login.mailingwork.de/-link2/8362/3311/3/37/244559/JZBQiNWc/vWKUwBUsv2/0
185.98.186.253302 Found 0 B URL HTTP/1.1 login.mailingwork.de/-link2/8362/3311/3/37/244559/JZBQiNWc/vWKUwBUsv2/0
IP 185.98.186.253:0
ASN #48173 The Unbelievable Machine Company GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /-link2/8362/3311/3/37/244559/JZBQiNWc/vWKUwBUsv2/0 HTTP/1.1
Host: login.mailingwork.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 08 Jan 2023 05:58:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=registration&utm_campaign=snd-data-registration
Cache-Control: max-age=0, private, must-revalidate
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Strict-Transport-Security: max-age=63072000
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15393
Expires: Sun, 08 Jan 2023 10:14:54 GMT
Date: Sun, 08 Jan 2023 05:58:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9377
Expires: Sun, 08 Jan 2023 08:34:38 GMT
Date: Sun, 08 Jan 2023 05:58:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 05:41:28 GMT
content-type: application/json
age: 1013
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16090
Expires: Sun, 08 Jan 2023 10:26:31 GMT
Date: Sun, 08 Jan 2023 05:58:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LToP0dwwhfUBpoWZKUPfi2DLIuiDQzJ0ZDwW6VUOKw2caNUGxTCReDICUwYN2Gnwc0wVEomvqc1IHh5F0UnRZg==
x-amz-request-id: ZJP13HGK5EV73Q44
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 05:15:38 GMT
age: 2563
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 05:58:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 31577fb83b35d4150afeaccbe2684b32
e89fc926eb7c7872a7bd32b45179ffd56172037e
56f0cc885187a9bbcfbc61fd9923db854d525d14cac4de3ba97fa7f8b49dfea0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56F0CC885187A9BBCFBC61FD9923DB854D525D14CAC4DE3BA97FA7F8B49DFEA0"
Last-Modified: Fri, 06 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 08 Jan 2023 11:58:22 GMT
Date: Sun, 08 Jan 2023 05:58:22 GMT
Connection: keep-alive
cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=registration&utm_campaign=snd-data-registration
52.28.28.73200 OK 8.3 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=registration&utm_campaign=snd-data-registration
IP 52.28.28.73:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (793)
Hash a48243db3e96223bab744c8e92f75414
f64cf297050839809034babf5591fbcf1c516078
4955aecf2d406b0368a9d552c997011267a5eca7a5feea66e95dcf126109d04c
GET /reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=registration&utm_campaign=snd-data-registration HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
Set-Cookie: .AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/reg/ISDU23DU; samesite=lax; httponly
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Sun, 08 Jan 2023 05:58:23 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63bccc1f66ce9e92e4b40dfb3d397e96
b256695f795919c1fa3d0de461cf4d44fb7573f3
739ed63c77b8f2f8ae1e929d2e6ce784986ea0d3230d2a65cc9f733837c8a581
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cloudme02.infosalons.biz/reg/ISDU23DU/css/Visitor.css
52.28.28.73200 OK 168 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/css/Visitor.css
IP 52.28.28.73:0
File type ASCII text, with very long lines (526)
Size 168 kB (168318 bytes)
Hash 953008ae8f81645d0298b26897b6d8bc
c9dae64d03c7c6355f9104524643d99089f6e597
73961fec9e9f974e500e4d6c1d97d61cb8b45fbb2bcf65f3647fb97985a1fab0
GET /reg/ISDU23DU/css/Visitor.css HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=registration&utm_campaign=snd-data-registration
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 168318
Content-Type: text/css
Last-Modified: Thu, 05 Jan 2023 08:11:05 GMT
Accept-Ranges: bytes
ETag: "1d920dd41eea3fe"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Sun, 08 Jan 2023 05:58:23 GMT
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500&display=swap
216.58.207.202200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500&display=swap
IP 216.58.207.202:0
Hash 9f167d23b13f9f76f6bf8aa55595b596
2edaaf469f16d7a9d3a0cc2c5a9992e97e555997
acd615cb03c70281bfbc481a74ed0d6dfe4b76c102c77d2af54b57017adc0d80
GET /css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 05:58:22 GMT
date: Sun, 08 Jan 2023 05:58:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 05:17:21 GMT
age: 2461
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cloudme02.infosalons.biz/reg/ISDU23DU/images/BannerVisitor.JPG
52.28.28.73200 OK 231 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/images/BannerVisitor.JPG
IP 52.28.28.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1450x250, components 3\012- data
Size 231 kB (231195 bytes)
Hash 34b341fe3e5625ad8e07808a54e4eb88
e8f295db3474578d0fc7beb25a1c11c1ac8cdfc0
3ace90cbd0b7fa203f5e7cf802fea81975a04dd6bb6554b4c57182f75a2c146e
GET /reg/ISDU23DU/images/BannerVisitor.JPG HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=registration&utm_campaign=snd-data-registration
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 231195
Content-Type: image/jpeg
Last-Modified: Thu, 05 Jan 2023 08:11:05 GMT
Accept-Ranges: bytes
ETag: "1d920dd41efb59b"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Sun, 08 Jan 2023 05:58:23 GMT
