Overview

URL url-env.frbwndwt.com/?rid=TBogEdd
IP174.138.41.116
ASNDIGITALOCEAN-ASN
Location United States
Report completed2022-07-06 23:38:27 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 url-env.frbwndwt.com/?rid=TBogEdd Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (21)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] platform.linkedin.com (1) 3785 2014-06-09 22:46:05 UTC 2022-07-06 05:05:07 UTC 23.36.76.121
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] ocsp.digicert.com (5) 86 2012-11-29 12:49:49 UTC 2022-07-06 19:05:02 UTC 93.184.220.29
[Mnemonic Passive DNS] www.linkedin-ei.com (1) 0 2016-06-29 23:21:44 UTC 2022-07-06 14:01:55 UTC 13.107.42.16 Domain (linkedin-ei.com) ranked at: 917555
[Mnemonic Passive DNS] lnkd.demdex.net (2) 5780 2017-11-07 05:44:02 UTC 2022-07-06 14:01:57 UTC 54.171.229.53
[Mnemonic Passive DNS] www.google.com (2) 7 2012-05-22 04:23:54 UTC 2022-07-06 17:41:41 UTC 142.250.74.164
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] www.linkedin.com (4) 608 2012-07-31 06:29:59 UTC 2022-07-06 05:32:19 UTC 13.107.42.14
[Mnemonic Passive DNS] platform.linkedin-ei.com (3) 0 2019-04-26 13:09:23 UTC 2022-07-06 14:01:50 UTC 23.36.76.121 Domain (linkedin-ei.com) ranked at: 917555
[Mnemonic Passive DNS] googleads.g.doubleclick.net (2) 42 2012-05-21 16:28:57 UTC 2021-02-23 09:01:54 UTC 142.250.74.98
[Mnemonic Passive DNS] www.facebook.com (1) 99 2012-05-28 23:09:18 UTC 2022-07-06 04:41:57 UTC 157.240.200.35
[Mnemonic Passive DNS] www.googleadservices.com (2) 107 2017-01-30 05:00:00 UTC 2021-02-23 08:54:56 UTC 142.250.74.162
[Mnemonic Passive DNS] url-env.frbwndwt.com (1) 0 No data No data 174.138.41.116 Unknown ranking
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-06 04:55:23 UTC 54.230.111.7
[Mnemonic Passive DNS] static-exp1.licdn.com (9) 3079 2017-09-11 05:11:26 UTC 2022-07-06 17:35:12 UTC 23.36.76.210
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-06 04:47:23 UTC 52.39.57.61
[Mnemonic Passive DNS] www.google.no (2) 25607 2012-05-21 14:04:11 UTC 2014-08-11 22:10:14 UTC 142.250.74.3
[Mnemonic Passive DNS] r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-07-06 04:41:34 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.pki.goog (13) 175 2017-06-14 07:23:31 UTC 2022-07-06 04:42:12 UTC 142.250.74.3
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-06 17:02:11 UTC 34.120.237.76
[Mnemonic Passive DNS] dpm.demdex.net (1) 204 2013-01-07 23:07:12 UTC 2022-07-06 04:42:44 UTC 54.171.229.53


Recent reports on same IP/ASN/Domain

No other reports on IP: 174.138.41.116


Last 10 reports on ASN: DIGITALOCEAN-ASN

Date UQ / IDS / BL URL IP
2022-08-19 23:07:25 +0000
2 - 0 - 2 fwiwk.biz/cavcrw 167.99.35.88
2022-08-19 23:04:06 +0000
0 - 0 - 10 mkkuei4kdsz.com/958/784.html 64.225.91.73
2022-08-19 23:03:07 +0000
2 - 0 - 2 przvgke.biz/jqe 167.99.35.88
2022-08-19 23:03:04 +0000
2 - 0 - 2 przvgke.biz/tflig 167.99.35.88
2022-08-19 22:51:42 +0000
2 - 0 - 2 przvgke.biz/kigrdyg 167.99.35.88
2022-08-19 22:37:44 +0000
2 - 0 - 2 przvgke.biz/qkbqnj 167.99.35.88
2022-08-19 22:37:15 +0000
0 - 0 - 2 narmin.info/natflx/login.php 134.209.230.139
2022-08-19 22:30:54 +0000
2 - 0 - 2 przvgke.biz/exqctojotladvua 167.99.35.88
2022-08-19 22:29:10 +0000
3 - 0 - 0 craptioerne.com/gpywenonnys-bygvt7qhr2znzdlzr (...) 134.209.227.14
2022-08-19 22:00:30 +0000
2 - 0 - 2 przvgke.biz/rkalojtrl 167.99.35.88

No other reports on domain: frbwndwt.com



JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (65)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Backoff, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 22:56:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wukA8GwqjMHsCq0wDU5HFrLaK_LOBnu--sOFqa06sF_PzMKZjOO8Hw==
Age: 2518


