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 58 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
Hash 24b9aae3aa332d5e06741013fb36bfa7
c7f174ac5d252084862544f238692e1efaa59fc3
d1ceab68524338b30cccfc3266f8f7bd4a17b46aacdd6cee9d24f6f13014e050
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 21:44:08 GMT
expires: Fri, 03 Feb 2023 23:44:08 GMT
cache-control: public, max-age=7200
age: 6890
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/650436320/?random=1675467569847&cv=11&fst=1675467569847&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=872776185.1675467570&rfmt=3&fmt=4
142.250.74.130200 OK 1.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/650436320/?random=1675467569847&cv=11&fst=1675467569847&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=872776185.1675467570&rfmt=3&fmt=4
IP 142.250.74.130:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (751)
Hash 45d92bec4dd34dbd514d318f903dba2d
81ea8308940f4d0485b2b47dc9c39bf7c371f43b
54f56d877d71ef75a0690fe9d8361f22b3be63c01a7f246fc0515552762faa13
GET /pagead/viewthroughconversion/650436320/?random=1675467569847&cv=11&fst=1675467569847&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=872776185.1675467570&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:38:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 956
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 23:53:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.hs-banner.com/203759.js
172.64.154.85200 OK 16 kB URL HTTP/2 js.hs-banner.com/203759.js
IP 172.64.154.85:0
File type ASCII text, with very long lines (332), with no line terminators
Hash 24ba66e207d9083639b0f3829d17013f
eb6fba3fe85e37fb97410093ce56612b6a91abf7
5ad192cb55616f094eaba22b0f81aee26d1c08a7762e275bb3ba56d39b3c54a0
GET /203759.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: klvH+FALKA+/DaYgvHIWq7UWyxrFahiq0WI0kScMXoFPaBDmn9Clcf5tLlXjIfoGbvUZ/Uz9GgI=
x-amz-request-id: K3YZ3MJ5PD4V9CX5
last-modified: Tue, 25 Oct 2022 19:53:13 GMT
etag: W/"423ed7f865b4a6dcf16d049a3878ffea"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: BmCpauTeD_LQS6w0_3hNB3JdgqJxv_jI
access-control-allow-origin: https://www.contrastsecurity.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Fri, 03 Feb 2023 23:43:57 GMT
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 793f00c78b41b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.css
138.199.36.10200 OK 69 kB URL HTTP/2 a.omappapi.com/app/js/api.min.css
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 text, with very long lines (34460)
Hash a0d4748a7cdd80c3a575892b2c991e68
7b8fff0da08e6aa8e8eeda12802355235f9645d7
63aabb03abfac7469fb9cafbe523e62c1c9153516b6f35976f8a51a80ae8e75c
GET /app/js/api.min.css HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:56 GMT
content-type: text/css
server: BunnyCDN-DE1-1053
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"fdfc47d7f4872c3530f2516e9f42a6ed"
last-modified: Thu, 02 Feb 2023 22:05:39 GMT
perma-cache: MISS
x-amz-id-2: AYlwqO3KhTmA6pmPog/Xd/0I2sjlMP8uf3/7VmrWnghcFkWKAVuyqkhZlPXIvQ7d90pKQTc9la8=
x-amz-request-id: 1MD2P5K75MVM2XWD
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/02/2023 22:07:19
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: e71d63c7c11d5dabae3c65c60e0447be
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/all.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash e6a73f85a9206396a4962475073830dc
2439f56a54219a0c312f54ad27b0431b91b13b23
aa351770063bbf80f4bdafd11161a7f2d20e8fd7f4935da2ebcae770a409b9b6
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b0afc9ecd4a0251f815d71a0b0d94bca
etag: "fbcc5231002cca7ddbeabacba5257e45"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 03 Feb 2023 23:44:06 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 5qc/hakgY5akliR1Bzgw3A==
x-fb-debug: 01gQ2wFiT73FBdcOWnsuRftZyVxef6MSx7ayATAHrQXvHXN4Lj5OFHau4oU+xTyAlqHR0dxwrirVuHOWoyZkGA==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 23:38:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash aa5809ba834dbb2d2aeb01e4d7858cab
a5feba654026fec8871aa252344e41923e05f2f6
c1a90a4571f53704311269a2e6cdb6ca20041515cba71b4392adc134b098d3a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4073
Cache-Control: max-age=87493
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Etag: "63dc3dee-118"
Expires: Sat, 04 Feb 2023 23:57:11 GMT
Last-Modified: Thu, 02 Feb 2023 22:49:18 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 30 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
Hash b38dc465164d4feb714c502052a17b0a
809ae8a2e291d2bb59e7dc2fff10349e7df5b8dc
4a45ed8973beed594c0bb48b0f54224890ee8f099e71920d4354688e298dd1c6
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Tszyy8R0LEMA/uh4lI3F9SuIiMDEY/JhI1jsdp+5Atbyw+AtdZ1TYqwHkong3nYyUUNizJbJsRdRdyvbHdVESA==
content-length: 27843
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 23:38:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5909
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Last-Modified: Fri, 03 Feb 2023 22:00:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
alb.reddit.com/rp.gif?ts=1675467569994&id=t2_epbh77bg&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c7637172-7056-4c1e-af1b-396c508b30f4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.129.140200 OK 42 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1675467569994&id=t2_epbh77bg&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c7637172-7056-4c1e-af1b-396c508b30f4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.129.140:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /rp.gif?ts=1675467569994&id=t2_epbh77bg&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c7637172-7056-4c1e-af1b-396c508b30f4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Fri, 03 Feb 2023 23:38:58 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LVG2KS7RHZ&cid=851955478.1675467570>m=45je3210&aip=1&z=513162799
142.250.74.163200 OK 283 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LVG2KS7RHZ&cid=851955478.1675467570>m=45je3210&aip=1&z=513162799
IP 142.250.74.163:0
Hash 4e6b29fd09e84832fd5028475efdfc42
5781974f2df4efd4447de8ded51c2a1a8f38839f
51e4d831584b0b03728b147b2580620c1ed9d82e9b5259d795758f7b7c075282
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LVG2KS7RHZ&cid=851955478.1675467570>m=45je3210&aip=1&z=513162799 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:38:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
alb.reddit.com/rp.gif?ts=1675467569996&id=t2_uob78mj3&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c7637172-7056-4c1e-af1b-396c508b30f4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
151.101.129.140200 OK 437 B URL HTTP/2 alb.reddit.com/rp.gif?ts=1675467569996&id=t2_uob78mj3&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c7637172-7056-4c1e-af1b-396c508b30f4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4
IP 151.101.129.140:0
Hash 9cb4e99c5a245f0b301d886639f7f66e
aac03ef22b325cbe4a060c4f1020d4d446f252ce
410dba3994e5f5a1f3b3fcc466179bc5b362dd7145c198912a350b44c0c53df8
GET /rp.gif?ts=1675467569996&id=t2_uob78mj3&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c7637172-7056-4c1e-af1b-396c508b30f4&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1280&sw=1024&v=rdt_65e23bc4 HTTP/1.1
Host: alb.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Fri, 03 Feb 2023 23:38:58 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.contrastsecurity.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.contrastsecurity.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56166)
Size 105 kB (105435 bytes)
Hash 58f06e7d628e7e207cad8e48c9cc76be
9042f057d52be00c9535ce93b0ce4c03707e0c41
ea6c34f2e7acfea93ba722fe283f2704392dc518c9a0d1eeca0ba03a0b63d789
GET /widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.contrastsecurity.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 870943
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Feb 2023 23:38:58 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F709)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105435
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 7bb594d04fcb5edf4a33f0253a11e28b
252072d89beadafcb2c574d36f66eecae0284d1b
8d85bfd3193baca0d36b5328f26f81c756770cc83c9d1a688e71651269bb6cef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 23:38:58 GMT
Last-Modified: Fri, 03 Feb 2023 23:11:23 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4ipGEChsBRQDLTQI0P_wwNOkNJv4MuLT1Iddq2aUIZszUWw3xEsY4g==
Age: 1655
segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=
54.73.239.30303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=
IP 54.73.239.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Fri, 03 Feb 2023 23:38:58 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Fri, 03 Feb 2023 23:48:58 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
143.204.55.20200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
IP 143.204.55.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 112fdf47cdb80b9ce3d033ed09717460
3898efa86cbf1b64dc41a90a110ed5afd6f2ae13
3bfb2e882091d872eece2eee40084183a5fcb0a7ed98c1b004850751260a4cbb