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 212ab17dbc3eccca3020a8ac8c61357d
8e0ec6dc856e338b440bd7267e7cd87d6d90fa41
198e3545177c32e4a791721afb923751b1a026eb07bb1f4d2e2cd179847a52a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 05:58:22 GMT
Etag: "63b95534-1d7"
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iZ4dcxDNiBanfT64142mGFaWF6Vx_mE26mneZKAIhXXv8dPAtiYnAg==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:56 GMT
expires: Thu, 04 Jan 2024 19:33:56 GMT
cache-control: public, max-age=31536000
age: 296666
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 296668
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 212ab17dbc3eccca3020a8ac8c61357d
8e0ec6dc856e338b440bd7267e7cd87d6d90fa41
198e3545177c32e4a791721afb923751b1a026eb07bb1f4d2e2cd179847a52a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 05:58:22 GMT
Etag: "63b95534-1d7"
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: soIWCXH3e_fUTYwQLnZKgR54aRbJuzIBjgylH5Mcp5nM21seudQizg==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 212ab17dbc3eccca3020a8ac8c61357d
8e0ec6dc856e338b440bd7267e7cd87d6d90fa41
198e3545177c32e4a791721afb923751b1a026eb07bb1f4d2e2cd179847a52a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 05:58:22 GMT
Etag: "63b6b234-1d7"
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rff9UHvf85SXEnQAI4hhvWs0h-hBsbRxT5GNi3R_qH9yOmQZTPHL1Q==
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 212ab17dbc3eccca3020a8ac8c61357d
8e0ec6dc856e338b440bd7267e7cd87d6d90fa41
198e3545177c32e4a791721afb923751b1a026eb07bb1f4d2e2cd179847a52a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105654
Date: Sun, 08 Jan 2023 05:58:22 GMT
Etag: "63b95534-1d7"
Expires: Mon, 09 Jan 2023 11:19:16 GMT
Last-Modified: Sat, 07 Jan 2023 11:19:16 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IkHAVOh6m4rpFHui17c2sDMB9yoO3d1vgQilgoaS0Ir4lRyruMaaUg==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2658
Cache-Control: max-age=100366
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:22 GMT
Etag: "63b9362a-1d7"
Expires: Mon, 09 Jan 2023 09:51:08 GMT
Last-Modified: Sat, 07 Jan 2023 09:06:50 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 212ab17dbc3eccca3020a8ac8c61357d
8e0ec6dc856e338b440bd7267e7cd87d6d90fa41
198e3545177c32e4a791721afb923751b1a026eb07bb1f4d2e2cd179847a52a2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105654
Date: Sun, 08 Jan 2023 05:58:22 GMT
Etag: "63b95534-1d7"
Expires: Mon, 09 Jan 2023 11:19:16 GMT
Last-Modified: Sat, 07 Jan 2023 11:19:16 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yWiFio4k3X4xozhbdQQSC_einpbxkptTGpM4x8aHu5rUqe_Luc6Hlg==
www.googletagmanager.com/gtm.js?id=GTM-NMF9JV
142.250.74.72200 OK 88 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NMF9JV
IP 142.250.74.72:0
File type ASCII text, with very long lines (16512)
Hash 9971317d8807087b31f759316a2c02ec
baf473f05417eb4703050a8a3733e58e2931c750
62cc68bdfb3f92074fdd806cdd29d88d8446150b065f6d9f27497c2e96e51c4f
GET /gtm.js?id=GTM-NMF9JV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 08 Jan 2023 05:58:22 GMT
expires: Sun, 08 Jan 2023 05:58:22 GMT
cache-control: private, max-age=900
last-modified: Sun, 08 Jan 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/app/welcome.js
54.230.111.84200 OK 1.2 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/app/welcome.js
IP 54.230.111.84:0
File type Unicode text, UTF-8 (with BOM) text
Hash 4d9448149a2dd8ece3a4a843d8e776c4
08e8a3a47f6ad103e0163a8dce63572803a348ca
9fb778be1a3c92e22244d7566d53349a416ad87ddb4dcb0d6c170e5890e1addc
GET /ISDU23DU/js/app/welcome.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1221
date: Sun, 08 Jan 2023 05:58:23 GMT
last-modified: Thu, 05 Jan 2023 08:10:36 GMT
etag: "4d9448149a2dd8ece3a4a843d8e776c4"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZsEVc0qENUwXd581-e8fyKcfv_qb5kASWeX33VnaeHdznZnATSGp-A==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.infosalons.ae/ISDU23DU/js/vendors/form-validation/formValidation.min.js
54.230.111.84200 OK 76 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/form-validation/formValidation.min.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a9f8f55bd0c17edf54a47fa4be59241d
8e381b96dbe45c3e206c11f5c6272bdb86a78119
24872b6f4d95efb2133b4673e5535c672a0957995077c3c90ad3dbc4d51b934f
GET /ISDU23DU/js/vendors/form-validation/formValidation.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 75561
date: Sun, 08 Jan 2023 05:58:23 GMT
last-modified: Thu, 05 Jan 2023 08:10:36 GMT
etag: "a9f8f55bd0c17edf54a47fa4be59241d"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j3vY-OnECINFyqVviT2Mr1q1FpixnKCfYeymPjpC_01GFLJG7FdO3A==
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/vendors/form-validation/Bootstrap3.min.js
54.230.111.84200 OK 2.2 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/form-validation/Bootstrap3.min.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (2190), with no line terminators
Hash bdc791aecf2dd3bd9c9cf437ca1c82fd
b1bad54611ff8985d63c398ec7529f6ba32a8a24
f7a3ba3861a88f9cff01a6f76678f61e87cf314f35c6121072e46b3c8954a4c2
GET /ISDU23DU/js/vendors/form-validation/Bootstrap3.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 2190
date: Sun, 08 Jan 2023 05:58:23 GMT