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /?rid=TBogEdd HTTP/1.1 
Host: url-env.frbwndwt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         174.138.41.116
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gophish
Date: Wed, 06 Jul 2022 23:38:14 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5655)
Size:   10072
Md5:    a649ffcab239ddcd356947829a0a642f
Sha1:   9561a5def959a7d92fcef1f2126be855662595a3
Sha256: f702f863ebadfdb146f83275a2a266eb6050144c4cf0a42868d8bba1c26405a8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "78A5DCFAF2D93D9C87CFB6DBC56100E9F22965D4500554BA65F71CB7D84DD666"
Last-Modified: Wed, 06 Jul 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14836
Expires: Thu, 07 Jul 2022 03:45:30 GMT
Date: Wed, 06 Jul 2022 23:38:14 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 06 Jul 2022 03:26:46 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F4_XCpb0JMLxTz6QF1n7yePRfI8r94miVxfie0a-TxlftmzdvZ3M5g==
age: 72689
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 23:38:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /sc/h/3942ica60ul7j8vn4g79gnfu6 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Play
Expires: Wed, 05 Jul 2023 22:37:42 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: 0005e316802417252672e3fd641c399d
X-Li-Fabric: prod-ltx1
X-Li-Pop: prod-ltx1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXjFoAkFyUmcuP9ZBw5nQ==
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 533
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Content-Length: 21168
Connection: keep-alive
X-Cache: TCP_HIT
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (63589), with no line terminators
Size:   21168
Md5:    fb25cb37f42e4d316f8a8a225d9056fd
Sha1:   0bf594d3a1a8578801d0ba977b27a64ec02f94f4
Sha256: ce7bf3f3ff5068292e1d92221924f7fdd1f602048b18965c5fff63cc9c9a5fa2
                                        
                                            GET /sc/h/77dwnb2pybaaqilc6qvuvxrq HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Play
Expires: Wed, 05 Jul 2023 22:37:42 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: 0005e3168022e8b3e517226a58233b08
X-Li-Fabric: prod-lva1
X-Li-Pop: prod-lva1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXjFoAi6LPlFyJqWCM7CA==
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 430
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
X-Cache: TCP_HIT
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size:   46635
Md5:    cde0d5941fbc60d7326cb1fade6804eb
Sha1:   4f79dac961fc3f9bd270ddd5a24727580d82abf2
Sha256: b16737c238c456268356f76224087e7217a47aa70ec8945998ab9ffe8dafce50
                                        
                                            GET /sc/h/djykitbj8q6nbc5kqowcmv2h7 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Play
Expires: Tue, 04 Jul 2023 17:18:44 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: 0005e2fdeda1c9ae3b2d4f93458e7e67
X-Li-Fabric: prod-lva1
X-Li-Pop: prod-lva1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXi/e2hya47LU+TRY5+Zw==
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 129
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Content-Length: 16279
Connection: keep-alive
X-Cache: TCP_HIT
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  C source, Unicode text, UTF-8 text, with very long lines (65072)
Size:   16279
Md5:    d2b14d5523dde98940ba7d29507c9602
Sha1:   d6dc4fd5de2a552240530d880d33c0c17ca7ba90
Sha256: 695ca25c9b549b364ebe1779b5bc03a459b25df9464ea671b38f0667ed4e7e95
                                        
                                            GET /sc/h/25rsd1p042b09w3p9e4d93p47 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Play
Expires: Wed, 05 Jul 2023 22:37:41 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: 0005e316801db7f8495657cd612d9a14
X-Li-Fabric: prod-lva1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
NEL: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Li-Pop: prod-lva1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXjFoAdt/hJVlfNYS2aFA==
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 117
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Content-Length: 23571
Connection: keep-alive
X-Cache: TCP_HIT
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   23571
Md5:    3d3016658f5d4720df4ec61c91bf51a4
Sha1:   94669801518087e60e83d9605c0a5273136601f4
Sha256: 9c1749fc6edbc68756537dad1b5dd3cd37a161cbf7be09089237a78f09576bd3
                                        
                                            GET /sc/h/3gwa8npk8wov7oq34qip567xd HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Play
Expires: Thu, 06 Jul 2023 23:38:15 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: 0005e32b7685cc4c25e0dd55178dd6cd
X-Li-Fabric: prod-ltx1
X-Li-Pop: prod-ltx1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXjK3aFzEwl4N1VF43WzQ==
X-EdgeConnect-MidMile-RTT: 18, 18
X-EdgeConnect-Origin-MEX-Latency: 139, 139
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Content-Length: 807
Connection: keep-alive
X-Cache: TCP_MISS
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  ASCII text, with very long lines (1821), with no line terminators
Size:   807
Md5:    19ea6accb7361ace170d05b9a728feda
Sha1:   5e2965e0b3363189acf27f49ca697ca921a1a226
Sha256: 252d3c314819ad6f2d0a3d121036b5b742f417907816b39d289b37f32e583e7b
                                        