GET /box-e031119f9e9e307a08fa610f85dbfb52.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MgHfE0JVq53TVdQA1jqgVIiSNyJGl--7v0yulJn8J5BkAf3GFi-dGQ==
age: 37732
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash da07b1a085424a7beb3ae06a06294635
4c306ca81691c642b738b2da469b6894ba7da09c
82871724d2a7d2ed7acf571f8e54d0a5ce80c7eb2f91b5197b3b0d3938012a17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2670
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Last-Modified: Fri, 03 Feb 2023 22:54:29 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2fdd4a71f94f887227623bed4f75dcc6
ef9e6c5749f2702c61580fa3e038a16a8bfca94f
7c7d42a969377c086baef4a6f4f6792c7b4dd3c09714876f17fbb39cf6ca8c5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4992
Cache-Control: max-age=111043
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:58 GMT
Etag: "63dc9655-13a"
Expires: Sun, 05 Feb 2023 06:29:41 GMT
Last-Modified: Fri, 03 Feb 2023 05:06:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
js.hs-analytics.net/analytics/1675467300000/203759.js
104.17.68.176200 OK 21 kB URL HTTP/2 js.hs-analytics.net/analytics/1675467300000/203759.js
IP 104.17.68.176:0
File type ASCII text, with very long lines (64325)
Hash 4a69807dfdc45c8da88343eb2968de89
cc45e486ce130f854c918ed36430007fcd2ed7dd
cf4add9d1243362c1a9a8c4f80c6550c991da08bc3893d61c3cdfac83ec5a064
GET /analytics/1675467300000/203759.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:58 GMT
content-type: text/javascript
x-amz-id-2: osOhZtz+LcgWgyKlyNZCYxPZYcHo1hHKi1kboUoVF5JNYv/NiBsrS0EjGN3n09yU4IG5lcjMtTc=
x-amz-request-id: 6FWMNCCT2J90A00H
last-modified: Wed, 18 Jan 2023 19:56:00 GMT
etag: W/"895dabb183be28255049be644aa48169"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Fri, 03 Feb 2023 23:43:58 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 793f00d42e1b0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=2a015eaa-056b-4ba2-8c21-560d709705da&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=71f0203c-0f80-44bf-a3b3-742f6e2cdb54&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=2a015eaa-056b-4ba2-8c21-560d709705da&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=71f0203c-0f80-44bf-a3b3-742f6e2cdb54&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=2a015eaa-056b-4ba2-8c21-560d709705da&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=71f0203c-0f80-44bf-a3b3-742f6e2cdb54&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:58 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=8e9d1f4c-f83a-4708-8b7f-8ca5e792dfd0; Max-Age=63072000; Expires=Sun, 02 Feb 2025 23:38:58 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: ecf5deb0a84af1cf
strict-transport-security: max-age=0
x-response-time: 108
x-connection-hash: 53c5ecf07aff1b11fa46ffd2fe1bbd56a80358cb929204a7b2667541edbf6cbf
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c6a3467f30fecd803d580a4ab497ef4c
18bd878c52f2f58d9d2ac0aa3229b12385da9a86
d71e96892e48787b9c88cb3b49e87a7572af70d185eea13dcece9e177e13bb5c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 22:51:38 GMT
Expires: Thu, 09 Feb 2023 22:51:37 GMT
Etag: "18bd878c52f2f58d9d2ac0aa3229b12385da9a86"
Cache-Control: max-age=514958,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f00d54c33b4ee-OSL
bat.bing.com/action/0?ti=56279431&tm=gtm002&Ver=2&mid=2496af6b-af85-4dab-bdb5-9f96f32127c9&sid=01f0ec00a41c11ed846a5f725490af96&vid=01f0d060a41c11edaf20d9a1de4d7d98&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&p=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&r=<=2643&evt=pageLoad&sv=1&rn=653219
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=56279431&tm=gtm002&Ver=2&mid=2496af6b-af85-4dab-bdb5-9f96f32127c9&sid=01f0ec00a41c11ed846a5f725490af96&vid=01f0d060a41c11edaf20d9a1de4d7d98&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&p=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&r=<=2643&evt=pageLoad&sv=1&rn=653219
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=56279431&tm=gtm002&Ver=2&mid=2496af6b-af85-4dab-bdb5-9f96f32127c9&sid=01f0ec00a41c11ed846a5f725490af96&vid=01f0d060a41c11edaf20d9a1de4d7d98&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&p=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&r=<=2643&evt=pageLoad&sv=1&rn=653219 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2C0FB7456B2E6453292DA5E86ADB6537; domain=.bing.com; expires=Wed, 28-Feb-2024 23:38:58 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5113E801F2B64EA190C3716DAC01B1CD Ref B: OSL30EDGE0110 Ref C: 2023-02-03T23:38:58Z
date: Fri, 03 Feb 2023 23:38:58 GMT
X-Firefox-Spdy: h2
segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1
54.73.239.30200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1
IP 54.73.239.30:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Fri, 03 Feb 2023 23:38:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
syndication.twitter.com/settings?session_id=17b9c7b1315869c2f461d8ac977f9dbcc3c6a30c
104.244.42.72200 OK 326 B URL HTTP/2 syndication.twitter.com/settings?session_id=17b9c7b1315869c2f461d8ac977f9dbcc3c6a30c
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (919), with no line terminators
Hash 11f6a2d6bb52340b52d53f9cf72973e8
ea0c3e5d850a2659b3344d84957b691a6f7942b8
a0b2545f4adeaf91f7a23b95f43c682557bdfd1e59d2cf394d10a01f97c886ff
GET /settings?session_id=17b9c7b1315869c2f461d8ac977f9dbcc3c6a30c HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:58 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Fri, 03 Feb 2023 23:38:58 GMT
content-length: 326
content-encoding: gzip
x-transaction-id: 4950160b4caaca4f
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 107
x-connection-hash: 34f9dea587db2a48811c2c6cd23a5884aa9368cf91555a0342cdd3fbc9cd3a13
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.bca0d1c28285412bb689.js
54.230.111.93200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.bca0d1c28285412bb689.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (49086)
Hash e923aa360dc485b9df86355bd040c998
03c46dbd41e9d4bdf8a9e4bfbaba3f7f2e9280ec
9c7575553c5b81f9b905dbb27c8116b175b69e7472aa6597f8cace1c6434d676
GET /modules.bca0d1c28285412bb689.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 67924
date: Fri, 03 Feb 2023 13:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e923aa360dc485b9df86355bd040c998"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sj0g7W8-T3OvRB-esL4eUcs0BWJpxxytshdsBiPzLTLdFYyUiPwxcg==
age: 37733
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/56279431.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/56279431.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/56279431.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C23193EB1EC4F1F8E59F1D17D4DC5CA Ref B: OSL30EDGE0110 Ref C: 2023-02-03T23:38:58Z
date: Fri, 03 Feb 2023 23:38:58 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d748dcaaec947b38996a2f987e98b2b9
7e018ab7e9f0c73d53379d1698a06177b0643687
2ef4873c62fe3cfbc33e7a8f0ab428ab78676b1d01c2aee8bc16d50fafe756d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4966
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:38:59 GMT
Last-Modified: Fri, 03 Feb 2023 22:16:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
www.google.com/pagead/1p-user-list/650436320/?random=1675467569847&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=3064795509&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/650436320/?random=1675467569847&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=3064795509&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/650436320/?random=1675467569847&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=3064795509&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:38:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/950431113/?random=1675467569839&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=3670469697&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/950431113/?random=1675467569839&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=3670469697&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/950431113/?random=1675467569839&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=3670469697&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:38:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/650497777/?random=1675467569848&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=1961310042&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/650497777/?random=1675467569848&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=1961310042&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/650497777/?random=1675467569848&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=1961310042&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:38:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/all.js?hash=a34d1ad1955194aa1a87ad7c8f363112
157.240.205.11200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/all.js?hash=a34d1ad1955194aa1a87ad7c8f363112
IP 157.240.205.11:0
File type ASCII text, with very long lines (18605)
Hash 7ed96809db3728f25b98bfad1ad3f1a2
df81c593f854b5240220862cf493f1f4ce16db74
9d378ad4227075be7ef6d4459138b5d04f435edbf360732b06505487c062fa75
GET /en_US/all.js?hash=a34d1ad1955194aa1a87ad7c8f363112 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 6d043eb544e7f6386500f4bfabbfc667