last-modified: Thu, 05 Jan 2023 08:10:36 GMT
etag: "bdc791aecf2dd3bd9c9cf437ca1c82fd"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MlONa3S4gcf3bDsFVGV8U8Au3OcvWhvVIYdPFehbpMImzgtUpp0hyg==
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/vendors/polyfill.min.js
54.230.111.84200 OK 29 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/polyfill.min.js
IP 54.230.111.84:0
Hash db8012fbe266725d632ab01dd7272d03
3f5d6cfc20f501af45c1d2f35ff5b1300f8f2cee
3dcfcead3ffa6d0a1ded15b59a588951e5a32681f7a536ed8a8f0b85de45b218
GET /ISDU23DU/js/vendors/polyfill.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 29063
date: Sun, 08 Jan 2023 05:58:23 GMT
last-modified: Thu, 05 Jan 2023 08:10:36 GMT
etag: "db8012fbe266725d632ab01dd7272d03"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sgvH5Y0ftoOjreKnqxjXqZkYR-jIxvrLmmCez-__pCLmqGSvka-mww==
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/vendors/bootstrap.min.js
54.230.111.84200 OK 37 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/bootstrap.min.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /ISDU23DU/js/vendors/bootstrap.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 37045
date: Sun, 08 Jan 2023 05:58:23 GMT
last-modified: Thu, 05 Jan 2023 08:10:36 GMT
etag: "5869c96cc8f19086aee625d670d741f9"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cKiBsuGh_t8Xs5kL2FULvaZmVjuW5UYzP1KRcwAa4x4hjdUenRbYHg==
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/vendors/jquery.min.js
54.230.111.84200 OK 96 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/jquery.min.js
IP 54.230.111.84:0
File type ASCII text, with very long lines (32038)
Hash f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
GET /ISDU23DU/js/vendors/jquery.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 95992
date: Sun, 08 Jan 2023 05:58:23 GMT
last-modified: Thu, 05 Jan 2023 08:10:36 GMT
etag: "f03e5a3bf534f4a738bc350631fd05bd"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lP7B9LM93_2FOpJVpA5XeKXdvYfpKcJQ11bHaDYKVPjTEjc7zj3bVw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.12.238101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.12.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A50QzprGSAp8+hrgeh41jw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BUTRhgzX1xDt67lC1VNgAzQGVQg=
cloudme02.infosalons.biz/reg/ISDU23DU/favicon.ico
52.28.28.73200 OK 5.4 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/favicon.ico
IP 52.28.28.73:0
File type PNG image data, 50 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b03c4655cd2fcdae7f454ebe78604be
9a2c3b4f792086c69f81daba285d056da7623c81
c14cc3f96f4d566e1f472324b4c989601df555d0e83895702a04596481b050f1
GET /reg/ISDU23DU/favicon.ico HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=registration&utm_campaign=snd-data-registration
Cookie: _gcl_au=1.1.1293636009.1673157491
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5387
Content-Type: image/x-icon
Last-Modified: Thu, 05 Jan 2023 08:11:05 GMT
Accept-Ranges: bytes
ETag: "1d920dd41ec278b"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Sun, 08 Jan 2023 05:58:24 GMT
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.48200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.48:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13348)
Hash f1e2310b1595d083880f4929c6edbcb9
6c11a0c7b81c4a2d2d24935a99668d107fa1467f
99bc9c1eda19598dab3b8010bf7fb45f717bb7c5ec3e5d54c519e08a64b060f7
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 04 Jan 2023 15:09:15 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=85423
date: Sun, 08 Jan 2023 05:58:23 GMT
content-length: 4773
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5682658626a20e1f1cc594360637b978
f84d81237a6c5eba32402a277bd0ec5d456e870c
b176f4858a69d4d17290a8cd17be8816a0c441134111ee719f03cee833ce13b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2243
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Last-Modified: Sun, 08 Jan 2023 05:21:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 08 Jan 2023 05:43:41 GMT
expires: Sun, 08 Jan 2023 07:43:41 GMT
cache-control: public, max-age=7200
age: 882
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 4aa5723e20bb937995d58baee63ccef3
4f4451ce70e0f1174447f509b9ecfae0030d69b8
a442ce52f0330fe4e1d6e25a76d9cf569cf7e649416caf201d0570a1cadf7de8
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: mWPG1SS4tgfx5Iql5ba7zNzoHo8vw+KowokXm7hvbbylPk1MsFsasOnshNy1L+ioPkIoLiQzQXNy8r2Q6yyTww==
content-length: 27613
x-fb-trip-id: 1904183273
date: Sun, 08 Jan 2023 05:58:23 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2d6a773e23d3251ca78a90cb2b9cf38d
c642a809ade690302d14864eb27f38d34ff6d5c4
6f172408f879a6eedd2158660bc27ff3c84cd4061924da447fb1fd358096dc24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=03CFE93400D761860A16FBA70180600B; domain=.bing.com; expires=Fri, 02-Feb-2024 05:58:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E79D5C3195E24EC0B3ADB09FF73D556A Ref B: OSL30EDGE0317 Ref C: 2023-01-08T05:58:23Z
date: Sun, 08 Jan 2023 05:58:23 GMT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sun, 08 Jan 2023 05:58:23 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/837157113/?random=1673157490889&cv=11&fst=1673157490889&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=1293636009.1673157491&rfmt=3&fmt=4