                                            GET /sc/h/afx8zoprarc5uzalncndy6n3h HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Play
Expires: Thu, 06 Jul 2023 23:38:15 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: 0005e32b768611421454d00af707a9b3
X-Li-Fabric: prod-lor1
X-Li-Pop: prod-lor1-x
X-LI-Proto: http/1.1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
X-LI-UUID: AAXjK3aGEUIUVNAK9wepsw==
X-EdgeConnect-MidMile-RTT: 18, 18
X-EdgeConnect-Origin-MEX-Latency: 192, 192
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Content-Length: 22315
Connection: keep-alive
X-Cache: TCP_MISS
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37531)
Size:   22315
Md5:    5fc0f556681d9b289e53c8bb2a8ff298
Sha1:   7faede3504a91f68d63056cea3232416fe50f493
Sha256: 921f6b512bde90c8e3b01b60ef6b417ffd89b27def200cadc739a9cbb9042c24
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Content-Type, Last-Modified, Alert, Backoff, Pragma, Expires, Content-Length, Cache-Control
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 06 Jul 2022 23:34:57 GMT
Cache-Control: max-age=3600
Expires: Thu, 07 Jul 2022 00:10:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ssp0JLzERwHUYXFpaDO0ILG7_QM7jfj03-UToHMXU1tWtgPoudZ2Cg==
Age: 199


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /sc/h/3m4lyvbs6efg8pyhv7kupo6dh HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: Play
Expires: Wed, 20 Apr 2022 06:05:21 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: e6d68956cf7b771630358778712b0000
X-Li-Fabric: prod-lva1
X-Li-Pop: prod-edc2
X-LI-Proto: http/1.1
X-LI-UUID: 5taJVs97dxYwNYd4cSsAAA==
Remote-Cache-Status: TCP_HIT, TCP_HIT
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Content-Length: 962
Connection: keep-alive
X-Cache: TCP_HIT
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   962
Md5:    9ae5595fc97b2bfbbe2827047014433b
Sha1:   76534233bbc77be08575fcfb5cf838a6be6de79f
Sha256: 490d6cc9dedd23edb7edf05e77879802acbd3effc7509017fd78aff28562c784
                                        
                                            GET /sc/h/dhra8axxv5afjd3u90gduwpcj HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Expires: Wed, 15 Mar 2023 06:42:40 GMT
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
Cache-Control: max-age=31536000, immutable
Server: Play
X-LI-Static-Content: 1
X-FS-UUID: d2c28dce08a57716106848d5c22a0000
X-Li-Fabric: prod-ltx1
X-Li-Pop: prod-eda6
X-LI-Proto: http/1.1
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
NEL: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-LI-UUID: 0sKNzgildxYQaEjVwioAAA==
Content-Length: 5497
Remote-Cache-Status: TCP_HIT
Date: Wed, 06 Jul 2022 23:38:15 GMT
Connection: keep-alive
X-Cache: TCP_HIT
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size:   5497
Md5:    e3eae9467d41fa15bc1d2a03a4d47a53
Sha1:   2cdb3230a055bc0b402bdcd4415553c964da1a35
Sha256: 7ebe33084a6e722927ef76ff3c583b1bae3ff27b6a48bf921d5de4aeebb56c62
                                        
                                            GET /sc/h/98lptr8kagfxge22q7k1fps8 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: Play
Expires: Tue, 26 Jul 2022 16:45:40 GMT
Cache-Control: max-age=31536000, immutable
Last-Modified: Mon, 05 Nov 2012 04:00:51 GMT
X-LI-Static-Content: 1
X-FS-UUID: 4824ed890b65951670ea7088632b0000
X-Li-Fabric: prod-lva1
X-Li-Pop: prod-edc2
X-LI-Proto: http/1.1
X-LI-UUID: SCTtiQtllRZw6nCIYysAAA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 06 Jul 2022 23:38:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
X-Cache: TCP_HIT
X-CDN-Proto: HTTP1
X-CDN-CLIENT-IP-VERSION: IPV4
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
X-CDN: AKAM