etag: "90f1a26781cab49cb9a4d70fbed4522d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 03 Feb 2024 22:49:04 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ftloCds3KPJbmL+tGtPxog==
x-fb-debug: tE2eTG540UAJp9UidkF42sQBQDGG3omvOPw3PewRqYdmfmDyLhkeR+mhcPk1uwMBQvB+5IrlTg8VFPKb5NiK1g==
priority: u=3,i
content-length: 88311
x-fb-trip-id: 1679558926
date: Fri, 03 Feb 2023 23:38:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/461755762/?random=1675467569849&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=1350650341&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/461755762/?random=1675467569849&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=1350650341&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/461755762/?random=1675467569849&cv=11&fst=1675465200000&bg=ffffff&guid=ON&async=1>m=45He3210&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=1350650341&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:38:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1675467571594&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1675467571594&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1283858%2C1155724&time=1675467571594&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1283858%252C1155724%26time%3D1675467571594%26url%3Dhttps%253A%252F%252Fwww.contrastsecurity.com%252Fsecurity-influencers%252Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIzrISRTxKsawAAAYYZpcKAfYd3JYx2NYSXMTBSHlADJc8_32bEUWs7p8cu_ZvFFQyjqVsYjlV2RQ; Max-Age=2592000; Expires=Sun, 05 Mar 2023 23:38:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKEnd1rY5V2LAAAAYYZpcKAl3tWSh2zfoV7FX-lHbZtRwgm4oyGx2dcGnKzeyZkP_H-RXPCRNj0C2XxrL2XRg; Max-Age=2592000; Expires=Sun, 05 Mar 2023 23:38:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&0ee999cc-23ac-4798-8add-2ba4c23a19bc"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 03-Feb-2024 23:38:59 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2481:u=1:x=1:i=1675467539:t=1675553939:v=2:sig=AQHiUVTXJuTeFKCmucCJxoKnebwnVKqj"; Expires=Sat, 04 Feb 2023 23:38:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXz1C9/lhIudESXg7N19g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EB0A80DBD7B94A4189A20CBB5322E743 Ref B: OSL30EDGE0517 Ref C: 2023-02-03T23:38:59Z
date: Fri, 03 Feb 2023 23:38:58 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.sa-as.com/lib.js
209.128.119.150200 OK 630 B IP 209.128.119.150:0
Hash 984a8737fd44dc83c59d9cd6d6c5d8db
3dff20b31570c795457fe5732f3042f5a346960e
0881e6858e5f04154cba7e6ee95b1cb1ebc533ea0b3cffc1b80229cf4a18644c
GET /lib.js HTTP/1.1
Host: stats.sa-as.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:34:20 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Last-Modified: Fri, 14 Apr 2017 20:48:27 GMT
ETag: "7200a7-52e-54d2690345cc0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 630
Connection: close
Content-Type: text/javascript
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2a015eaa-056b-4ba2-8c21-560d709705da&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=71f0203c-0f80-44bf-a3b3-742f6e2cdb54&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2a015eaa-056b-4ba2-8c21-560d709705da&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=71f0203c-0f80-44bf-a3b3-742f6e2cdb54&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=2a015eaa-056b-4ba2-8c21-560d709705da&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=71f0203c-0f80-44bf-a3b3-742f6e2cdb54&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:58 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_5DuqZSOBnmPm6CZxJ8pMTw=="; Max-Age=63072000; Expires=Sun, 02 Feb 2025 23:38:59 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: f7522853fe43d437
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: a4e51bf814dcd7d2806b24db180dc55651e0c46de8552548b62e4847ae314bfd
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1283858%252C1155724%26time%3D1675467571594%26url%3Dhttps%253A%252F%252Fwww.contrastsecurity.com%252Fsecurity-influencers%252Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1283858%252C1155724%26time%3D1675467571594%26url%3Dhttps%253A%252F%252Fwww.contrastsecurity.com%252Fsecurity-influencers%252Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1283858%252C1155724%26time%3D1675467571594%26url%3Dhttps%253A%252F%252Fwww.contrastsecurity.com%252Fsecurity-influencers%252Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1675467571594&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&32171bbd-b5cd-4860-89d3-95c841c04c1e"; Domain=.linkedin.com; Expires=Sat, 03-Feb-2024 23:38:59 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2023020323385927603032-6bb2-4274-8623-8402a1f284a7AQGXJ3stvUMbrAnfAXYEw6kLOJfGftHu"; Domain=.www.linkedin.com; Expires=Sat, 03-Feb-2024 23:38:59 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzU0Njc1Mzk7MjswMjE9CAjaW1skNPFtqvcFJCAXEv129x0Uqru+70nJ2169Sw==; Domain=.linkedin.com; Expires=Wed, 02 Aug 2023 23:38:59 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2453:u=1:x=1:i=1675467539:t=1675553939:v=2:sig=AQFvG7SYLxBBIg3Njf3i_n1u2WRZleQH"; Expires=Sat, 04 Feb 2023 23:38:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXz1C+COM3fVd5+rOVxpQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8B8F46BA9F7C4C1C8FBE783808633BE8 Ref B: OSL30EDGE0517 Ref C: 2023-02-03T23:38:59Z
date: Fri, 03 Feb 2023 23:38:58 GMT
content-length: 0
X-Firefox-Spdy: h2
ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1675467572205&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4
34.111.208.231200 OK 0 B URL HTTP/2 ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1675467572205&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4
IP 34.111.208.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /a/gif.gif?actTypeId=31&cid=16560021&r=1675467572205&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&version=2.4 HTTP/1.1
Host: ibc-flow.techtarget.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: ibc_rate_tier
Referer: https://www.contrastsecurity.com/
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.2
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-guploader-uploadid: ADPycdu5KKxAgTMw16t_PLcx45PNqDfeiHDWLaogQi6AnrC6rJSMe5OWAbenl6SEi1lFwGiEcACvDY5ZftD-M9HSCbFdVw
vary: Origin
expires: Fri, 03 Feb 2023 23:38:59 GMT
cache-control: private, max-age=0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-32996095-1&ga_client_id=851955478.1675467570&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%22851955478.1675467570%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221675467570.1%22%2C%22dcm_gid%22%3A%22233987556.1675467572%22%2C%22mntnis%22%3A%22c47AsPIqDp%2FTBuEf6VoGGRhfdWUkkXOl%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1675467570.1&dcm_gid=233987556.1675467572&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cb=22386027033070156term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C&shoid=851955478.1675467570
34.210.219.79200 OK 1.2 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-32996095-1&ga_client_id=851955478.1675467570&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%22851955478.1675467570%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221675467570.1%22%2C%22dcm_gid%22%3A%22233987556.1675467572%22%2C%22mntnis%22%3A%22c47AsPIqDp%2FTBuEf6VoGGRhfdWUkkXOl%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1675467570.1&dcm_gid=233987556.1675467572&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cb=22386027033070156term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C&shoid=851955478.1675467570
IP 34.210.219.79:0
File type ASCII text, with very long lines (2446)
Hash 461c28844342dfa0756e448f5faeed57
8b1eb56bc9f755b32e0749ac6398bda757d8fe15
55c01382f0566e8c833306e43e7aac1a645d72351c71db6d351ea4e090c68ef7
GET /st?ga_tracking_id=UA-32996095-1&ga_client_id=851955478.1675467570&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%22851955478.1675467570%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221675467570.1%22%2C%22dcm_gid%22%3A%22233987556.1675467572%22%2C%22mntnis%22%3A%22c47AsPIqDp%2FTBuEf6VoGGRhfdWUkkXOl%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1675467570.1&dcm_gid=233987556.1675467572&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cb=22386027033070156term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C&shoid=851955478.1675467570 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=eeadc11c-a41b-11ed-a8c0-6f6cd7ec5408;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
abm2.listenloop.com/api/v1/public/page_views
52.45.207.127204 No Content 0 B URL HTTP/1.1 abm2.listenloop.com/api/v1/public/page_views
IP 52.45.207.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/public/page_views HTTP/1.1
Host: abm2.listenloop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.contrastsecurity.com/
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Access-Control-Allow-Origin: https://www.contrastsecurity.com
Date: Fri, 03 Feb 2023 23:38:59 GMT
Server: nginx
Connection: keep-alive
cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/token