142.250.74.130200 OK 941 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/837157113/?random=1673157490889&cv=11&fst=1673157490889&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=1293636009.1673157491&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2045), with no line terminators
Hash 0b4c1a23f5cbc144c021ce5637fe943b
5321d67536cb0b61fb267b55cc9073107c9cdaa6
385921370cfba46691e9ea9929c843a0a8c8eb0aaa0d80667c719c3858f5a1a3
GET /pagead/viewthroughconversion/837157113/?random=1673157490889&cv=11&fst=1673157490889&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=1293636009.1673157491&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 941
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 06:13:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/784880074/?random=1673157490895&cv=11&fst=1673157490895&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=1293636009.1673157491&rfmt=3&fmt=4
142.250.74.130200 OK 939 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/784880074/?random=1673157490895&cv=11&fst=1673157490895&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=1293636009.1673157491&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2045), with no line terminators
Hash 7e2b4009fb1d3b4b331ca94518ab6cb9
13b161eae4a5d28263b94c5d8ff91bf97545441e
012a9553f3a4713010c7ebf19be8852ff8bbfdeb48e6c9d6850afb73a7c7d1d4
GET /pagead/viewthroughconversion/784880074/?random=1673157490895&cv=11&fst=1673157490895&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=1293636009.1673157491&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 939
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 06:13:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
12243703.fls.doubleclick.net/activityi;src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration?
142.250.74.134200 OK 311 B URL HTTP/2 12243703.fls.doubleclick.net/activityi;src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (570), with no line terminators
Hash f7edd21cc1cf6c82fd0e0fe212638f81
f3b68afe3d674fc892b74cf2e4a2aed0fc599a80
ffe46e5c043bd7ba7c072a58b27deceb6da0692951155bf15b209ad97a5ebd3b
GET /activityi;src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration? HTTP/1.1
Host: 12243703.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 311
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 06:13:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 69c3f0bdbb90c95313c7de5255c3b6e8
8edcbfcc3b87aeecc9f3ca84537512e01039ad6a
754d91c7500f67369c1ea04649eddef7e4201932f81405a0662a6d5f4b80a3da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5682658626a20e1f1cc594360637b978
f84d81237a6c5eba32402a277bd0ec5d456e870c
b176f4858a69d4d17290a8cd17be8816a0c441134111ee719f03cee833ce13b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2243
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Last-Modified: Sun, 08 Jan 2023 05:21:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D86YXF4B58&cid=1287193124.1673157491>m=2oe120&aip=1&z=513881552
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D86YXF4B58&cid=1287193124.1673157491>m=2oe120&aip=1&z=513881552
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D86YXF4B58&cid=1287193124.1673157491>m=2oe120&aip=1&z=513881552 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bca7f62d320a595159ceae1b30ef4c65
0e0c7a42f0d017f617b40aea757cf0a0a4d71d9a
e30f2266b5b10dd868954bba127f6a8e85ba6f8422b565ca17aee0e9074b9d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cloudme02.infosalons.biz/
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 08 Jan 2023 05:20:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XaCQS_xHXHYgHaah1FiVcS72c4tdXgaPJBwtaT-IY_EnoGz5ujhL4A==
age: 2295
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cloudme02.infosalons.biz/
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 08 Jan 2023 05:20:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1tWtGWGxr2UhOelWBc70zPmthjQFZaHVWDkULtidxedCkXWqn4gLGg==
age: 2295
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cloudme02.infosalons.biz/
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 08 Jan 2023 05:20:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gMicT4pitm6Gyecweu5k62uyOuPpNYfax9gIHMA15RZ17hA4wfApnQ==
age: 2295
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cloudme02.infosalons.biz/
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Sun, 08 Jan 2023 05:20:08 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: brVYFLnxOVI8gpySjZVQiBcAUN6vO_Fk-EVMQfk3yaazD2aRpoH8bw==
age: 2295
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2d6a773e23d3251ca78a90cb2b9cf38d
c642a809ade690302d14864eb27f38d34ff6d5c4
6f172408f879a6eedd2158660bc27ff3c84cd4061924da447fb1fd358096dc24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 910d902590c4dce2c5fde148d455a94c
05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc
3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 533 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
Hash 29270e40a4d786b2d434e2690e11f75e
2c37c430511b20244c45e7c42a68033ca534737c
3b69b5fa8beda18875cc312e3940048a1f2f3c812b798c92d040d13d2a1b95e6