--- Additional Info ---
Magic:  ASCII text, with very long lines (760)
Size:   74356
Md5:    9fa19b0e4186d2a902433eb0cf2873c5
Sha1:   6f9dcf7280f6913d7f9f5fe891eaffb38c99a3e6
Sha256: d9d84d14c41c43dbd0d0fa6a9236f2797586062f6471ba69ccc2fcc7a5ab859c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5019
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 23:38:15 GMT
Last-Modified: Wed, 06 Jul 2022 22:14:36 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,csrf-token
Referer: http://url-env.frbwndwt.com/
Origin: http://url-env.frbwndwt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.14
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 30
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2285:u=1:x=1:i=1657150696:t=1657237096:v=2:sig=AQH0jMatsX2XuHp11Z0ACDE3bVYR8jgQ"; Expires=Thu, 07 Jul 2022 23:38:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXjK3aTMNc7eMCUZgJ+DQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2FED7CAA429C481882F517AD2FDD27CD Ref B: OSL30EDGE0407 Ref C: 2022-07-06T23:38:15Z
date: Wed, 06 Jul 2022 23:38:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    0c9fab80f0f1db7103d5d2ce5238bf7a
Sha1:   bba236b2221c8031d3667a2420e9548092859d92
Sha256: 9246543c4a6b764a3683800715e287ef5ad3a466d9d43f64e6ec7a753c4414ec
                                        
                                            OPTIONS /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,csrf-token
Referer: http://url-env.frbwndwt.com/
Origin: http://url-env.frbwndwt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 30
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2322:u=1:x=1:i=1657150696:t=1657237096:v=2:sig=AQFTvbICBqKRFqJIt7BpdZ8FkYErDnh1"; Expires=Thu, 07 Jul 2022 23:38:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXjK3aUjHcDqAlsXa5liw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FDB79066E50843508DD60C570FB604AB Ref B: OSL30EDGE0407 Ref C: 2022-07-06T23:38:16Z
date: Wed, 06 Jul 2022 23:38:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    0c9fab80f0f1db7103d5d2ce5238bf7a
Sha1:   bba236b2221c8031d3667a2420e9548092859d92
Sha256: 9246543c4a6b764a3683800715e287ef5ad3a466d9d43f64e6ec7a753c4414ec
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: e0/PjA8JO7EBYVmtbDVdHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.57.61
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NIeQ+7quAU+eteqroXjEXcOvkFM=