54.230.111.8200 OK 569 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/token
IP 54.230.111.8:0
Hash cc57a14c56afb550414d75d2e9f47f60
e6eca8b2c0f2928fdb9fa854314ce3414b6fd48a
739dcb9b910acc896de649b368038a3b628414b16f866c623d619268d671ec3e
GET /partner/1155724,1283858/domain/contrastsecurity.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 Feb 2023 23:29:30 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MnicaivaJpIGxPLxZ9LR0MT7chwTx5xqAdkV0y6ss3YII93Po3y2Uw==
age: 569
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/1283858/oribili.js
54.230.111.8200 OK 24 kB URL HTTP/2 cdn.linkedin.oribi.io/1283858/oribili.js
IP 54.230.111.8:0
Hash cefc9ef78d6b7f2b4aad80c66c340cca
debf3888003da8e4852793b4261d9f6c94c08de5
753228deff841b727a239338a4603f6ce91e5f3808859af77681e9b8d5ce7916
GET /1283858/oribili.js HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
date: Fri, 03 Feb 2023 23:35:05 GMT
cache-control: public, max-age=300
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OPbp3RvPggeW_yneH2fg7RQW8fVuVE2w-JzngZ5iIJ7Ddvc5kwkbRg==
age: 234
vary: accept-encoding, Origin
X-Firefox-Spdy: h2
app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=08e82c40-50fb-44a7-aa54-4db92e6099c0
35.169.154.38200 OK 1.6 kB URL HTTP/1.1 app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=08e82c40-50fb-44a7-aa54-4db92e6099c0
IP 35.169.154.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2724)
Hash 1248d7d2147c957b85247084b9d0603a
76e76576880c60e1ac0ae7e068f4407dfbf03a0b
2ea0015e743dc5a3a0d701760628d825edbc9749599a6a4ffe161ceec2a800c7
GET /w/1/PK6AWFzWvCM5V41V/messenger?uuid=08e82c40-50fb-44a7-aa54-4db92e6099c0 HTTP/1.1
Host: app.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Security-Policy:
Content-Type: text/html; charset=utf-8
Date: Fri, 03 Feb 2023 23:38:59 GMT
Etag: W/"eea2e37c35242c639726ff5f17cfacaf"
Link: <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Via: 1.1 spaces-router (5b663686da57)
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 3eede637-33cf-7d4d-0d23-a6e5c22314d9
X-Runtime: 0.018277
X-Xss-Protection: 1; mode=block
Content-Length: 1610
ads.kwanzoo.com/embed-code/10260
100.20.44.23200 OK 1.2 kB URL HTTP/2 ads.kwanzoo.com/embed-code/10260
IP 100.20.44.23:0
File type exported SGML document, ASCII text
Hash 4bc5c15099deca40d2a1c810cb2e812e
94ec820f8ac661ad7d8205defb46e017eb8bb56e
3349d67b06039bcf39514705e751fcf03f9396acb2abc3246f6caa36eecb6991
GET /embed-code/10260 HTTP/1.1
Host: ads.kwanzoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: text/javascript;charset=ISO-8859-1
content-length: 1194
server: Apache/2.2.15 (CentOS)
set-cookie: JSESSIONID=A8C21E1791AF324844853671E3045674; Path=/; Secure
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store
content-language: en-US
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
abm2.listenloop.com/api/v1/public/page_views
52.45.207.127200 OK 240 B URL HTTP/1.1 abm2.listenloop.com/api/v1/public/page_views
IP 52.45.207.127:0
File type JSON data\012- , ASCII text, with very long lines (364), with no line terminators
Hash ce64700efe180818fb7d5f90499d407d
3918422e3a629a59db41348c6c760d36aaeb90c6
402ee5a774104930e9d34976aae17bf3ae321f02eafa4f8ff688c6190bfb472a
POST /api/v1/public/page_views HTTP/1.1
Host: abm2.listenloop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.contrastsecurity.com
Content-Length: 161
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Access-Control-Allow-Methods: GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Access-Control-Allow-Origin: https://www.contrastsecurity.com
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Type: application/json; charset=utf-8
Date: Fri, 03 Feb 2023 23:38:59 GMT
ETag: W/"402ee5a774104930e9d34976aae17bf3"
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Request-Id: 001b2189-4aa5-4d29-802a-e46d14a01668
X-Runtime: 0.011007
Content-Length: 240
Connection: keep-alive
assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
104.18.17.5200 OK 106 kB URL HTTP/2 assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
IP 104.18.17.5:0
File type Web Open Font Format (Version 2), TrueType, length 105804, version 1.0\012- data
Size 106 kB (105804 bytes)
Hash 007ad31a53f4ab3f58ee74f2308482ce
dfa9f8f3d79bf8a0001fe72eeadad0490cba59cc
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
GET /packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2 HTTP/1.1
Host: assets.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Origin: https://app.qualified.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: font/woff2
content-length: 105804
x-amz-id-2: kJAJMWEqp0JMqgGbhUUO2Mdsg5y4UsULu0KFJ8rTrS1nW6K0KGgYamtJSzXtbieKaftaI+Uz2xE=
x-amz-request-id: FB6TZ8E5HYEDGD3Z
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
etag: "007ad31a53f4ab3f58ee74f2308482ce"
cache-control: public, max-age=31557600
expires: Sun, 04 Feb 2024 05:39:00 GMT
x-amz-version-id: ePBeoMCujYBxKBCWHO9COs36tHcpJSw9
cf-cache-status: HIT
age: 4917161
accept-ranges: bytes
server: cloudflare
cf-ray: 793f00dd1bafb52d-OSL
X-Firefox-Spdy: h2
assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
104.18.17.5200 OK 99 kB URL HTTP/2 assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
IP 104.18.17.5:0
File type Web Open Font Format (Version 2), TrueType, length 98868, version 1.0\012- data
Hash dc131113894217b5031000575d9de002
f96348260751ea78b1d23e9557db297290bdaf28
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
GET /packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2 HTTP/1.1
Host: assets.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Origin: https://app.qualified.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: font/woff2
content-length: 98868
x-amz-id-2: 0h9GFI8ZP9MkNqPcs/pO3Sh/2XSGDq1nJjOIRviIOXd5VeSCMMfX8tcBVqsIVrCRNOdIzJWunX68Wen6XBkDeQ==
x-amz-request-id: FB6TQGR33YDR70TP
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 08 Dec 2022 23:17:25 GMT
etag: "dc131113894217b5031000575d9de002"
cache-control: public, max-age=31557600
expires: Sun, 04 Feb 2024 05:39:00 GMT
x-amz-version-id: Ts0p7fbKsZIFu_VEk6HOvm9iYpTRKuos
cf-cache-status: HIT
age: 4917161
accept-ranges: bytes
server: cloudflare
cf-ray: 793f00dd1bb3b52d-OSL
X-Firefox-Spdy: h2
assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-3fc40ebfde9565f16785.js
104.18.16.5200 OK 1.8 kB URL HTTP/2 assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-3fc40ebfde9565f16785.js
IP 104.18.16.5:0
Hash ee1feb0c3f8152baebde3be1a46aadd7
b9a360f6110c09cc3828b7f0720cdcc2744c8cb9
fb34bd2c6e82543a316cd9d0dbd121cfeeeaf22e17300c7cca0b177d5212fcc2
GET /packs/js/widget/sandboxed/messenger~runtime-3fc40ebfde9565f16785.js HTTP/1.1
Host: assets.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: application/javascript
x-amz-id-2: 658jhqGWvFRXkV6LbolyabXW2kT69IChtMHeWov8lFQtl6nMyNYS2Vkeq/u1q5E2bD3sCaTnPrs=
x-amz-request-id: B738SG1SZBDPYXN1
last-modified: Mon, 23 Jan 2023 23:03:21 GMT
etag: W/"f73584ac2d7dc7f37e6574804b9c1f2c"
x-amz-version-id: XZXyn9lCbNFJ7sL2v9TAZAQUSSay._9u
cf-cache-status: HIT
age: 2144
expires: Sat, 04 Feb 2023 03:38:59 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f00dc9bf6b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ads.kwanzoo.com/wvt-iframe/load?widgetId=10260
100.20.44.23302 Found 20 B URL HTTP/2 ads.kwanzoo.com/wvt-iframe/load?widgetId=10260
IP 100.20.44.23:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /wvt-iframe/load?widgetId=10260 HTTP/1.1
Host: ads.kwanzoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: text/html; charset=UTF-8
content-length: 20
location: https://ads.kwanzoo.com/widget/inactive/10260
server: Apache/2.2.15 (CentOS)
set-cookie: JSESSIONID=A537E8381019CDDF0DBFC91E0E166399; Path=/; Secure
content-language: en-US
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gs.mountain.com/gs
52.12.117.226200 OK 144 B IP 52.12.117.226:0
File type ASCII text, with no line terminators
Hash 94d26dc3974c0719f3d6ed0aac7c1010
ddf05ac48e146839a8dbfc298ed0229cb893b396
34e29ab515f1e31fed8f74fa0d0211c1b198492b2c7a417f4d573c84236c03dc
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Cookie: guid=eeadc11c-a41b-11ed-a8c0-6f6cd7ec5408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 23:39:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
www.facebook.com/tr/?id=1315828585415353&ev=PageView&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&rl=&if=false&ts=1675467572200&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675467572200.43725292&it=1675467571703&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1315828585415353&ev=PageView&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&rl=&if=false&ts=1675467572200&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675467572200.43725292&it=1675467571703&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1315828585415353&ev=PageView&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&rl=&if=false&ts=1675467572200&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1675467572200.43725292&it=1675467571703&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 03 Feb 2023 23:39:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/ddm/activity/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513?