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 08 Jan 2023 00:11:27 GMT
access-control-allow-origin: *
cache-control: public, max-age=39417
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fM0p1KoLTk1plRi3hmtghb3wyU9h_64wc-gDkbqoc7lDY_l4zzPnQg==
age: 20816
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash a6a8b25a37af062b6ea6570e45a7cfc9
b9a81d9eea1de1163a5462fdd14a67851bb8b555
6deaf7fe82cf2e8120b1ac28e8c3174076993673e20f05885653a1e0a1b0174b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6250
Cache-Control: max-age=114027
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Etag: "63b95d80-13a"
Expires: Mon, 09 Jan 2023 13:38:50 GMT
Last-Modified: Sat, 07 Jan 2023 11:54:40 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
adservice.google.com/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration
142.250.74.34200 OK 311 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (569), with no line terminators
Hash 59903b3882c3cfcd56c8dc05da107bf5
0b2f3cc5ecc7dd316a8ae661af0aa8bec66d95ac
ac68814190438e0101bb64e4ed5843e5e50138e4adc05f21bf3703c477ca9090
GET /ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12243703.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 104 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
Hash f300e2a4e2aa8ab2dbe3727e273fe4dd
5aa7e29e67ba7e1c003ea9902d9e407e9ed1de33
aad40f368d389709abeef0de0ac56af4c39ef25c8a5aa91bc851e6088a4366a6
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 08 Jan 2023 00:11:27 GMT
access-control-allow-origin: *
cache-control: public, max-age=39417
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ttVxRa6z6Q0N5E1zqize2MaqwgUf2dUAKSWzRy-y4viZStlU7qHA8Q==
age: 20816
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11003046&Ver=2&mid=426ac731-4327-40ac-b2de-df1d6918479e&sid=6ead51e08f1911ed945127478a337ea6&vid=6ead97908f1911edb8034770306d9f44&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Welcome%20%7C%20Intersec%202023&p=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&r=<=1567&evt=pageLoad&sv=1&rn=935953
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11003046&Ver=2&mid=426ac731-4327-40ac-b2de-df1d6918479e&sid=6ead51e08f1911ed945127478a337ea6&vid=6ead97908f1911edb8034770306d9f44&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Welcome%20%7C%20Intersec%202023&p=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&r=<=1567&evt=pageLoad&sv=1&rn=935953
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11003046&Ver=2&mid=426ac731-4327-40ac-b2de-df1d6918479e&sid=6ead51e08f1911ed945127478a337ea6&vid=6ead97908f1911edb8034770306d9f44&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Welcome%20%7C%20Intersec%202023&p=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&r=<=1567&evt=pageLoad&sv=1&rn=935953 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=358DD8FF94616246297DCA6C95366306; domain=.bing.com; expires=Fri, 02-Feb-2024 05:58:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B1A76648A094522B2986FDAA1525617 Ref B: OSL30EDGE0317 Ref C: 2023-01-08T05:58:23Z
date: Sun, 08 Jan 2023 05:58:23 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f3bf71643ae5219a72dda1da70667cf6
00e3e8da4828280fa90ad6f8550b32a1afe9eda7
a62b2beef5db6770d7caefcc77a94da89d1d64e3de538b47926c8b6dee469137
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 910d902590c4dce2c5fde148d455a94c
05617b6a2fd1a7eb4fcb098a7ce48011d3f835bc
3bfd7cff0474a36458748e4cc6dfa647fdd7bd8b4fa792079042a04c7dffe0b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f3bf71643ae5219a72dda1da70667cf6
00e3e8da4828280fa90ad6f8550b32a1afe9eda7
a62b2beef5db6770d7caefcc77a94da89d1d64e3de538b47926c8b6dee469137
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-329521-7&cid=1287193124.1673157491&jid=192334521&gjid=414621894&_gid=276464843.1673157491&_u=YCDACEAABAAAACAAI~&z=1904406246
173.194.222.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-329521-7&cid=1287193124.1673157491&jid=192334521&gjid=414621894&_gid=276464843.1673157491&_u=YCDACEAABAAAACAAI~&z=1904406246
IP 173.194.222.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-329521-7&cid=1287193124.1673157491&jid=192334521&gjid=414621894&_gid=276464843.1673157491&_u=YCDACEAABAAAACAAI~&z=1904406246 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cloudme02.infosalons.biz
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 08 Jan 2023 05:58:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=2136972367864;gtm=2wg120;auiddc=1293636009.1673157491;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
expires: Sun, 08 Jan 2023 05:58:23 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673157491134&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673157491134&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673157491134&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673157491134%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dregistration%2526utm_campaign%253Dsnd-data-registration%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQI-xwfSV9-Y0AAAAYWP9WnJZDvTtQWlBIRTN-g8K7NcL5YLRO6LiZtHfkiyITuQjIFOLurKNuU64A; Max-Age=2592000; Expires=Tue, 07 Feb 2023 05:58:23 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIejctZEPmMfgAAAYWP9WnJBdNUoZWe5zjiU2_YKLVpwArwMgKPtxX2bVCS-4BJhWxkHkL7pth6jM8cIKUdZw; Max-Age=2592000; Expires=Tue, 07 Feb 2023 05:58:23 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&b5f0601a-82a7-453f-8393-3a6ad32d82d2"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 08-Jan-2024 05:58:23 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2403:u=1:x=1:i=1673157503:t=1673243903:v=2:sig=AQEci_jWT2Wm5p0zJFyBd3s_ga70qSjr"; Expires=Mon, 09 Jan 2023 05:58:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXxulalG7zsVmHFC6aRNA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BB4182C06DCB4ABE970EAD36996993D5 Ref B: OSL30EDGE0211 Ref C: 2023-01-08T05:58:23Z