                                        
                                            OPTIONS /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,csrf-token
Referer: http://url-env.frbwndwt.com/
Origin: http://url-env.frbwndwt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 30
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2322:u=1:x=1:i=1657150696:t=1657237096:v=2:sig=AQFTvbICBqKRFqJIt7BpdZ8FkYErDnh1"; Expires=Thu, 07 Jul 2022 23:38:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXjK3aWJfxAXV0yknxJew==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0C1507BCDBC14273917C4BFBE39A5B1F Ref B: OSL30EDGE0407 Ref C: 2022-07-06T23:38:16Z
date: Wed, 06 Jul 2022 23:38:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    0c9fab80f0f1db7103d5d2ce5238bf7a
Sha1:   bba236b2221c8031d3667a2420e9548092859d92
Sha256: 9246543c4a6b764a3683800715e287ef5ad3a466d9d43f64e6ec7a753c4414ec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 23:38:16 GMT
Etag: "62c536bf-1d7"
Server: ECS (amb/6BA6)
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5417
Expires: Thu, 07 Jul 2022 01:08:34 GMT
Date: Wed, 06 Jul 2022 23:38:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5417
Expires: Thu, 07 Jul 2022 01:08:34 GMT
Date: Wed, 06 Jul 2022 23:38:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5417
Expires: Thu, 07 Jul 2022 01:08:34 GMT
Date: Wed, 06 Jul 2022 23:38:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E96EA592111AAC8DB4D301EA1E1DEF1043D15D8774C4224D707FB21885E98909"
Last-Modified: Wed, 06 Jul 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5417
Expires: Thu, 07 Jul 2022 01:08:34 GMT
Date: Wed, 06 Jul 2022 23:38:17 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F922dd00d-fd62-44d8-aed0-44e2f9cf82d4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10272
x-amzn-requestid: 8351e692-985b-4891-b827-77b52d9fa1ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Utc5yGQnIAMFYLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c20ea4-58e49c525fba7a4d71ae9aed;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:48:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sDaxe8WDrbE53siAcd90FUbOcpLIL2YLybRGhZa-Nx_x2msBCP72yw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 22:00:31 GMT
age: 5866
etag: "e514dd2ba6506dbfa0393dacd64630699e739697"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10272
Md5:    eddc9e66ac69496089132a17abcb74ac
Sha1:   e514dd2ba6506dbfa0393dacd64630699e739697
Sha256: ea84cd380943f8b4f74dccea600b23701bbf46b0ab1b512065b6b4cf0b4eab05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce2fc71a-842c-433d-8506-e191aa0edcd6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4243
x-amzn-requestid: 013a931d-b718-49de-a8e0-83dab66aa8b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ugb38Ge7oAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bcd9cc-375eb507376be9e156ed766e;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 23:01:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Z70oJQvoLMemVFsEoYEtvA5wA3jBZqBpFKMiAOABmXkQ8avGPVRESQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 16:49:27 GMT
age: 24530
etag: "5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4243
Md5:    4dadb5bd9157f2899ea250117bf6655e
Sha1:   5f4a7a2dcc9ffbb5bb61859a6337ec9c8f11f1f3
Sha256: 236f94db1ce5926743b6f0692509ab20c17fca595b5c062133a9d24fc80d6f0d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa89fb6c-1b8f-4b5f-881a-7c1b4ddc61b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4829
x-amzn-requestid: 9345b8b6-c799-4398-86f8-618eec6f54d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UjGL9F4oIAMFZQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bdea4c-0699926943cefd29234495fa;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 18:24:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SMiaJuChqVtH1akE4ReBrQQQS5Ic3HWrxL6FolBADdFQPakWPK9-zw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 04:41:09 GMT
age: 68228
etag: "b639fd1617311bd45a8615efc46b043526add4aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4829
Md5:    08b23daa51c5aa9893d433505300ef81
Sha1:   b639fd1617311bd45a8615efc46b043526add4aa
Sha256: 861c1f7c52fd5c5d2b8d0ae86ee2e3d46df0e9552ed2657f8aa6114703320779
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd91e1318-19c1-478d-9499-3baab13b925b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6764
x-amzn-requestid: 066475d9-bed3-4626-9a4d-a9e713866195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U3UCmEwgIAMFSDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c60076-694099bd5429b3a91e282d27;Sampled=0
x-amzn-remapped-date: Wed, 06 Jul 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8Ie_zy0LfZGwhWeD3rj2aXI9WVNbOzQr4ixU7QvFid2bFdI2aXdYyw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 22:03:40 GMT
age: 5677
etag: "245427c92c74e85f199f9fd9563c91cb62cba979"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6764
Md5:    92e0cfdf03ce76aa5a899b42fc763e83
Sha1:   245427c92c74e85f199f9fd9563c91cb62cba979
Sha256: 2216f105d3350eabd7422e964bbbd9758009675ace79437c368097a27bf1f1fb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1f48beb-da86-42f3-b5da-39fa82b568cb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7249
x-amzn-requestid: 865b5a9b-a852-4a12-8722-a9924f7390f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UhikQFDeoAMFRMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bd4ae7-373db7491a65d6700061bc8b;Sampled=0
x-amzn-remapped-date: Thu, 30 Jun 2022 07:04:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cG4rrc0FSLhmmqX7gfFNGDK4l_mL9KjUlyTg1MHHYHepJLjDyjg2Tw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 06:39:20 GMT
age: 61137
etag: "2f79d1e28bb827f7fa60b6675dba8022c28a1a3d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7249
Md5:    5c958b0c904620aff5f5f8a74f80d9f9
Sha1:   2f79d1e28bb827f7fa60b6675dba8022c28a1a3d
Sha256: 8bba608d028bbb678f021eaca3364856f930069f44b647346e649eca4c383955
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13136825-0301-44c6-8c81-faf21628fe4c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6737
x-amzn-requestid: 9a9c33df-daa2-49fb-ba8e-fd5a3149828e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UeP9ZG93oAMFX6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bbf9ef-248528170cf451be2662dbef;Sampled=0
x-amzn-remapped-date: Wed, 29 Jun 2022 07:06:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GZWZ5vCdHbLeGN4FdZbd8ysfjqcGd-7MsBW_steUpJ38jyLd16JNtw==
via: 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 06 Jul 2022 06:45:43 GMT
age: 60754
etag: "5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6737
Md5:    44f59062cacc44be268845c493de29de
Sha1:   5e2f835320ab350cdd1c3ad1ceb71db2bb27b84f
Sha256: c37305dfa7a241e526c7246a6eb71360dbfa2fe5d7f369f37ef7ddbfe1b97749
                                        