142.250.74.166302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513?
IP 142.250.74.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:39:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 03-Feb-2023 23:54:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1675467571594&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&liSync=true
13.107.42.14200 OK 110 kB URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1675467571594&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, from Unix\012- data
Size 110 kB (110275 bytes)
Hash bb54cd9d4db39640922daf61483d38eb
bb09d2214625777c43d9b2c2f75e6c8e31ff8722
74590811520320fcfe9024d34c94968064bba7bc5da7843d481e86fa7ce3cc90
GET /collect?v=2&fmt=js&pid=1283858%2C1155724&time=1675467571594&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&c11caf36-54fb-4424-8339-9b3b0c5107d0"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 03-Feb-2024 23:39:00 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2481:u=1:x=1:i=1675467540:t=1675553940:v=2:sig=AQHQ9AdlH2CJioJzoZoLWoWeqYtWJHcW"; Expires=Sat, 04 Feb 2023 23:39:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXz1C+SBJAs46tWvgog9w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 21520F975864425992239B10F47A0857 Ref B: OSL30EDGE0517 Ref C: 2023-02-03T23:39:00Z
date: Fri, 03 Feb 2023 23:38:59 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gw.linkedin.oribi.io/event
15.254.31.104202 Accepted 0 B URL HTTP/2 gw.linkedin.oribi.io/event
IP 15.254.31.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1
Host: gw.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 567
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: text/plain
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.contrastsecurity.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
px.ads.linkedin.com/ws_collect/?pid=1155724×tamp=1675467572628&raw_event_id=1283858-d24de535-e65c-66f8-8e69-047d44402e86-1675467572626
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/ws_collect/?pid=1155724×tamp=1675467572628&raw_event_id=1283858-d24de535-e65c-66f8-8e69-047d44402e86-1675467572626
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws_collect/?pid=1155724×tamp=1675467572628&raw_event_id=1283858-d24de535-e65c-66f8-8e69-047d44402e86-1675467572626 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
set-cookie: lang=v=2&lang=en-us; Domain=ads.linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&3afffc77-9ec0-4241-8ca5-ff62a3bbc007"; Domain=.linkedin.com; Expires=Sat, 03-Feb-2024 23:39:00 GMT; Path=/; Secure; SameSite=None
li_gc=MTswOzE2NzU0Njc1NDA7MjswMjEvEqfQUK+kQQATzCmbXNk6ujhYqdoyW5aqFYaEt9kh+w==; Domain=.linkedin.com; Expires=Wed, 02 Aug 2023 23:39:00 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2426:u=1:x=1:i=1675467540:t=1675553940:v=2:sig=AQFTmt2L2-BLZEGSb01uEYbQ6tGFY7LE"; Expires=Sat, 04 Feb 2023 23:39:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXz1C+SgCg2J5g06cxOXw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BF4EC4E1996845829CDD47BC04D03C8B Ref B: OSL30EDGE0517 Ref C: 2023-02-03T23:39:00Z
date: Fri, 03 Feb 2023 23:38:59 GMT
content-length: 0
X-Firefox-Spdy: h2
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-9cb61f47477bee7608ff.chunk.js
104.18.16.5200 OK 304 kB URL HTTP/2 assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-9cb61f47477bee7608ff.chunk.js
IP 104.18.16.5:0
File type ASCII text, with very long lines (65442)
Size 304 kB (303603 bytes)
Hash 5c71c52293de37ce6c588aadf885dcaf
3f6436321e0a06ee99be890a159bfaa2aacf9185
1859b00afe4bc81409d3953f2f9d42d0669b0d4e21af9150343f512d93a3c851
GET /packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-9cb61f47477bee7608ff.chunk.js HTTP/1.1
Host: assets.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: application/javascript
x-amz-id-2: IoqxR1v8fU4HfwIoY7YIRK+ZN0oRYvsFP13PiabgYqP/5qnaTV6iihc55z9iUiL7i53uozQJEns=
x-amz-request-id: 9DFZYV8D5XA61DJM
last-modified: Fri, 27 Jan 2023 02:42:24 GMT
etag: W/"7e97af0dc3584d8cee49eacce55c3d04"
x-amz-version-id: q3.UQjQiXulVUSEYjOOI8PUxA4bWfIF_
cf-cache-status: HIT
age: 2144
expires: Sat, 04 Feb 2023 03:38:59 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f00dc9bf8b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ads.kwanzoo.com/widget/inactive/10260
100.20.44.23200 OK 345 B URL HTTP/2 ads.kwanzoo.com/widget/inactive/10260
IP 100.20.44.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 66ec463ec8d2753c8948876a8cb6c35c
b59bc6cbce485bbc45ccfbd7a674788b35218b8c
127f472d1efcf6a896fbf64c83fae11bef0de61827ae238af394455e22bfc0a1
GET /widget/inactive/10260 HTTP/1.1
Host: ads.kwanzoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 345
server: Apache/2.2.15 (CentOS)
set-cookie: JSESSIONID=A2955A2D65769D13723B816A64A55364; Path=/; Secure
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store
content-language: en-US
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 460ac891a4ddc0c19d6919beb9c9dae9
c429982e63c5b47b682e0b5f62c67a9eb1ef94ba
4a2b65d81017c3815630a5c51f479fbd876d54f20c209ba4cd75e7f1503b7029
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148647
Date: Fri, 03 Feb 2023 23:39:00 GMT
Etag: "63dd275f-1d7"
Expires: Sun, 05 Feb 2023 16:56:27 GMT
Last-Modified: Fri, 03 Feb 2023 15:25:19 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: v7_5I5HFeCuyhP3pJMWPe8pqyqtODxHwerXmZGLYKsHZNn9GyJQ93A==
Age: 5468
adservice.google.com/ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/
142.250.74.162302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:39:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.kwanzoo.com/images/kz-activate-large.png
100.20.44.23302 Found 321 B URL HTTP/2 ads.kwanzoo.com/images/kz-activate-large.png
IP 100.20.44.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 53a8fbfa18b14f2dc3a85cc7312cb91e
226f73518033234dc6d238767a1155dcf859779e
6cce9678fcc19a08ff9e39037d698bf8719d35671dff74d9f5324622995b1e4b
GET /images/kz-activate-large.png HTTP/1.1
Host: ads.kwanzoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.kwanzoo.com/widget/inactive/10260
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: text/html; charset=iso-8859-1
content-length: 321
location: https://images.kwanzoo.com/images/kz-activate-large.png
server: Apache/2.2.15 (CentOS)
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/
142.250.74.162200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=2400752479758.0513;~oref=https://www.contrastsecurity.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 23:39:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://app.qualified.com
Content-Length: 461
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 23:39:00 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://app.qualified.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 38b779e7266afbe2b5b8b9e39c3e2ff5
1ff5dd4be1f2e76ea0dcd8e2c5cd94495429708d
daa2dba1f54f2a847868f40350de10e3af527a9e07fa265a9704fc9533fc9136
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159483
Date: Fri, 03 Feb 2023 23:39:00 GMT
Etag: "63dd66a0-1d7"
Expires: Sun, 05 Feb 2023 19:57:03 GMT
Last-Modified: Fri, 03 Feb 2023 19:55:12 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L3eEQWk807gbpE-840ZRRRPEtDJICI3GgM7dmdQRhXWJvdpdjUdpbw==
Age: 111
stats.sa-as.com/index.php?DID=249993&MyPage=undefined&MyID=undefined&MySearch=undefined&TitleTag=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&Hst=www.contrastsecurity.com&width=1280&height=1024&ColDep=24&Lang=en-US&Cook=true&Page=%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&Reff=&FullPage=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&PMCD=https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&r=0.5681225760711784