date: Sun, 08 Jan 2023 05:58:23 GMT
content-length: 0
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/784880074/?random=1673157490895&cv=11&fst=1673154000000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=3530879023&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/784880074/?random=1673157490895&cv=11&fst=1673154000000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=3530879023&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/784880074/?random=1673157490895&cv=11&fst=1673154000000&bg=ffffff&guid=ON&async=1>m=2wg120&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=3530879023&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 7b5286e548421b21ca1ad214fe125430
72c1cc57ca6983f0040819f5c5d9b3bf060b3ac3
066ff3f7fef92edceef8292c804eafc8c8c5c5cb423b076cff6bdd6d521cb524
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1772
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 05:58:23 GMT
Last-Modified: Sun, 08 Jan 2023 05:28:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 314
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 104 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
Hash f300e2a4e2aa8ab2dbe3727e273fe4dd
5aa7e29e67ba7e1c003ea9902d9e407e9ed1de33
aad40f368d389709abeef0de0ac56af4c39ef25c8a5aa91bc851e6088a4366a6
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 08 Jan 2023 00:11:27 GMT
access-control-allow-origin: *
cache-control: public, max-age=39417
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gUr0AVExNyTIXbaLFivsh09QOVsnAjn8WOJFY_YFHmRO3kLtNa1ijA==
age: 20816
X-Firefox-Spdy: h2
bat.bing.com/p/action/11003046.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11003046.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11003046.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=38C0F87EAF816381179BEAEDAED6628B; domain=.bing.com; expires=Fri, 02-Feb-2024 05:58:23 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 17E896FFBE19414F814DAFAC95487A50 Ref B: OSL30EDGE0317 Ref C: 2023-01-08T05:58:23Z
date: Sun, 08 Jan 2023 05:58:23 GMT
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=22078b02-33dc-4285-9126-9f8ea3ebf183&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=689f4102-fa8e-4e87-a858-1c8d72a02a72&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=22078b02-33dc-4285-9126-9f8ea3ebf183&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=689f4102-fa8e-4e87-a858-1c8d72a02a72&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=22078b02-33dc-4285-9126-9f8ea3ebf183&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=689f4102-fa8e-4e87-a858-1c8d72a02a72&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 05:58:22 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=bde3f35f-e6cb-4db6-ae8e-4fee54e5de1c; Max-Age=63072000; Expires=Tue, 07 Jan 2025 05:58:23 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: ba93700298cec3ec
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: 29cbc7dacdf3d5aac4c142556f70ae42700247e92981b2d66bc17840afed4ca8
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-329521-7&cid=1287193124.1673157491&jid=192334521&_u=YCDACEAABAAAACAAI~&z=1964321180
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-329521-7&cid=1287193124.1673157491&jid=192334521&_u=YCDACEAABAAAACAAI~&z=1964321180
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-329521-7&cid=1287193124.1673157491&jid=192334521&_u=YCDACEAABAAAACAAI~&z=1964321180 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 05:58:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1751938551685666&ev=PageView&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&rl=&if=false&ts=1673157491531&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673157491530.1494204288&it=1673157491229&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1751938551685666&ev=PageView&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&rl=&if=false&ts=1673157491531&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673157491530.1494204288&it=1673157491229&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1751938551685666&ev=PageView&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&rl=&if=false&ts=1673157491531&sw=1280&sh=1024&v=2.9.91&r=stable&ec=0&o=30&fbp=fb.1.1673157491530.1494204288&it=1673157491229&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 08 Jan 2023 05:58:23 GMT