                                            GET /litms/api/metadata/user HTTP/1.1 
Host: www.linkedin-ei.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://url-env.frbwndwt.com
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.16
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 219
content-type: application/json
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Origin,Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin-ei.com; Secure bcookie="v=2&80ab0204-8b3a-4f20-8088-2b38af566fc0"; domain=.linkedin-ei.com; Path=/; Secure; Expires=Sat, 06-Jul-2024 11:15:49 GMT; SameSite=None bscookie="v=1&20220706233817a9566187-2ef2-4526-8457-5353ae0adc1eAQFZ8GqhoExORVLzAHr4GPmSaAt4VtBd"; domain=.www.linkedin-ei.com; Path=/; Secure; Expires=Sat, 06-Jul-2024 11:15:49 GMT; HttpOnly; SameSite=None lidc="b=ETGST09:s=ET:r=ET:a=ET:p=ET:g=76:u=1:x=1:i=1657150697:t=1657237097:v=2:sig=AQHUla5XlM9XvoNw65lDNzWbNh4FDKaQ"; Expires=Thu, 07 Jul 2022 23:38:17 GMT; domain=.linkedin-ei.com; Path=/; SameSite=None; Secure
access-control-allow-origin: http://url-env.frbwndwt.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' static.licdn-ei.com media.licdn-ei.com static-exp1.licdn-ei.com static-exp2.licdn-ei.com media-exp1.licdn-ei.com media-exp2.licdn-ei.com https://media-src.linkedin-ei.com/media/ www.linkedin.com www.linkedin-ei.com spdy.linkedin-ei.com dms.licdn-ei.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://linkedin.sc.omtrdc.net/b/ss/ https://*.qualtrics.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com static-src.linkedin-ei.com *.licdn-ei.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com platform.linkedin-ei.com spdy.linkedin-ei.com static-src.linkedin-ei.com *.licdn-ei.com lix.corp.linkedin.com lva1-lixr01.linkedin.biz wus2-pd-lixr1.linkedin.biz static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' http://qa-mailbox.corp.linkedin.com; report-uri /security/csp?e=e&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin-ei.com/platform-telemetry/ct"
x-li-fabric: ei-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-ei-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXjK3aouZkw6OueMFOR3w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4D3910FF1036453BB459E66BACAC3CB6 Ref B: OSL30EDGE0412 Ref C: 2022-07-06T23:38:16Z
date: Wed, 06 Jul 2022 23:38:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (324), with no line terminators
Size:   219
Md5:    b97c610b0102cf660fa0a2577377da84
Sha1:   21764c5c546b5c768ac27d79dc2a1c88d316e671
Sha256: 491d324defaddececb5182d263e7d7639838dad5c6f62aedb7129be64833fefa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1621
Cache-Control: max-age=154514
Date: Wed, 06 Jul 2022 23:38:17 GMT
Etag: "62c5cf26-1d7"
Expires: Fri, 08 Jul 2022 18:33:31 GMT
Last-Modified: Wed, 06 Jul 2022 18:06:30 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=14215E3D5995C57C0A495C55%40AdobeOrg&d_nsid=0&ts=1657150697031 HTTP/1.1 
Host: dpm.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: http://url-env.frbwndwt.com
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.171.229.53
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://url-env.frbwndwt.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v036-023fa7181.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=88966178984103940374095206732838526225; Max-Age=15552000; Expires=Mon, 02 Jan 2023 23:38:17 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 98TeMQclTuw=
Content-Length: 451
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (611), with no line terminators
Size:   451
Md5:    90e6bc8989062aee90630fb6ee660e8b
Sha1:   481ae5258853974e21f246ce6917e24e509f3c85
Sha256: 001d4b6c60302b2f76103db44a9e31203de2e1179a3fbd808cb4d0649cfadcd0
                                        
                                            GET /dest5.html?d_nsid=0 HTTP/1.1 
Host: lnkd.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         54.171.229.53
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
date: Wed, 6 Jul 2022 23:38:17 GMT
DCS: dcs-prod-irl1-1-v036-0a751b2d7.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 30 Jun 2022 15:20:22 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: a/P+Zem9SPs=
Content-Length: 2791
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size:   2791
Md5:    ccbdcb1e84c241950763ec4cd516cdfc
Sha1:   55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
Sha256: de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
                                        
                                            POST /event?d_dil_ver=9.4&_ts=1657150697036 HTTP/1.1 
Host: lnkd.demdex.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 228
Origin: http://url-env.frbwndwt.com
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.171.229.53
HTTP/1.1 200 OK
Content-Type: application/json;charset=utf-8
                                        
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://url-env.frbwndwt.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
DCS: dcs-prod-irl1-1-v036-086210d1c.edge-irl1.demdex.com 4 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=88966178984103940374095206732838526225; Max-Age=15552000; Expires=Mon, 02 Jan 2023 23:38:17 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: hvAgEVi2ThU=
Content-Length: 470
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (689), with no line terminators
Size:   470
Md5:    41dc6777b6143756a411a406722cf872
Sha1:   322a2d86bd312a1be6d28baa0689fe5e87c4dcdc
Sha256: e52002fbc85d4b6427f02bf6fb63465cd01576d50e4dd1e92efbcc6096fadc27
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1450
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 23:38:17 GMT
Last-Modified: Wed, 06 Jul 2022 23:14:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /tr/?id=136430647058082&ev=Adobe-Audience-Manager-Segment&cd[segID]=16675012&noscript=1 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lnkd.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
                                        