209.128.119.150200 OK 102 B URL HTTP/1.1 stats.sa-as.com/index.php?DID=249993&MyPage=undefined&MyID=undefined&MySearch=undefined&TitleTag=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&Hst=www.contrastsecurity.com&width=1280&height=1024&ColDep=24&Lang=en-US&Cook=true&Page=%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&Reff=&FullPage=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&PMCD=https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&r=0.5681225760711784
IP 209.128.119.150:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9e8e1c551eb526e77ce0e9129d440543
2027dd3e84bcceeeddd3f3b20614573273f4fe74
acb81f272809476bba7369e26a57d03cd7643adafad568d39bb42c3ecd8c4797
GET /index.php?DID=249993&MyPage=undefined&MyID=undefined&MySearch=undefined&TitleTag=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&Hst=www.contrastsecurity.com&width=1280&height=1024&ColDep=24&Lang=en-US&Cook=true&Page=%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&Reff=&FullPage=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&PMCD=https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&r=0.5681225760711784 HTTP/1.1
Host: stats.sa-as.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:38:46 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 102
Connection: close
Content-Type: IMAGE/PNG
ws17.hotjar.com/api/v2/client/ws
18.200.102.92101 Switching Protocols 0 B URL HTTP/1.1 ws17.hotjar.com/api/v2/client/ws
IP 18.200.102.92:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws17.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.contrastsecurity.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i05vQmnqgfyN7fCjW54B+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 03 Feb 2023 23:39:00 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PwcDX91vL/7kNJ61mO77u4i1Hx8=
Sec-WebSocket-Extensions: permessage-deflate
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash b380ee7e41ce4b8d39dc3401ff70c8d1
baa410ccab6c443be73c90772eed096c45706d0a
0f8db5acaa67008dc593561760c4fd6d8d617776898b5dfad0a619351c83e7fb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:39:00 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 02:41:25 GMT
Expires: Thu, 09 Feb 2023 02:41:24 GMT
Etag: "baa410ccab6c443be73c90772eed096c45706d0a"
Cache-Control: max-age=442343,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f00e178f6b4ee-OSL
images.kwanzoo.com/images/kz-activate-large.png
54.230.111.99200 OK 40 kB URL HTTP/1.1 images.kwanzoo.com/images/kz-activate-large.png
IP 54.230.111.99:0
File type PNG image data, 600 x 500, 8-bit/color RGB, non-interlaced\012- data
Hash 2e77bb8a09df570a7e5f2a087cd13131
d0d92c3a3155c3b7db07e2a0e34228c0c8c301d8
9fcdcccd084ab89832c3cf5404ce3212599866192c11af993ee762c977f0b7a2
GET /images/kz-activate-large.png HTTP/1.1
Host: images.kwanzoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ads.kwanzoo.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 39866
Connection: keep-alive
Date: Fri, 03 Feb 2023 05:48:43 GMT
Last-Modified: Sun, 14 Jun 2015 07:22:25 GMT
ETag: "2e77bb8a09df570a7e5f2a087cd13131"
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m3gwgPB3hvP1Myv3v9lbVMlApgOUpdDWmfBaQYNW5eGjUsrgup-qhQ==
Age: 64217
px.mountain.com/st?ga_tracking_id=UA-32996095-1&ga_client_id=851955478.1675467570&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%22851955478.1675467570%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221675467570.1%22%2C%22dcm_gid%22%3A%22233987556.1675467572%22%2C%22mntnis%22%3A%22c47AsPIqDp%2FTBuEf6VoGGRhfdWUkkXOl%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1675467570.1&dcm_gid=233987556.1675467572&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&shadditional=googletagmanager%3Dtrue%2C&shoid=851955478.1675467570&cb=1675467539379982&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1675467540145
34.210.219.79200 OK 450 B URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-32996095-1&ga_client_id=851955478.1675467570&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%22851955478.1675467570%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221675467570.1%22%2C%22dcm_gid%22%3A%22233987556.1675467572%22%2C%22mntnis%22%3A%22c47AsPIqDp%2FTBuEf6VoGGRhfdWUkkXOl%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1675467570.1&dcm_gid=233987556.1675467572&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&shadditional=googletagmanager%3Dtrue%2C&shoid=851955478.1675467570&cb=1675467539379982&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1675467540145
IP 34.210.219.79:0
File type ASCII text, with very long lines (1555), with no line terminators
Hash c19529dbd697e469e767194d6631106e
3a76c12cc04c085b983c2c6467046f38dfab2e6f
480b88f9edad2ca12053a09a8145c6de9a42c5369b8c585839abae56f03e0563
GET /st?ga_tracking_id=UA-32996095-1&ga_client_id=851955478.1675467570&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%22851955478.1675467570%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221675467570.1%22%2C%22dcm_gid%22%3A%22233987556.1675467572%22%2C%22mntnis%22%3A%22c47AsPIqDp%2FTBuEf6VoGGRhfdWUkkXOl%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A7%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=1675467570.1&dcm_gid=233987556.1675467572&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&shadditional=googletagmanager%3Dtrue%2C&shoid=851955478.1675467570&cb=1675467539379982&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1675467540145 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Cookie: guid=eeadc11c-a41b-11ed-a8c0-6f6cd7ec5408
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=eeadc11c-a41b-11ed-a8c0-6f6cd7ec5408;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 16
server: istio-envoy
connection: close
transfer-encoding: chunked
in.hotjar.com/api/v2/client/sites/2245678/visit-data?sv=6
3.248.90.71200 OK 151 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2245678/visit-data?sv=6
IP 3.248.90.71:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4ba19941656a2a0cd758b2be898a5565
3853a8e6ebba9339cff0cc908cdd3c42eda4e2e9
f494e8a76a56229b40ae18cd06539de42c48173810269b07dcedea97c2be52e0
POST /api/v2/client/sites/2245678/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:39:00 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
v2.listenloop.com/loop.bundle.js
188.114.97.1200 OK 68 kB URL HTTP/2 v2.listenloop.com/loop.bundle.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with very long lines (64602)
Hash 8c4ff91b6a95f046e63d7c7fd430265d
9e972bdb1b1e526db2801d58f4080bd2502bf67c
5282e2d2e8245186c6439ace3ff291925ae5a70b990336be86ae3b4b0af3345b
GET /loop.bundle.js HTTP/1.1
Host: v2.listenloop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: application/javascript
x-amz-id-2: kaJQtxpXZ6g0+9XviwtqXt5OkpAk3cTlQycu/04E4wMZzaJ2tk3Uu94p2WYaUCPGfz2XuxLZTSU=
x-amz-request-id: A9K0YS71X98SPK3E
last-modified: Tue, 24 Jan 2023 14:35:26 GMT
x-amz-version-id: 2JjTFxlqqZhUN6jgk9ElX6c3XzYOx2bd
etag: W/"22d9170cc031f9f1b3ddb81123b04ff4"
cache-control: max-age=1800
cf-cache-status: HIT
age: 3457
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e98lxsJLsDgUT8Oubfg45nRHZaNK%2Fa5yk6dTvTHalJAFC9t%2FKcs7zhf7zNQCUrEvne9XcVRkXVfS7omitaSfvj0WEa9uJoTdMcUyYE9Cr0e%2FdMxhcMeGYmHy23d5Y38Sr5j5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
server: cloudflare
cf-ray: 793f00ca9e46b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.adroll.com/j/roundtrip.js
143.204.55.75200 OK 18 kB URL HTTP/1.1 s.adroll.com/j/roundtrip.js
IP 143.204.55.75:0
File type ASCII text, with very long lines (1139)
Hash 9dfa0c5db5eed95e00fe0a4c7ef3cabe
cee3213079e961894e6d67e0108bebe88fa11b37
f9f211f4363fa8d4f120b410c073d6bbf57d4fb1c5bbe260538e3469dc038048
GET /j/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 14:43:35 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: NwsfeSQdu7qaTe6tGVib5bHAlZ1WnBa6