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=22078b02-33dc-4285-9126-9f8ea3ebf183&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=689f4102-fa8e-4e87-a858-1c8d72a02a72&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=22078b02-33dc-4285-9126-9f8ea3ebf183&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=689f4102-fa8e-4e87-a858-1c8d72a02a72&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=22078b02-33dc-4285-9126-9f8ea3ebf183&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=689f4102-fa8e-4e87-a858-1c8d72a02a72&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 05:58:22 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_/jCz6sSc5cJx3jCotF8OBw=="; Max-Age=63072000; Expires=Tue, 07 Jan 2025 05:58:23 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 5ba0b6d6ee326ea1
strict-transport-security: max-age=631138519
x-response-time: 109
x-connection-hash: 804a2fd8ced35e47c5316221a8b8b03cc3e18c4b0c4fbd61e02eba345a3ce06c
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673157491134%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dregistration%2526utm_campaign%253Dsnd-data-registration%26liSync%3Dtrue
13.107.42.14302 Found 88 kB URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673157491134%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dregistration%2526utm_campaign%253Dsnd-data-registration%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, from Unix\012- data
Hash 550b3a7f82b3ae5d83b61ea5ac7c7a39
e1cfa014b48950cdd992613ff99d40e2d71dc0e6
a0dea0ce60d4ba67a435ceec75fefb61bd5fb86e600f6d807c35ab9813ed0e45
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673157491134%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dregistration%2526utm_campaign%253Dsnd-data-registration%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudme02.infosalons.biz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673157491134&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&01a92bc2-cd05-4ad9-8ebc-6d29bcdfe7ec"; Domain=.linkedin.com; Expires=Mon, 08-Jan-2024 05:58:23 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230108055823a300976f-2c5b-48c3-885f-0b83c9decf5dAQHW_RnsagWEer-HBgFYMeE2ZRQIBB_U"; Domain=.www.linkedin.com; Expires=Mon, 08-Jan-2024 05:58:23 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzMxNTc1MDM7MjswMjHNk4sg6WefQH//+sQU6SLER9+/vOXuaUXhniHZybVshA==; Domain=.linkedin.com; Expires=Fri, 07 Jul 2023 05:58:23 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2439:u=1:x=1:i=1673157503:t=1673243903:v=2:sig=AQG91bEMM8QOcl5Wg4ixe1evwYHJPjn6"; Expires=Mon, 09 Jan 2023 05:58:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXxulaoeCjRK3P6pWAzXw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B1CDB30C183E4F2CBF977C0880A83BC9 Ref B: OSL30EDGE0211 Ref C: 2023-01-08T05:58:23Z
date: Sun, 08 Jan 2023 05:58:23 GMT
content-length: 0
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-D86YXF4B58>m=2oe120&_p=19501976&_gaz=1&cid=1287193124.1673157491&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1673157491&sct=1&seg=0&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&dt=Welcome%20%7C%20Intersec%202023&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-D86YXF4B58>m=2oe120&_p=19501976&_gaz=1&cid=1287193124.1673157491&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1673157491&sct=1&seg=0&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&dt=Welcome%20%7C%20Intersec%202023&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-D86YXF4B58>m=2oe120&_p=19501976&_gaz=1&cid=1287193124.1673157491&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1673157491&sct=1&seg=0&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&dt=Welcome%20%7C%20Intersec%202023&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cloudme02.infosalons.biz
date: Sun, 08 Jan 2023 05:58:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673157491134&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&liSync=true
13.107.42.14200 OK 88 kB URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673157491134&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type gzip compressed data, from Unix\012- data
Hash 358ec4ae637ccc05742b2aaf97070d92
6ae6a2d6dec31ebb10d07063f5776cbdbd1e3318
fb3393e4bcae6a429277be1ed534b3c7b73060fd75f4d7f362050774ae1c48e2
GET /collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673157491134&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dregistration%26utm_campaign%3Dsnd-data-registration&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudme02.infosalons.biz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&0916a70a-ee0a-4f30-8544-545cd6b41917"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 08-Jan-2024 05:58:23 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2403:u=1:x=1:i=1673157503:t=1673243903:v=2:sig=AQEci_jWT2Wm5p0zJFyBd3s_ga70qSjr"; Expires=Mon, 09 Jan 2023 05:58:23 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXxularXtEcHFOEpSrISg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B4C18D07AE4D43C4A3FE8E7F9E2139A9 Ref B: OSL30EDGE0211 Ref C: 2023-01-08T05:58:23Z
date: Sun, 08 Jan 2023 05:58:23 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16231
Expires: Sun, 08 Jan 2023 10:28:55 GMT
Date: Sun, 08 Jan 2023 05:58:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16231
Expires: Sun, 08 Jan 2023 10:28:55 GMT
Date: Sun, 08 Jan 2023 05:58:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16231
Expires: Sun, 08 Jan 2023 10:28:55 GMT
Date: Sun, 08 Jan 2023 05:58:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 407fef75-2217-4da7-8ea8-b5ede48a0615
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNKshEEvoAMFkMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b524b6-72ca4e7b3034e7ac1f3fa1ed;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:03:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xOpZDrVh8MsfFqh0HuJJIWFvlgIm0jUE73p9MpgRA1PO_VAv0vP2nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 16:43:14 GMT
age: 47710
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ca4618f-6a71-4ec2-a5ca-de382d389417.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ca4618f-6a71-4ec2-a5ca-de382d389417.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0146cae6edad6011c47f44fb03277839
b6813e83720deba540bfbd7b469aa74b591d2f95
1cf46ba1abeb0533a36297e16789764b05e4bd8e989bb31d1d4c2897e81edd77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ca4618f-6a71-4ec2-a5ca-de382d389417.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4946
x-amzn-requestid: f6c37ccb-08b2-4c4e-917a-02be4ac06ca0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDvWEJeoAMFXgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e662-45a9e95a0213e1bc23044927;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wcgeUZbWS02iObvDp6Zha-9yNLj61Up5boN0zNQAv77pL_NYf3bvtw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:04:33 GMT
etag: "b6813e83720deba540bfbd7b469aa74b591d2f95"
content-type: image/jpeg
age: 28431
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dc193698e3154c6727f0f8a468f4896
ac3e055c64cc024e55bbdc2bdfdb07799f06f83b
4e7fa4cc65a3514cd05a6582a7bcafa3b898cf9cf5fcc5f580c4b05c2b09e5e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fea675957-36a1-4a10-8735-4cba73296e89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14548
x-amzn-requestid: 0cd053bc-a097-4556-b8c0-915bbb88f514
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTwpdHmRIAMFQRQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c7d5-2ef52fce3665e4186b885964;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zMJf0AJITcZpkBO6RdriTA5M4yIcO7e6N1_KmCh923nYMmOsRfuSGA==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 07:39:51 GMT
age: 80313
etag: "ac3e055c64cc024e55bbdc2bdfdb07799f06f83b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9dc47a4-a4c6-419a-a3a4-8f9104d7903d.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9dc47a4-a4c6-419a-a3a4-8f9104d7903d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa7c2273cc951c105b70b0609924ba61
4e6b0302f3aa61553128d453e4c9fed886773500
320f73b9188e0d59868a47bb60c5fabf45d4f754fd934cb5082ef6ef98d4cc57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9dc47a4-a4c6-419a-a3a4-8f9104d7903d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10285
x-amzn-requestid: 720699b5-142f-40e8-b42f-ebf8b0fac767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDuqGP8IAMFhtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65d-480527ba582bb5a458ce1b24;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hacziPAK6XADBjc0ewKd4EUwY49f3xDpl6r3xzJMsYPGuJQe4hBfFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:44:28 GMT
age: 29636
etag: "4e6b0302f3aa61553128d453e4c9fed886773500"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc604aed78008733f09b024b71a6fda9
0f3f633b0b34ac3662febdc45704362c49622a42
7c4f5871e571148c25f83b8676846ab1b0e82be3f4a1b3fb7c05bfe23e29c1b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9644
x-amzn-requestid: 63281b3f-e673-4836-9729-7f595b0fb8b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDu5FkioAMF9tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65f-5869b987090de6f758472be9;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JsNm98uTnFfNyDnk651OGxB92JTaNKc7H92yP3FCBhUb9BBsFs-Ygg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:41:46 GMT
age: 29798
etag: "0f3f633b0b34ac3662febdc45704362c49622a42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2614baa0-efb6-440b-8ebe-702448b68603.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2614baa0-efb6-440b-8ebe-702448b68603.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75d75ecf3109868bd1ad6deb366e2c3b
5b5417bf12e7c1a7e0fa53b15ef5e7ddd118231d
ea9b41354ee003b9ae4956f8f5e0a494ac7c17436903413ac7d2a33168ab6dd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2614baa0-efb6-440b-8ebe-702448b68603.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5771
x-amzn-requestid: b551a705-b4c6-4f73-afc9-7fe4193df0e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZD4NECxIAMFoMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e69a-6a8308d6509758f10ae981d0;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:39:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gk09DYWYZrZO2c03PmavKnW4KMt9DekevBsZnM79AN4qU2h5LKsaGg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 22:05:54 GMT
etag: "5b5417bf12e7c1a7e0fa53b15ef5e7ddd118231d"
content-type: image/jpeg
age: 28350
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 54.230.111.112:0
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 08 Jan 2023 00:11:27 GMT
access-control-allow-origin: *
cache-control: public, max-age=39417
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lZ7zkU5IC01HsWFqys1kBguvoY3o5IUC5MeW5HJyQir3sRzYd6SdOg==
age: 20816
X-Firefox-Spdy: h2