content-type: image/gif
date: Wed, 06 Jul 2022 23:38:17 GMT
expires: Wed, 06 Jul 2022 23:38:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   44
Md5:    b798f4ce7359fd815df4bdf76503b295
Sha1:   f8cc6addf1707ad236ad9970b0a48f9733d07da5
Sha256: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1450
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 23:38:17 GMT
Last-Modified: Wed, 06 Jul 2022 23:14:07 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /litms/utag/checkpoint-frontend/utag.117.js?utv=ut4.46.202111302028 HTTP/1.1 
Host: platform.linkedin-ei.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Cookie: lidc="b=ETGST09:s=ET:r=ET:a=ET:p=ET:g=76:u=1:x=1:i=1657150697:t=1657237097:v=2:sig=AQHUla5XlM9XvoNw65lDNzWbNh4FDKaQ"; lang=v=2&lang=en-us; bcookie="v=2&80ab0204-8b3a-4f20-8088-2b38af566fc0"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.121
HTTP/2 200 OK
                                        
etag: "238cb5fd477e078ef0f6adfaecf15bccc6c213e1"
server: Play
accept-ranges: bytes
cache-control: max-age=300
last-modified: Wed, 29 Jun 2022 18:06:50 GMT
content-encoding: gzip
content-length: 2998
content-type: application/javascript; charset=utf-8
x-li-fabric: ei-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-li-pop: ei-ltx1-x
x-li-proto: http/1.1
x-li-uuid: AAXivi7Gcar+tbbripGcMQ==
date: Wed, 06 Jul 2022 23:38:18 GMT
vary: Accept-Encoding
p3p: CP="CAO CUR ADM DEV PSA PSD OUR"
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9242), with no line terminators
Size:   2998
Md5:    78a8ec7a7a7dfb5323773e7091e35d68
Sha1:   88afc81c6d0c7723692277907d48a04d8ae89ece
Sha256: bebbfbf34a9638b8de510fb4924be744388ff6ba23542b52f5f396999ee11a36
                                        
                                            GET /litms/utag/checkpoint-frontend/utag.107.js?utv=ut4.46.202111302028 HTTP/1.1 
Host: platform.linkedin-ei.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Cookie: lidc="b=ETGST09:s=ET:r=ET:a=ET:p=ET:g=76:u=1:x=1:i=1657150697:t=1657237097:v=2:sig=AQHUla5XlM9XvoNw65lDNzWbNh4FDKaQ"; lang=v=2&lang=en-us; bcookie="v=2&80ab0204-8b3a-4f20-8088-2b38af566fc0"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.121
HTTP/2 200 OK
                                        
etag: "29e3dd43cce100097a8ffc846a7b1cec0ddf29b5"
server: Play
accept-ranges: bytes
cache-control: max-age=300
last-modified: Wed, 29 Jun 2022 18:06:50 GMT
content-encoding: gzip
content-length: 3147
content-type: application/javascript; charset=utf-8
x-li-fabric: ei-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-li-pop: ei-ltx1-x
x-li-proto: http/1.1
x-li-uuid: AAXivi7GA+7O3jGsOo8HSw==
date: Wed, 06 Jul 2022 23:38:18 GMT
vary: Accept-Encoding
p3p: CP="CAO CUR ADM DEV PSA PSD OUR"
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9552), with no line terminators
Size:   3147
Md5:    9f84f5230d87226765cb4d9fa8042f85
Sha1:   1cbccbec1c5b5b321724fb73a647256327301ec5
Sha256: 28dbf1f0bb109b5f3845485dc5d919dc6dd0bfd81e90b9c89819adcc1ba61dc7
                                        
                                            GET /litms/utag/checkpoint-frontend/utag.116.js?utv=ut4.46.202111302028 HTTP/1.1 
Host: platform.linkedin-ei.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Cookie: lidc="b=ETGST09:s=ET:r=ET:a=ET:p=ET:g=76:u=1:x=1:i=1657150697:t=1657237097:v=2:sig=AQHUla5XlM9XvoNw65lDNzWbNh4FDKaQ"; lang=v=2&lang=en-us; bcookie="v=2&80ab0204-8b3a-4f20-8088-2b38af566fc0"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.121
HTTP/2 200 OK
                                        
etag: "1884d42aef6f14622c39c3dbadf34318231159aa"
server: Play
accept-ranges: bytes
cache-control: max-age=300
last-modified: Wed, 29 Jun 2022 18:06:50 GMT
content-encoding: gzip
content-length: 1485
content-type: application/javascript; charset=utf-8
x-li-fabric: ei-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-li-pop: ei-ltx1-x
x-li-proto: http/1.1
x-li-uuid: AAXivi7ClkJQ5ORUwMPY2Q==
date: Wed, 06 Jul 2022 23:38:18 GMT
vary: Accept-Encoding
p3p: CP="CAO CUR ADM DEV PSA PSD OUR"
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3344), with no line terminators
Size:   1485
Md5:    bb78e9175ebe276d9a37d2b90f73cba3
Sha1:   8f4f2f4eba995cb3e13286711c0503241504620b
Sha256: 84260b780181adf9d736372fab1c8c7757ce2ceee155d7b3faa1823073af1e1a
                                        