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 03 Feb 2023 22:55:27 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"3980429e4470aea3a07be4951d0c262b"
Vary: Accept-Encoding
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
Age: 2627
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UQ0r8TpDGyNoa4iVZmMvLxPL5aCi8-_PqXxlwo5W4A5PfhGDAvTKwA==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash f93a19c557e2c8de5648d28ae7a499e8
574be414177fdacafd1eff61ab625c6d72457356
e8c374e5e8c66fc11db71c062972f3a124839ac19523aa52f0542b8e320c98a1
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 03 Feb 2023 23:39:01 GMT
Last-Modified: Fri, 03 Feb 2023 23:32:12 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GbdXCEmpMvWfnIG4p4qbtiQ2IzkkJOLHw956o1JbvoP_-_krji9IGA==
Age: 409
pipedream.wistia.com/mput?topic=metrics
18.232.209.5200 OK 2 B URL HTTP/2 pipedream.wistia.com/mput?topic=metrics
IP 18.232.209.5:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/x-www-form-urlencoded
Content-Length: 190
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:39:01 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.adroll.com/j/exp/VJKDLRPA7BENBB4U4RXOU7/index.js
143.204.55.75302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/VJKDLRPA7BENBB4U4RXOU7/index.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/VJKDLRPA7BENBB4U4RXOU7/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Fri, 03 Feb 2023 02:34:33 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
Age: 75867
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nFQOSjURmlTrvGKC4HwdhqanypTcprwfoHoUUWMyvJYZRgD90WLNEw==
s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/fpconsent.js
143.204.55.75302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/fpconsent.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/fpconsent.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Fri, 03 Feb 2023 01:29:22 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
Age: 79779
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0E9eHOapJfEuGrsbV7j75DplL1HGt8vP-9NC_hlCm4s_mKO5irQi5g==
s.adroll.com/j/exp/index.js
143.204.55.75200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.75:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 03 Feb 2023 03:19:25 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
Age: 75999
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uixAGjrxKlDjNTPZAYL2BxYo9A_Kc8_ZMyGU1UrMzokaL7k8WUGQLQ==
s.adroll.com/j/pre/index.js
143.204.55.75200 OK 0 B URL HTTP/1.1 s.adroll.com/j/pre/index.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.contrastsecurity.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 03 Feb 2023 08:56:39 GMT
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
Age: 52943
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qM-qVEQBUXSrqxd0yzgFdmJuKpoypO_7HwlYuw5txImyzsE4SUD1vg==
s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/index.js
143.204.55.75200 OK 0 B URL HTTP/1.1 s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/index.js
IP 143.204.55.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 01:04:37 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: ACzrew2n5iKAhIq70813G8pYfnjPXzEP
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 03 Feb 2023 23:07:19 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
Age: 1903
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m6hI9yvb0yZgTFOHgRTm8aSArN2j018gVOC6-xi-tJCGvHXwrFSLBA==
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 5bfe9f13077274870a871eba0a5f9983
dc22ba5417a8077514e5f55054a812ee1fc8def4
986e5b835c1eedd798e3c112af0ae24e08ab52f84dbdbd86fa38b3caf0b43aa8
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86146
Date: Fri, 03 Feb 2023 23:39:01 GMT
Etag: "63dc3990-1d7"
Expires: Sat, 04 Feb 2023 23:34:47 GMT
Last-Modified: Thu, 02 Feb 2023 22:30:40 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kjeq4C2DMgX4ODpusWT4IPDMSxYtpdY5KA46_WSMIx0GeFLdP6PS3g==
Age: 3847
d.adroll.com/consent/check/VJKDLRPA7BENBB4U4RXOU7?pv=92243730740.97981&arrfrr=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&_s=1415bbd71676009d39816d563817aa00&_b=2
18.200.160.6200 OK 462 B URL HTTP/2 d.adroll.com/consent/check/VJKDLRPA7BENBB4U4RXOU7?pv=92243730740.97981&arrfrr=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&_s=1415bbd71676009d39816d563817aa00&_b=2
IP 18.200.160.6:0
File type ASCII text, with very long lines (462), with no line terminators
Hash f1ea6806bd568a76f90743c9f86bf4dc
1434f444859671823af93466ca352a9c5bdb3edc
01226f5cec5edccdd97671ef8f3ad5028c7e1842ae1e3440108e963d12c24f6a
GET /consent/check/VJKDLRPA7BENBB4U4RXOU7?pv=92243730740.97981&arrfrr=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&_s=1415bbd71676009d39816d563817aa00&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:39:01 GMT
content-type: application/javascript
content-length: 462
server: nginx/1.22.1
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/token
54.230.111.8200 OK 537 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/token
IP 54.230.111.8:0
Hash df473097bf2f3a63cb3bd0b60160725a
b87dbf80a35266d6acbc3f01a31628400e69d0d3
3d93b2606035d9b3e8cb7dd408d848ecd2eef4ac753b0e92a39ee1b1c26dbca7
GET /partner/1155724,1283858/domain/contrastsecurity.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Fri, 03 Feb 2023 23:29:30 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Wg0rb1UO1LGssdkTNQ6EOe2xKuvzyqa55idk8_3dcmzZpcklZkL5xg==
age: 569
X-Firefox-Spdy: h2
qualified-production.s3.us-east-1.amazonaws.com/uploads/645cef5bb8a0d711e3fc02cf3aceffe55b5165cebac3ff719f947c7d676210da.png
52.216.38.90200 OK 9.6 kB URL HTTP/1.1 qualified-production.s3.us-east-1.amazonaws.com/uploads/645cef5bb8a0d711e3fc02cf3aceffe55b5165cebac3ff719f947c7d676210da.png
IP 52.216.38.90:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 7babe0e567f2226bc187d507f9046c41
4948a4c6dba7fa193fc0609256a75b26e37996b7
3e8b69b0cd302b5f596014aa08360162fbc408c6fc1a834ecaa8b3d1916c6d43
GET /uploads/645cef5bb8a0d711e3fc02cf3aceffe55b5165cebac3ff719f947c7d676210da.png HTTP/1.1
Host: qualified-production.s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: HsCsKnIGqyfjU8hA0oJYn8wES5ZTZXu0G2BnnxLS9HfQx8AmqU2feigf2FuFg1FG8poc4dZlGHE=
x-amz-request-id: 2B0KBXK80CW7VG04
Date: Fri, 03 Feb 2023 23:39:03 GMT
Last-Modified: Wed, 16 Feb 2022 00:15:42 GMT
ETag: "7babe0e567f2226bc187d507f9046c41"
Cache-Control: Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9609
script.hotjar.com/survey-v2.5f0b96c6c1e3f272abe9.js
54.230.111.93200 OK 34 kB URL HTTP/2 script.hotjar.com/survey-v2.5f0b96c6c1e3f272abe9.js
IP 54.230.111.93:0
Hash d1c9ab9746d33d6b15dfd7ba33e0e957
87188ca407e54f45d58de6ca5ec9ac7df0e388ad
9a44ef37a262c8340e1de095589eedcb330cef3857941514cea4aa8534e3fcbb
GET /survey-v2.5f0b96c6c1e3f272abe9.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 34434
date: Fri, 03 Feb 2023 13:10:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "d1c9ab9746d33d6b15dfd7ba33e0e957"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zk5uUMh_CaA50CvW95wdpc7-6ajCj5JgzqjiYJd4b2ZZdks0-SHczw==
age: 37735
X-Firefox-Spdy: h2
script.hotjar.com/hotjar-black-mono.a08482.svg
54.230.111.93200 OK 1.3 kB URL HTTP/2 script.hotjar.com/hotjar-black-mono.a08482.svg
IP 54.230.111.93:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2882), with no line terminators
Hash f4697ebb9548b1947de6051218f9c194
eb67944e083557890c7a0c2d1bf8c0b1aa63c0ec
7261b6559f0a284e374c766e0945c2e9b0e1cdb18e597bc4e0700392e4c1ae65
GET /hotjar-black-mono.a08482.svg HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 1259
date: Wed, 18 Jan 2023 05:25:46 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "f4697ebb9548b1947de6051218f9c194"
last-modified: Tue, 17 Jan 2023 14:25:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fBasKBWKZ8_ErQ0u5jOQq6ZTf1zDTikKEVZLp6sJqiLASGKuRqKyLw==
age: 1447996
X-Firefox-Spdy: h2
script.hotjar.com/widget_icons_light.766225.png
54.230.111.93200 OK 781 B URL HTTP/2 script.hotjar.com/widget_icons_light.766225.png
IP 54.230.111.93:0
File type PNG image data, 136 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ea930802b332190322de1fb6b03f74de
770ab2e38056ceca81351b202fb9e3390e1d38eb
ddaac6771f6d199e295c16e6738da51b19481b72f91cb6dedd9e5e42049ef021
GET /widget_icons_light.766225.png HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 781
date: Tue, 06 Dec 2022 01:17:03 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
etag: "ea930802b332190322de1fb6b03f74de"
last-modified: Mon, 05 Dec 2022 14:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yWFt98rJazAgjH3eGVco-50X1M6qvordXm9bB7JI3CUkwwXEIlAwLA==
age: 5178119
X-Firefox-Spdy: h2
surveystats.hotjar.io/hit?id=852587&device=desktop
108.157.229.59200 OK 0 B URL HTTP/2 surveystats.hotjar.io/hit?id=852587&device=desktop
IP 108.157.229.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hit?id=852587&device=desktop HTTP/1.1
Host: surveystats.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 0
date: Tue, 10 Jan 2023 01:15:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 0
last-modified: Wed, 27 Jan 2021 15:23:17 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
cache-control: public,max-age=0
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 2cbf148f6c14a1a6f56400dc9dc76f2a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: P2MDpLtC9NG3vd1yOJl46Nc6dBfjz9UVtBy37sk56arJoCzwEmi7TA==
age: 2154232
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.js
138.199.36.10200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/api.min.js
IP 138.199.36.10:0
ASN #60068 Datacamp Limited
GET /app/js/api.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:55 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1053
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"b247bb274f3cb1bd269f8cc96181041f"
last-modified: Thu, 02 Feb 2023 22:05:39 GMT
perma-cache: MISS
x-amz-id-2: 96lzO3WNpGjt7plv7NeL9CIXze+710MLVqyR+Iq/pVQLYYXBQ7ZWOt7GjOMnv7xzYOarN00cq5M=
x-amz-request-id: HFFAWBWHE2KBJAYN
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/02/2023 22:05:51
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: bc19a14a33a58605c872d95c061b3948
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
js.hsleadflows.net/leadflows.js
104.17.233.204200 OK 0 B URL HTTP/2 js.hsleadflows.net/leadflows.js
IP 104.17.233.204:0
GET /leadflows.js HTTP/1.1
Host: js.hsleadflows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.contrastsecurity.com
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Feb 2023 01:26:06 UTC
etag: W/"998dfd36d3c4078a3a05a1a77e61963c"
x-amz-server-side-encryption: AES256
x-amz-version-id: 9g41IgVIr3w9wyiFOHn4rgapkQc72OJD
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: MDOczrOo8sUqGi-mg0JTtIzyEGgEgRyZjFXrM_Vcc04bu_XmCzfLiA==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js&cfRay=793365c2dd831d1a-IAD
x-hs-target-asset: lead-flows-js/static-1.1134/bundle/main/lead-flows-release.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 793f00c79cfcb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
scout-cdn.salesloft.com/sl.js
104.18.222.90200 OK 0 B URL HTTP/2 scout-cdn.salesloft.com/sl.js
IP 104.18.222.90:0
GET /sl.js HTTP/1.1
Host: scout-cdn.salesloft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:57 GMT
content-type: application/javascript
x-amz-id-2: qf3ClpuTPcJIcaf9lDMbAj/C7KTb6wrTNVZvpPTuMcDn6J5apuWPupZ7ygGsCuih8R4rYooBk/g=
x-amz-request-id: N67V786YKMD3QBGX
last-modified: Mon, 13 Dec 2021 16:28:37 GMT
etag: W/"d74cc4825c8e333b2116da3fcc649db1"
x-amz-version-id: 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
cf-cache-status: HIT
age: 6384
expires: Sat, 04 Feb 2023 03:38:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
strict-transport-security: max-age=0
access-control-allow-origin: *
server: cloudflare
cf-ray: 793f00cd2f9efac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
104.18.16.5200 OK 0 B URL HTTP/2 assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
IP 104.18.16.5:0
GET /packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css HTTP/1.1
Host: assets.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: text/css
x-amz-id-2: PIfa/rRymz+YJzQs47OtpqAxibj1aqxEcLtatp6WqdzQW8BJd3BbtSplTBuFTdgk/gfeBwlDEsw=
x-amz-request-id: 21CE9EVQNFJ06QE1
last-modified: Tue, 24 Jan 2023 02:57:28 GMT
etag: W/"a788ecf510f83ee517cbaf79306145dd"
x-amz-version-id: LKiOzN9_IfnHmbRfOc7C5EALRvc3NvWO
cf-cache-status: HIT
age: 2144
expires: Sat, 04 Feb 2023 03:38:59 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f00dc9bf3b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2245678.js?sv=6
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2245678.js?sv=6
IP 143.204.55.54:0
GET /c/hotjar-2245678.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 03 Feb 2023 23:38:58 GMT
cache-control: max-age=60
etag: W/1821c34f6bd4f6e35d797ac42afa73eb
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DLsC_kp3ajr2InSqG48JklcOiIpf34hibhfsxU6QJeGGpT-FXF6ctQ==
X-Firefox-Spdy: h2
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-e8c4472b879b1d90be2d.chunk.js
104.18.16.5200 OK 0 B URL HTTP/2 assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-e8c4472b879b1d90be2d.chunk.js
IP 104.18.16.5:0
GET /packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-e8c4472b879b1d90be2d.chunk.js HTTP/1.1
Host: assets.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: application/javascript
x-amz-id-2: So9kDViFdprRUTXEidGd5MLEbnk/5uWoHLUp4HFdOhaUJIHqkQ5bBdHzIdTG2V4X9LCdYE4B7xM=
x-amz-request-id: YQB1XE6YXPX6NMDA
last-modified: Thu, 02 Feb 2023 01:27:47 GMT
etag: W/"67771f60204704007742cc5ff3e3d040"
x-amz-version-id: Fp2SBXKDvpV2DNju4GacdSu3CqMpe9c8
cf-cache-status: HIT
age: 5824
expires: Sat, 04 Feb 2023 03:38:59 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f00dc9bf9b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
104.18.16.5200 OK 0 B URL HTTP/2 assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
IP 104.18.16.5:0
GET /packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css HTTP/1.1
Host: assets.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.qualified.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:59 GMT
content-type: text/css
x-amz-id-2: vyHFDzPJSD8Zf9KNmXS2j+sF4ReecemroQj0fq82I3Xq2T8q9mzzXZ3JesVcGWoN4Wy3zSaH3ek=
x-amz-request-id: HSPV3B66RTS61M03
last-modified: Fri, 27 Jan 2023 23:22:48 GMT
etag: W/"22d5f23e695250d3c5a5b1e76a015c5e"
x-amz-version-id: Gq6x2Tkv60MpUcxxdlwk2LB5MtL0xAZj
cf-cache-status: HIT
age: 2144
expires: Sat, 04 Feb 2023 03:38:59 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f00dc9bf5b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
js.qualified.com/qualified.js?token=PK6AWFzWvCM5V41V
104.18.16.5200 OK 0 B URL HTTP/2 js.qualified.com/qualified.js?token=PK6AWFzWvCM5V41V
IP 104.18.16.5:0
GET /qualified.js?token=PK6AWFzWvCM5V41V HTTP/1.1
Host: js.qualified.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.contrastsecurity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:38:58 GMT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
content-encoding: gzip
etag: W/"e89905f93e8badfef4a5b4947cff0a5f"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept,Accept-Encoding
via: 1.1 spaces-router (5b663686da57)
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 4d2f298c-5e96-c4ab-ad30-1329624f9cc9
x-runtime: 0.017325
x-xss-protection: 1; mode=block
cf-cache-status: MISS
expires: Sat, 04 Feb 2023 03:38:58 GMT
server: cloudflare
cf-ray: 793f00ca8f95b4fa-OSL
X-Firefox-Spdy: h2