                                            GET /litms/vendor/google/gtag-adwords.js?id=AW-979305453 HTTP/1.1 
Host: platform.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.76.121
HTTP/2 200 OK
                                        
etag: "84d5cfbc3b4386dc9aad717668ddb72fb5fe85df"
server: Play
accept-ranges: bytes
cache-control: max-age=2628000
last-modified: Thu, 09 Jun 2022 00:55:34 GMT
content-encoding: gzip
content-length: 29593
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
x-li-uuid: AAXhQDveJuGIV/5OC/T3Bw==
date: Wed, 06 Jul 2022 23:38:18 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29593
Md5:    f3dd4fadd7c24a30e294093c9c53d688
Sha1:   03051fb1394cff6dfb789a90c51055bae1fee063
Sha256: a83c5047a0e1bd069e5c5451d215335df33cd51660839fd1ddf46defd842712f
                                        
                                            OPTIONS /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,csrf-token
Referer: http://url-env.frbwndwt.com/
Origin: http://url-env.frbwndwt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 30
content-type: text/plain; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2322:u=1:x=1:i=1657150698:t=1657237098:v=2:sig=AQEAU6ts-wHu83LZa8EcXqUNNu5y2XqP"; Expires=Thu, 07 Jul 2022 23:38:18 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXjK3azHfLJlVIQGgIBXA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CE93548133824D3198096BD69F504E78 Ref B: OSL30EDGE0407 Ref C: 2022-07-06T23:38:18Z
date: Wed, 06 Jul 2022 23:38:17 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   30
Md5:    0c9fab80f0f1db7103d5d2ce5238bf7a
Sha1:   bba236b2221c8031d3667a2420e9548092859d92
Sha256: 9246543c4a6b764a3683800715e287ef5ad3a466d9d43f64e6ec7a753c4414ec
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/conversion/979305453/?random=1657150697611&cv=9&fst=1657150697611&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1 HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.162
HTTP/2 302 Found
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=575685111&cv=9&fst=1657150697611&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6hzGYryaC87y6gSHgqS4AQ&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/conversion/979305453/?random=1657150697613&cv=9&fst=1657150697613&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1 HTTP/1.1 
Host: www.googleadservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url-env.frbwndwt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.162
HTTP/2 302 Found
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=831033685&cv=9&fst=1657150697613&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6hzGYtf5C5KV6wTs5JDwDw&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/979305453/?random=575685111&cv=9&fst=1657150697611&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6hzGYryaC87y6gSHgqS4AQ&sscte=1&crd= HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url-env.frbwndwt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 302 Found
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/979305453/?random=575685111&cv=9&fst=1657150697611&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYryaC87y6gSHgqS4AQ&random=2157020599&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Jul-2022 23:53:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/viewthroughconversion/979305453/?random=831033685&cv=9&fst=1657150697613&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=6hzGYtf5C5KV6wTs5JDwDw&sscte=1&crd= HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url-env.frbwndwt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 302 Found
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/979305453/?random=831033685&cv=9&fst=1657150697613&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYtf5C5KV6wTs5JDwDw&random=2596935025&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Jul-2022 23:53:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-conversion/979305453/?random=575685111&cv=9&fst=1657150697611&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYryaC87y6gSHgqS4AQ&random=2157020599&resp=GooglemKTybQhCsO HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url-env.frbwndwt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 302 Found
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/979305453/?random=575685111&cv=9&fst=1657150697611&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYryaC87y6gSHgqS4AQ&random=2157020599&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-conversion/979305453/?random=831033685&cv=9&fst=1657150697613&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYtf5C5KV6wTs5JDwDw&random=2596935025&resp=GooglemKTybQhCsO HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url-env.frbwndwt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 302 Found
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/979305453/?random=831033685&cv=9&fst=1657150697613&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYtf5C5KV6wTs5JDwDw&random=2596935025&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-conversion/979305453/?random=575685111&cv=9&fst=1657150697611&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYryaC87y6gSHgqS4AQ&random=2157020599&resp=GooglemKTybQhCsO&ipr=y&prhg=0 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url-env.frbwndwt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-conversion/979305453/?random=831033685&cv=9&fst=1657150697613&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Furl-env.frbwndwt.com%2F%3Frid%3DTBogEdd&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=6hzGYtf5C5KV6wTs5JDwDw&random=2596935025&resp=GooglemKTybQhCsO&ipr=y&prhg=0 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url-env.frbwndwt.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 06 Jul 2022 23:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 23:38:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN