Report - links.getcasetext.com/u/click?_t=21c2f157967d40c9862aef52b0cc8b4c&_m=5a626f3f64164e6489e4b3b4e4333dce&_e=W5DQDv1MCnfQ9nlUEt5RqD6E2_BGZlvKt8J4i6Fd3NkmsBn27qjDmiS5KopTtZpn9jNLPO2185zIppF_Zl-KcUckxhPV31exVgKacrbgJOmWLknWlbAsuLQg7bgrvC6Ge1rkNWVfl2wzXIHZeL_tde6eGYdywAQBhqW_uTSM51jKL29Pa-au5qglHyuLwOPJvxzseW52sTAd33zSq7-8K3Wb1GakxL0O0zenuqst1vtrNzs0uTlZ0tHKEIIhQ4iUqWrbhNBLWAKI6kOpVuJINtw0W3iDYNr-s7GVHvRHcVqXNgi45CPlZhnaBLMlAn_7_av4guoBJXs0UqUMeWy-CoGQJZuAq1jvg8_uiXLhFT7UTcE2maQ9xUMIR7xByhp964AkyOOAW8F2vmxs137fgg==

Report Overview

Submitted URL
links.getcasetext.com/u/click?_t=21c2f157967d40c9862aef52b0cc8b4c&_m=5a626f3f64164e6489e4b3b4e4333dce&_e=W5DQDv1MCnfQ9nlUEt5RqD6E2_BGZlvKt8J4i6Fd3NkmsBn27qjDmiS5KopTtZpn9jNLPO2185zIppF_Zl-KcUckxhPV31exVgKacrbgJOmWLknWlbAsuLQg7bgrvC6Ge1rkNWVfl2wzXIHZeL_tde6eGYdywAQBhqW_uTSM51jKL29Pa-au5qglHyuLwOPJvxzseW52sTAd33zSq7-8K3Wb1GakxL0O0zenuqst1vtrNzs0uTlZ0tHKEIIhQ4iUqWrbhNBLWAKI6kOpVuJINtw0W3iDYNr-s7GVHvRHcVqXNgi45CPlZhnaBLMlAn_7_av4guoBJXs0UqUMeWy-CoGQJZuAq1jvg8_uiXLhFT7UTcE2maQ9xUMIR7xByhp964AkyOOAW8F2vmxs137fgg==
IP
54.230.111.62
ASN
#16509 AMAZON-02
Submitted
2022-12-29 13:42:18
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	29 kB	31.13.72.12
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	692 B	4.7 kB	192.124.249.24
www.googleoptimize.com	1604	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	44 kB	142.250.74.78
api.segment.io	1076	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	852 B	510 B	52.26.96.136
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	8.2 kB	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	2.0 kB	142.250.74.106
www.linkedin.com	608	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	756 B	2.7 kB	13.107.42.14
api.hubspot.com	5214	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.8 kB	104.19.154.83
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.186.209.73
widget.intercom.io	2417	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	6.9 kB	54.230.111.53
api.hubapi.com	4102	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	1.4 kB	104.17.203.204
nexus-websocket-a.intercom.io	2137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	730 B	281 B	34.237.73.95
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	349 B	31.13.72.36
t.co	569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	871 B	87 kB	104.244.42.133
analytics.twitter.com	526	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	888 B	613 B	104.244.42.3
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	26 kB	69.16.175.10
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	756 B	96 kB	142.250.74.168
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.4 kB	13.107.42.14
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
assets-tracking.crazyegg.com	3651	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	648 B	54.230.111.11
js.hs-banner.com	2426	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	1.7 kB	104.18.33.171
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	42 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	21 kB	216.239.34.178
px.mountain.com	11897	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	4.1 kB	52.42.124.195
dev.visualwebsiteoptimizer.com	5085	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	602 B	484 B	34.96.102.137
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	757 B	142.250.74.164
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
js.usemessages.com	5634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	22 kB	104.17.237.204
js-na1.hs-scripts.com	8274	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	590 B	104.17.212.204
links.getcasetext.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	844 B	1.7 kB	54.230.111.54
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	757 B	142.250.74.163
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	4.0 kB	143.204.42.88
js.hs-analytics.net	2411	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	22 kB	104.17.70.176
casetext.com	63637	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.2 kB	103 kB	172.66.43.64
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	5.0 kB	23.36.76.210
script.crazyegg.com	1992	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	30 kB	104.19.147.8
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	1.9 kB	143.204.55.71
tracking.crazyegg.com	3633	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	437 B	221 B	34.247.113.167
gs.mountain.com	17855	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	731 B	35.81.162.201
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	722 B	3.8 kB	104.18.20.226
34.215.155.61	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	435 B	34.215.155.61
js.intercomcdn.com	2440	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	737 B	140 kB	54.230.111.118
static.ads-twitter.com	614	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	16 kB	151.101.84.157
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	60 kB	216.58.207.227
pagestates-tracking.crazyegg.com	3647	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	648 B	54.230.111.20
insight.adsrvr.org	631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	414 B	262 B	15.197.193.217
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	947 B	104.18.10.207
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.36
api-iam.intercom.io	2892	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	948 B	4.3 kB	52.22.156.216
cdn.segment.com	1618	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	96 kB	143.204.48.96
static.woopra.com	44991	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	13 kB	151.101.129.91
www.woopra.com	37459	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	306 B	162.55.95.216
match.adsrvr.org	349	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	352 B	15.197.193.217
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	8.4 kB	142.250.74.131
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.0 kB	142.250.74.34
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	600 B	707 B	209.85.233.155

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-29	medium	34.215.155.61	Sinkholed

JavaScript (74)

	URL	Size	First Seen	Last Seen
	cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz	2.2 kB	2023-03-09	2024-04-21
Pretty URL cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:01:10 Last Seen2024-04-21 04:02:21 Times Seen682 Hash 8590829f89379845bc9e74c2364da0cd dd49091164bba27d461d762a7ceca21b332f243f 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49 Loading...

	cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz	75 kB	2023-03-08	2024-04-25
Pretty URL cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:31 Last Seen2024-04-25 15:09:02 Times Seen6358 Hash 801600ab7c3d52577df419402f83c046 36d7570708ef36b90ba588fc76706384b8bf2a15 b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13 Loading...

	px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&cb=32225382712832184term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue	2.9 kB	2023-03-12	2023-03-12
Pretty URL px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&cb=32225382712832184term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue IP 52.42.124.195 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash 0be3874a3cf73b53a606ab908db16aff ca4b5bc2f99e1b08fd7fd19e3f675068f17dde46 bc2826908ea37400590bb95087f12187107dbfb22b2b4b4506763202cc739e37 Loading...

	www.googletagmanager.com/gtag/js?id=AW-804567192	195 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=AW-804567192 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash 01288f16b2eed416456ce6c704c44b15 0d9f0657a65295879ed30adafc3d32ea3b3bbd2f c5a551ed3cb39e04355f0683cf48016a8d848c3d1b8892a68d466307b34b57da Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	3.4 kB	2023-03-12	2023-03-12
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash 6acec9cb45e6cdc46109945e905d32cc 07bcb23d73a66f46bd3b831506563ab538b3879b e417ad30ac47597d8232d5474f62b109f1767bfadd379f2979acd5ee431067a6 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	17 B	2023-03-07	2023-04-05
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	www.googletagmanager.com/gtag/js?id=G-VCEF94TGEX&l=dataLayer&cx=c	221 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtag/js?id=G-VCEF94TGEX&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash d8249be60fd6f6d82328a65a7a152ba5 334dcb52dbaa5299acfb27d223deb834bfe087fd 1af30803b930dad99ff383533c1c0f2dec3dd216d21aacbb54a5c9496f1eec6f Loading...

	widget.intercom.io/widget/qkjicb4d	19 kB	2023-03-10	2023-03-12
Pretty URL widget.intercom.io/widget/qkjicb4d IP 54.230.111.53 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 03:53:29 Last Seen2023-03-12 12:36:01 Times Seen1 Hash 33fff495684f06a5b50c775edbaa7db2 4471652a636ebb77c7ec09063d147d8abd3f01c0 8376213bf6f0f72def83b2ab968a0774b034713af47830eecdc75e441bb1bba9 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	174 B	2023-03-12	2023-05-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-05-26 01:43:18 Times Seen6 Hash 777d7ff232dc459ca92dfd66e1d54005 47f5a05f25690e87861990e97e09034c5ed1ac08 386d726fc96126034eb12ba4e0a16c09325f8e137fe345c174191360ad2efce7 Loading...

	js.hsadspixel.net/fb.js	6.0 kB	2023-03-08	2023-03-13
Pretty URL js.hsadspixel.net/fb.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:42 Last Seen2023-03-13 01:39:16 Times Seen1 Hash cac538694d8cb071669002abe101c1fa 9a7756dee7eef2dab016f68beab42fcefd42ebe4 923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	2.1 kB	2023-03-12	2023-03-12
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 3802ae3448aff56ab976c3b301fc6e0d 55e201769cbca8030950f9fef1963402075c75b9 5cbf2ff716243ba13da2a1c36cbd8d86e068fb2a13c6db09686d49cf3464841e Loading...

	dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d355d98014f63c42150049c53a3d5812.js	178 kB	2023-03-08	2023-03-13
Pretty URL dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-d355d98014f63c42150049c53a3d5812.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:07:59 Last Seen2023-03-13 06:39:45 Times Seen1 Hash d355d98014f63c42150049c53a3d5812 592f7430bc6bd01b34bd54fd9be7569336967b7f 1fc63aa7bbaa5ac735fb916aac1525d78e3a81a6185e198bd790f7b513e9da7d Loading...

	js.hs-banner.com/v2/20321369/banner.js	207 kB	2023-03-12	2023-03-12
Pretty URL js.hs-banner.com/v2/20321369/banner.js IP 104.18.33.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:12 Times Seen1 Hash ead60234ebef8c9a7e083ef98bb34ecb 9a6b14a5bf86a220c1b47da30f0b5c4046d6f0ae e58afe104dd22306916709564cced4e7504830f76a97ac11cf6a599efb310b93 Loading...

	casetext.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7812f5097f8eb4ee	56 kB	2023-03-12	2023-03-12
Pretty URL casetext.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7812f5097f8eb4ee IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash c6af921341f89adb0eb1a9345f6089ac 9e1a581f4c64eba4ac342a84bd57f1acfe4dd7e4 b9d4efc14be5da76f1619b304bcabc9512350bef52f14d21d18b7f03fc10a042 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:33:09 Times Seen37084106 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-7426c477c66f8c93502a225e2565b7dc.js	110 kB	2023-03-08	2023-03-13
Pretty URL dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-7426c477c66f8c93502a225e2565b7dc.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 22:07:59 Last Seen2023-03-13 06:39:45 Times Seen1 Hash 7426c477c66f8c93502a225e2565b7dc 2a7baad58c0ec5da140d92580060e1ed55f0773e 3c53dc169e9f48079f7cb90df1f5449e33e114a12923c6da5a51b40d40e6353b Loading...

	cdn.segment.com/next-integrations/integrations/woopra/3.0.0/woopra.dynamic.js.gz	3.6 kB	2023-03-10	2024-04-24
Pretty URL cdn.segment.com/next-integrations/integrations/woopra/3.0.0/woopra.dynamic.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:47:32 Last Seen2024-04-24 16:14:29 Times Seen8 Hash 4687c4b00e75e2932d422e3f530cdb44 6f63b6e2ee9a3b68d4392988e3e39abcbccedf99 dbafb822c0f7ec50f6ade2a30b2fa30d0b8340978adca7d589fd5a1277ebac6f Loading...

	cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.1466bb14223e695495e6.js	9.2 kB	2023-03-09	2023-12-07
Pretty URL cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.1466bb14223e695495e6.js IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:50:39 Last Seen2023-12-07 07:59:39 Times Seen15 Hash 238b8357fd89fec8e05754f2e8550aa2 b0db03d8b1fcb00f1b1ff4fbae19b1365505d4d1 1aab3c7efa1174866dc81b505ba5bc940bec1200e2b11758484cce9cf8f2cd43 Loading...

	cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz	10 kB	2023-03-09	2024-04-21
Pretty URL cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:00:44 Last Seen2024-04-21 04:02:21 Times Seen1967 Hash d6c1bca53169e32c2495ed129a41bc0f 2711bfcf3832af725336e5dc9ec76193bf0a4b06 e6370f9ea258a05b7c088eac81d2e1893aae1bcca1127bad9df02e125ff86c99 Loading...

	cdn.segment.com/next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz	3.5 kB	2023-03-08	2024-04-18
Pretty URL cdn.segment.com/next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:14 Last Seen2024-04-18 22:04:52 Times Seen442 Hash a11ee38e9f490d2acc7489a151a00d06 a99599fb89c4b11c1e00de382317b560a8b6960b 42933b48dc3a202bf9befec0356949e84097ca6fd02c634158b04fa31420ce41 Loading...

	static.ads-twitter.com/uwt.js	58 kB	2023-03-08	2024-04-20
Pretty URL static.ads-twitter.com/uwt.js IP 151.101.84.157 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2024-04-20 17:48:03 Times Seen4329 Hash 32ad004436155ec972bc50e6238b5b67 9b2cdb645c2fa5b98a9d05dcdca521fed4a17b7b cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	2.3 kB	2023-03-12	2023-03-12
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 940baaaae73bdb759f6aefa8e86aa306 9b67e194a31b837ebd6be6033af221cc73db5810 d3812927916fc4c5a541f84e48ceb04afb25549cce7f9fda4cb8e25ea9d13d99 Loading...

	casetext.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6	18 kB	2023-03-07	2024-04-25
Pretty URL casetext.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 11:55:37 Times Seen12594 Hash 116c86c56f8db0bb63f15ceda50fdc98 75e308982ecf7cd43644b8b426e6aa1a0b0fbe26 def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	1.1 kB	2023-03-12	2023-03-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-26 04:36:30 Times Seen5 Hash f83c594eb0d12e52a7bd02b2eede490d cce24e3cad470be9ba4b9fc8df2ea6eb2663604f fe4130f135e1a9a7fa56891835b5b36a2cb31f2e984ea2d53cb8e282c59fa91e Loading...

	script.crazyegg.com/pages/scripts/0089/7395.js	6.1 kB	2023-03-12	2023-03-12
Pretty URL script.crazyegg.com/pages/scripts/0089/7395.js IP 104.19.147.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:13 Times Seen1 Hash 44222eaba48605790398a2fa3e8864fc 75c160341ff5b24bae387d295710efa4b24ed3ca 630b63f037c1c3a0b92011076af1dfb265eb74d540ca524eff085479a9bbeac3 Loading...

	js.usemessages.com/conversations-embed.js	75 kB	2023-03-09	2023-03-13
Pretty URL js.usemessages.com/conversations-embed.js IP 104.17.237.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:47:03 Last Seen2023-03-13 01:39:16 Times Seen1 Hash 3f8937b5e0033972ae4f0d4dcf06cffa 51a176f942fee75588aec90c637613a970be5e3f 334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	535 B	2023-03-07	2024-04-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-04-26 04:21:33 Times Seen6823 Hash 67c866dc70f00171ef6277d17a7987ae 41d53bdb4eabed4834641ad37984d1e1b9eb6d0d dd1ae61f744792a5ab43f9548d1e6322138b72ea34af5dbc717773f92f271747 Loading...

	casetext.com/dist/js/common?e132fb805d	7.5 kB	2023-03-12	2023-03-13
Pretty URL casetext.com/dist/js/common?e132fb805d IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-13 20:17:44 Times Seen1 Hash 845109ec7fce9cbaaec07dd3b360a5c8 e132fb805d9b40786cb68a357090305a0bf69930 e6111a3261e2fcecf9a49f7058e20235cffc54b55007d387e03462bde152e7f5 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	357 B	2023-03-12	2023-05-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-05-26 01:43:18 Times Seen6 Hash d970f97b890e98103a1f8083f6365c48 c8e2a3ae2837792ecbe840fb9fdc6cd27e7856fe f6fcac30c9ad8247868f14d69291d493943aadeaa0ceca56e052976092cb1762 Loading...

	dev.visualwebsiteoptimizer.com/j.php?a=634530&u=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&f=1&r=0.17281047860969823	14 kB	2023-03-12	2023-03-12
Pretty URL dev.visualwebsiteoptimizer.com/j.php?a=634530&u=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&f=1&r=0.17281047860969823 IP 34.96.102.137 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash 88d06fd414472529510a303c98938043 b1f2e7249128913f1de8f0f8af5ca6b4eedd6469 e0b21808ad3c88c82bbf9eaad1ad00dc731b11801ca03267d548e7d644665dac Loading...

	cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz	46 kB	2023-03-08	2024-04-15
Pretty URL cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:25:13 Last Seen2024-04-15 08:37:05 Times Seen592 Hash 73da65b0a499e2720c91c3fb4f120ecd c195ce3d09bc14292b2a184166f0df54b32f219c f908387823175b7d9097817c5f9cef879593f7eb9dbdc2ec8a218d688e405bae Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 216.239.34.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 00:32:39 Times Seen1530 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	code.jquery.com/jquery-3.6.1.slim.min.js	72 kB	2023-03-08	2024-04-08
Pretty URL code.jquery.com/jquery-3.6.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:44:53 Last Seen2024-04-08 05:59:30 Times Seen184 Hash 6bb2d76bc531993f8368cef389e88b04 50504dd95e37488eb9871bee661c588f84e04c9c c3c0af845b3b88735552d9d23f460a120d34a7d221d77ae52fdcc6aaf2dd78f0 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	437 B	2023-03-12	2023-03-12
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:13 Times Seen1 Hash 3c6a23254411b5636c1944eaf209c77c 2fb328c2a7c89af9669e4b5b874d2a982e719f65 91d99bbe76f5b2af088ce0e6eb13d9b758f8704a66ca6abe10bfba53c05ea332 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	562 B	2023-03-12	2023-05-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-05-26 01:43:18 Times Seen6 Hash 5352ee7a599bd0b2752478e01424ba31 cac240c3c99cec2e5cfd31bf726e8a357f53851f bab394896dc4a6f99a288a38fc7fcee482a56fbd8c495955c62e713a51ca343d Loading...

	cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz	3.0 kB	2023-03-08	2024-04-18
Pretty URL cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:39:14 Last Seen2024-04-18 22:04:50 Times Seen2445 Hash 374436ad2361ac0c43a056626c2165ca b40a8e477ee7c1e2265498859c63d29423c0916a e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db Loading...

	cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz	16 kB	2023-03-08	2024-04-18
Pretty URL cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:19:31 Last Seen2024-04-18 22:04:52 Times Seen2512 Hash 9d64cc0fb18d44f3c06b25284719b46f d9aa11c8cdea16c7ce1baabb2cbd43c364d52893 fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	3.2 kB	2023-03-12	2023-03-12
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:13 Times Seen1 Hash d7b1ce96378e6d1e1f7bfea1fededbb5 0b9be0db0431753e23a5e489bec07d8eb5f94966 787978963409558c75fdcc8e84ebc4a5e31a362c7bd236b19d09e07d27640777 Loading...

	js-na1.hs-scripts.com/20321369.js	1.9 kB	2023-03-12	2023-03-12
Pretty URL js-na1.hs-scripts.com/20321369.js IP 104.17.212.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash c10156822ca50bc17d28226444f9416a 69584fd9c27aba44d0b25c6f8064d219d0f8cf62 f2436b434d88691897b33e8fff7e07448aa7c3de361e5cee9ddace0a55589419 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	35 B	2023-03-10	2024-04-25
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 02:53:04 Last Seen2024-04-25 11:55:35 Times Seen115 Hash 4d4df2646a2ee6af1b405b28dc766513 0e6565efa5e1c2ff60cb052c0e33c555ca899c62 e56268c3f595f0ae041bd97466310572e8292f15820486f4bd1cc1bd21935206 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/804567192/?random=1672321328646&cv=11&fst=1672321328646&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&auid=1751916183.1672321329&data=event%3Dgtag.config&rfmt=3&fmt=4	2.9 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/804567192/?random=1672321328646&cv=11&fst=1672321328646&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&auid=1751916183.1672321329&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash 1df7c60d03987df5bb40d1c675147b57 a2d928143b096adc6c3834f29c3562448a81f207 fc87b87ff076577b218cbb6603126bbe93c1c05d78cc5c92cf88575d72492f24 Loading...

	static.woopra.com/js/w.js	38 kB	2023-03-12	2023-03-26
Pretty URL static.woopra.com/js/w.js IP 151.101.129.91 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:12:23 Last Seen2023-03-26 13:06:43 Times Seen18 Hash d5651194342cee6025feaafc9a0506f0 6e07d5413e3ba8a4fb390b7f65aee87f0d76f52e 79f1d471062a020b43cd5096918d9852df85087641ebd981ffd7e589323f3046 Loading...

	connect.facebook.net/signals/config/2336410749960625?v=2.9.90&r=stable	300 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/2336410749960625?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:13 Times Seen1 Hash f680bcb711dea3c46019761cec9f5e72 b5b5c0eb82ce26cffb6267f1fc000b43968da4f4 f61ae265537d1c05cd06f0939939190c3bdd72cff0604b580154c1cf199d3437 Loading...

	www.google-analytics.com/gtm/js?id=GTM-PBR85D9&cid=1600163763.1672321325	112 kB	2023-03-12	2023-03-12
Pretty URL www.google-analytics.com/gtm/js?id=GTM-PBR85D9&cid=1600163763.1672321325 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash 9ed05e21bb16398b2f5572e468661f2c 436e34aa3c9119250339af4651a714b6879027a6 a74439e4bf8ca52f12b8cec4c8cdca1f13e889665646c3fbeebd8937c8f57582 Loading...

	gs.mountain.com/gs	144 B	2023-03-12	2023-03-12
Pretty URL gs.mountain.com/gs IP 35.81.162.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:11 Times Seen1 Hash 1d3919bb68d02cdf1bba789ef79d3714 b1b342e9b192363d5045550609b2ce3974e7deb6 f9552a215225a62bc7941c6f8487d018f0fa716653c18db854aeeae1af1ba5d0 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	1.4 kB	2023-03-12	2023-03-12
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-03-12 10:44:12 Times Seen1 Hash c3bfb288833cb02076a42d29b7b27961 b01f8fe446b88b961a7648972f8053d6f4c862f5 066f10bafd0d30f85740b4a2c8801de5b6a5ab24740710461c2a6ea5db3df5d5 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	1.4 kB	2023-03-12	2023-05-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:11 Last Seen2023-05-26 01:43:18 Times Seen6 Hash 21d91b2d3491d0f245486fe3efbd102a 50f27cb89d8cde340d07ce89af87fb7e6262c607 606c4b8efdefc9849812e47fb6d16dc8a8b280618ce91001d784156d6c5054cc Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-09	2024-02-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:12:38 Last Seen2024-02-19 23:40:48 Times Seen21 Hash 8923a23f541784b67eece6aa2fa0a66f f2cad61f4ec65b3792e1295219a36c1f94fce6af 55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9 Loading...

	cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz	5.5 kB	2023-03-08	2024-04-18
Pretty URL cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:27:30 Last Seen2024-04-18 22:04:51 Times Seen348 Hash f8badf0bc3daf6b2b4b90c8450b0602e 1df300270c0c654174358f4a7f5609c44e2b1d39 b463c4dd20b3cbc19ec6283dd35a50a10d926c6efe5e0b054fdc5e3b959b6f19 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-K3NZHQ3&l=dataLayer	192 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-K3NZHQ3&l=dataLayer IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:13 Times Seen1 Hash b7c8841a2af9fab570d7a4ccea0cd8e2 dd564e0ad3e5561825d1c7605f735bafaa81c428 07ac1cae84e86f7bebb3385146fe230a5561a0be66b3a69449a0cebbf7f43e0f Loading...

	www.googleoptimize.com/optimize.js?id=OPT-W5B6NND	110 kB	2023-03-12	2023-03-12
Pretty URL www.googleoptimize.com/optimize.js?id=OPT-W5B6NND IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 3e62c141e13ff3826a2292d806787a5c 64033ee8fbd102e7669b3db521b638f6be37e08d 96b560ec18f59e08963e4c42b3de40b909a05ce373e11c6d6edbd996c64f595e Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	341 B	2023-03-12	2023-05-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-05-26 01:43:18 Times Seen6 Hash 46ab261c87b50210ae556a8484005e1f 42f7361371ff85473d2a169fa3fce2b9a7393cb4 29cea682beedeb325510f47b38592cba567d803c7c7dffff562c807a2fd28b40 Loading...

	dx.mountain.com/spx?dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&cb=32225382712832184term=value	15 kB	2023-03-12	2023-03-12
Pretty URL dx.mountain.com/spx?dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&cb=32225382712832184term=value IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash a2e2713ee770ffae64a4346610f14851 81d578a7eabcc808a36f4d266eda5f42c81b60b0 567c6e282770eba1bf6fa31fc9dda0839fd6c07a6f5f8f7fef0eb46ae525db5f Loading...

	dev.visualwebsiteoptimizer.com/settings.js?a=634530&settings_type=1&vn=7.0&exc=4\|28\|5\|6\|11\|30\|17\|20\|21\|25\|26	1.6 kB	2023-03-12	2023-03-12
Pretty URL dev.visualwebsiteoptimizer.com/settings.js?a=634530&settings_type=1&vn=7.0&exc=4\|28\|5\|6\|11\|30\|17\|20\|21\|25\|26 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 8fe909267dfcf792e907510f18e91778 d2eb4ed5fc2618effc846ec024732ac8a74994d8 b4d39bf504fb1bdf6499176aacc552196e5a88744ed1ab9b0ba485413c481fdc Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	205 B	2023-03-07	2024-04-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:01 Last Seen2024-04-26 04:21:32 Times Seen6845 Hash b18e821747b6d0acf67b7eb932983ea8 77bdf9e8c6e0bcc96973d71fa191bbf625526782 e74bcbb732fc20232a6235744beb8202085b8ce9b361c361e6c814da56415f07 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	422 B	2023-03-12	2023-05-26
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-05-26 01:43:18 Times Seen6 Hash 921f23794c132baff282e30c197d06a8 124da401ad90ce22a7545df330656d7041f1349f 73cc1b5b2a541334d85d3224aed41230420de249b50f20abd09a3fee15bda122 Loading...

	js.hs-analytics.net/analytics/1672321500000/20321369.js	68 kB	2023-03-12	2023-03-12
Pretty URL js.hs-analytics.net/analytics/1672321500000/20321369.js IP 104.17.70.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 46a092a86520688319aebb0f04078657 876e0a5da293823c915d42f9d92625437bf7877a 32d05a40e215d511a3f0769f37fba65e235118d95250bbf6abae572f89e66baa Loading...

	www.woopra.com/track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=pv&timeout=300000&idptnc=FwfXmLMdCYSy&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_path=%2Fend-of-tax-year-sale%2F&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_search=%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_domain=casetext.com&ce_uri=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_scroll%20depth=0.28189732812969076&ce_returning=false&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D	61 B	2023-03-12	2023-03-12
Pretty URL www.woopra.com/track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=pv&timeout=300000&idptnc=FwfXmLMdCYSy&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_path=%2Fend-of-tax-year-sale%2F&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_search=%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_domain=casetext.com&ce_uri=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_scroll%20depth=0.28189732812969076&ce_returning=false&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D IP 162.55.95.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash de6e5ee247e19ff2d24b79b644c463ed c90907c70ba09825ea5487a1c7d9adc01629c4d1 8a56cdaadc589bfc67cffca51bcfda514fb61dab05fa7d153eb961e142ad214c Loading...

	px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1672321334352559&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672321335064	6.5 kB	2023-03-12	2023-03-12
Pretty URL px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1672321334352559&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672321335064 IP 52.42.124.195 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 2851e3fb8e5b1db664bf213f3d7ae3d2 b59d236d337cb59d3ad99168fd3dac7d902abd6f 1c8c9bddab61f403d59e95876dda9d79fef648bbed96de978a0eec01c621dd98 Loading...

	connect.facebook.net/signals/config/298262282273739?v=2.9.90&r=stable	299 kB	2023-03-12	2023-03-12
Pretty URL connect.facebook.net/signals/config/298262282273739?v=2.9.90&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash b13c34166ff1106e7285385361e0e39d 174b33b7ddfe92aaad0e23a7fcf43747677736d1 dc1280e11db0d9b4e04553119bd8762a83cf8425cfc5cf3f8d2b70a923525cda Loading...

	script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js	79 kB	2023-03-10	2023-03-13
Pretty URL script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js IP 104.19.147.8 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:32:08 Last Seen2023-03-13 03:58:53 Times Seen1 Hash 142d0b47395e27fc7e0519a3547c2b5c 4ce38dbe7858527b6153850ce1478c144240955d 2286f307668c84511e2271af5e2805b4400511bca2a28edbabd32fcdcea17c7c Loading...

	cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js	103 kB	2023-03-12	2023-03-12
Pretty URL cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:13 Times Seen1 Hash 48c979abbaf0b6ee1b8cf52e89808c26 22bd3372852c5f3d22f8508f332c29a048977d8d 0f09c81927f100893d0affa0cdf2bbb5159b9dc856d643ede0d8d798bcc19772 Loading...

	cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js	1.6 kB	2023-03-07	2024-01-01
Pretty URL cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js IP 143.204.48.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:34 Last Seen2024-01-01 04:29:45 Times Seen23 Hash 3e448afdfea355c0f19700d04431ce7d 596b746237018bdddd0ede5f65d9d854e2340a2c e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42 Loading...

	casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2	358 B	2023-03-07	2024-04-25
Pretty URL casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 IP 172.66.43.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:14 Last Seen2024-04-25 22:36:43 Times Seen1502 Hash 39b5ffa9b65969699dfccbe4a07fc732 8e66f018f154d5411c87b7adc97213ebc505ea32 b23c0712f10477a2ce1027da7e86972e9e294b0198a712a2c6457bbb351dd662 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NF4WQVP	102 kB	2023-03-12	2023-03-12
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NF4WQVP IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash de9e98ce8d14d37d99326708908c578f 34ba48004f28481b5750db3a9feba7cbd551f2fb dc2e7d81807e3ecd91c44159cad519784c96af9e7af5b986a51a5c4589be103a Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-09	2024-02-19
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:43:47 Last Seen2024-02-19 23:40:48 Times Seen19 Hash 586b199afb02c136e3d1e5b2f1485659 903f39091ccbb0b910b7b76da2283bc8646b9290 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10841373491/?random=1672321324799&cv=11&fst=1672321324799&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&rfmt=3&fmt=4	2.8 kB	2023-03-12	2023-03-12
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10841373491/?random=1672321324799&cv=11&fst=1672321324799&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 953c5a844d9b9c431c0f9b239218f545 ee159169dadfc4999acea363088f1bd297628b22 4a9323386327d7c374a9a2a9cdc6202e2e0df3f5d1d9c2b37bf95e9c1e3db636 Loading...

	cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/google-adwords-new.dynamic.js.gz	4.0 kB	2023-03-08	2023-05-14
Pretty URL cdn.segment.com/next-integrations/integrations/google-adwords-new/1.2.1/google-adwords-new.dynamic.js.gz IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:25:13 Last Seen2023-05-14 05:18:14 Times Seen56 Hash 31758c8e2edfb2940beef88a43bc1431 51476ec3b730e73202113737ed49cc06556f0c71 eb3b64d44021d764fb620e90c54d8190e488a830fb02b38775463650dd282cb7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#2 Eval - 5f836d668962ef985928799d31629744	199 B	2023-03-08	2024-04-24
Pretty Observations First Seen2023-03-08 15:11:40 Last Seen2024-04-24 17:01:27 Times Seen390 Hash 5f836d668962ef985928799d31629744 7496c6d51535f234ca29997f41366bb133b85b3c a0463a9bb898b109504a90fc4a010720475807d568d201f157930a9c703fa75d Loading...

	#3 Eval - 7b4294294bdffaf3f22bda553eee21c9	792 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:17:57 Last Seen2024-04-18 14:00:35 Times Seen4454 Hash 7b4294294bdffaf3f22bda553eee21c9 1c57e620b228318dca25b1f35b6faa46a1e7bbd8 be95c8d79151c70258c07974285ecbec353f917fa5054c668968d1e81295a6f0 Loading...

	#4 Eval - 90274e5f3d5531f73ea6381cac2e9c5b	2.9 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 10:44:12 Last Seen2023-03-12 10:44:12 Times Seen1 Hash 90274e5f3d5531f73ea6381cac2e9c5b 6ec09f9ade1cff0a1b6763d5ac325873b2228f80 1fa617cd01ce1e784aabe3f54520cb5cf973822a6b64f7f42f5fb603d07c9f10 Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

	#2 Write - fe364450e1391215f596d043488f989f	15 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-26 04:05:33 Times Seen14316 Hash fe364450e1391215f596d043488f989f d1848aa7b5cfd853609db178070771ad67d351e9 c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e Loading...

HTTP Transactions (138)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
259d3eba2ac4ea32f0410a59bd01c18a
ab02cd69e6c04e3842ad1778fb0daa6d0e86fddc
0d6ec941dac6d97a0b24c0cf00a5642a4edda68ae5ec8b3019d1ec05f40d2281

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D6EC941DAC6D97A0B24C0CF00A5642A4EDDA68AE5EC8B3019D1EC05F40D2281"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14040
Expires: Thu, 29 Dec 2022 17:36:07 GMT
Date: Thu, 29 Dec 2022 13:42:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd2bda30513692aa11a672c6a599935d
a944c3aa26b461063194a4bb95ce427d23a32d03
d975d1eab40c9fe4986ae0675d79e4f982eb9c0e2f503ca72b3bdf0ec9e7dfdc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D975D1EAB40C9FE4986AE0675D79E4F982EB9C0E2F503CA72B3BDF0EC9E7DFDC"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5652
Expires: Thu, 29 Dec 2022 15:16:19 GMT
Date: Thu, 29 Dec 2022 13:42:07 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 29 Dec 2022 13:35:25 GMT
content-type: application/json
age: 402
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
07e619a5a572fa9bcb54fa70de27f0d4
c0499dcc7551831f517f189465812859d0f48ced
2213c856ce4dd64ebe28e4deff34d449b2c08be98565c0405427453ae948fa74

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2213C856CE4DD64EBE28E4DEFF34D449B2C08BE98565C0405427453AE948FA74"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3142
Expires: Thu, 29 Dec 2022 14:34:29 GMT
Date: Thu, 29 Dec 2022 13:42:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: i30mJMpjwKe+UH1B3FEQ07JuEhIRJ3uTwcZ0xeAaOXov+W2gJmSmEsrhtLe+kasVG5dtCIXNdzw=
x-amz-request-id: DQQ67WHPN8SEKKY4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Dec 2022 12:58:46 GMT
age: 2601
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

links.getcasetext.com/u/click?_t=21c2f157967d40c9862aef52b0cc8b4c&_m=5a626f3f64164e6489e4b3b4e4333dce&_e=W5DQDv1MCnfQ9nlUEt5RqD6E2_BGZlvKt8J4i6Fd3NkmsBn27qjDmiS5KopTtZpn9jNLPO2185zIppF_Zl-KcUckxhPV31exVgKacrbgJOmWLknWlbAsuLQg7bgrvC6Ge1rkNWVfl2wzXIHZeL_tde6eGYdywAQBhqW_uTSM51jKL29Pa-au5qglHyuLwOPJvxzseW52sTAd33zSq7-8K3Wb1GakxL0O0zenuqst1vtrNzs0uTlZ0tHKEIIhQ4iUqWrbhNBLWAKI6kOpVuJINtw0W3iDYNr-s7GVHvRHcVqXNgi45CPlZhnaBLMlAn_7_av4guoBJXs0UqUMeWy-CoGQJZuAq1jvg8_uiXLhFT7UTcE2maQ9xUMIR7xByhp964AkyOOAW8F2vmxs137fgg==

54.230.111.54

303 See Other

0 B

URL HTTP/1.1
links.getcasetext.com/u/click?_t=21c2f157967d40c9862aef52b0cc8b4c&_m=5a626f3f64164e6489e4b3b4e4333dce&_e=W5DQDv1MCnfQ9nlUEt5RqD6E2_BGZlvKt8J4i6Fd3NkmsBn27qjDmiS5KopTtZpn9jNLPO2185zIppF_Zl-KcUckxhPV31exVgKacrbgJOmWLknWlbAsuLQg7bgrvC6Ge1rkNWVfl2wzXIHZeL_tde6eGYdywAQBhqW_uTSM51jKL29Pa-au5qglHyuLwOPJvxzseW52sTAd33zSq7-8K3Wb1GakxL0O0zenuqst1vtrNzs0uTlZ0tHKEIIhQ4iUqWrbhNBLWAKI6kOpVuJINtw0W3iDYNr-s7GVHvRHcVqXNgi45CPlZhnaBLMlAn_7_av4guoBJXs0UqUMeWy-CoGQJZuAq1jvg8_uiXLhFT7UTcE2maQ9xUMIR7xByhp964AkyOOAW8F2vmxs137fgg==
IP
54.230.111.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /u/click?_t=21c2f157967d40c9862aef52b0cc8b4c&_m=5a626f3f64164e6489e4b3b4e4333dce&_e=W5DQDv1MCnfQ9nlUEt5RqD6E2_BGZlvKt8J4i6Fd3NkmsBn27qjDmiS5KopTtZpn9jNLPO2185zIppF_Zl-KcUckxhPV31exVgKacrbgJOmWLknWlbAsuLQg7bgrvC6Ge1rkNWVfl2wzXIHZeL_tde6eGYdywAQBhqW_uTSM51jKL29Pa-au5qglHyuLwOPJvxzseW52sTAd33zSq7-8K3Wb1GakxL0O0zenuqst1vtrNzs0uTlZ0tHKEIIhQ4iUqWrbhNBLWAKI6kOpVuJINtw0W3iDYNr-s7GVHvRHcVqXNgi45CPlZhnaBLMlAn_7_av4guoBJXs0UqUMeWy-CoGQJZuAq1jvg8_uiXLhFT7UTcE2maQ9xUMIR7xByhp964AkyOOAW8F2vmxs137fgg== HTTP/1.1
Host: links.getcasetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 303 See Other
Content-Length: 0
Connection: keep-alive
Date: Thu, 29 Dec 2022 13:42:07 GMT
Vary: Origin
Location: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Set-Cookie: iterableEndUserId=emily.hendrix%40fotlinc.com; Max-Age=31536000; Expires=Fri, 29 Dec 2023 13:42:07 GMT; Path=/; Domain=.getcasetext.com
iterableEmailCampaignId=5825106; Max-Age=86400; Expires=Fri, 30 Dec 2022 13:42:07 GMT; Path=/; Domain=.getcasetext.com
iterableTemplateId=7859286; Max-Age=86400; Expires=Fri, 30 Dec 2022 13:42:07 GMT; Path=/; Domain=.getcasetext.com
iterableMessageId=5a626f3f64164e6489e4b3b4e4333dce; Max-Age=86400; Expires=Fri, 30 Dec 2022 13:42:07 GMT; Path=/; Domain=.getcasetext.com
XSRF-TOKEN=8671dc19de32723b16d76a9716766495ac59e817-1672321327507-74b7bb5c8b082f61ddea0afd; SameSite=Lax; Path=/
Request-Time: 1
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
X-Permitted-Cross-Domain-Policies: master-only
Server: iterable-links d881
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XuqMIO6o84VzTHJYlwwHFlreXpQ9UQi4kI6epmADCVG5KpSN4oBHCw==

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Dec 2022 13:42:07 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

casetext.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7812f5097f8eb4ee

172.66.43.64

200 OK

42 B

URL HTTP/2
casetext.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7812f5097f8eb4ee
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7812f5097f8eb4ee HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:07 GMT
content-type: image/gif
content-length: 42
last-modified: Tue, 20 Dec 2022 16:36:00 GMT
etag: "63a1e470-2a"
server: cloudflare
cf-ray: 7812f50b49cbb4ee-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 29 Dec 2022 15:42:07 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 29 Dec 2022 13:08:08 GMT
age: 2040
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0a08dc71eb7ba3512abb4d29505eb034
e66404bda80b355bae30b0d4db3daa193a6e4276
357891f99263d30eaded85985217d9627cd60369ee8d01a7eacdb2d0f2d8b2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4721
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:08 GMT
Last-Modified: Thu, 29 Dec 2022 12:23:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.186.209.73

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.209.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qtwusFGif5rW4ik8Hnfw5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L3/V2h1wxvxM5Dy5hin0MbCFoq8=

casetext.com/cdn-cgi/challenge-platform/h/g/img/7812f5097f8eb4ee/1672321328059/0UyZ9x-unjqHGU0

172.66.43.64

200 OK

43 kB

URL HTTP/2
casetext.com/cdn-cgi/challenge-platform/h/g/img/7812f5097f8eb4ee/1672321328059/0UyZ9x-unjqHGU0
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 67 x 46, 8-bit/color RGB, non-interlaced\012- data
Size
43 kB (43017 bytes)
Hash
3f166bdfdbb6db8e19680591e0531cb4
811c4e1f6fd4f471b915a05c6278ab16a902daba
a96c8661158caf6b4a9185922baeffcb50f16777994fccb698934f60f3154742

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/img/7812f5097f8eb4ee/1672321328059/0UyZ9x-unjqHGU0 HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Connection: keep-alive
Cookie: cf_chl_2=b5cf492799abeca
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:08 GMT
content-type: image/png
vary: Accept-Encoding
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f50eae3db4ee-OSL
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.1.slim.min.js

69.16.175.10

200 OK

25 kB

URL HTTP/2
code.jquery.com/jquery-3.6.1.slim.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65241)
Size
25 kB (24673 bytes)
Hash
34d99b2a3b7a98fe5a5cb93085925b67
a949495aa722186ee5908c6c8650e49a05fd7af2
9efede4ce9cec693517b351fd91d66f667b0f0c002e48080cb609cfd69d1cada

HTTP Headers

GET /jquery-3.6.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-encoding: gzip
content-length: 24673
content-type: application/javascript; charset=utf-8
last-modified: Fri, 26 Aug 2022 17:36:05 GMT
accept-ranges: bytes
server: nginx
etag: W/"63090485-11b57"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CMHOtp0GEocBCiQxZTE2MTdjYi0wMWYxLTQ1N2EtYjRmMy0wMzU1MzQ0NWM5ZWQQ+OiCoKvU+wIaBgixsradBiIMOTEuOTAuNDIuMTU0KPzrAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkZGFjZTQ2MDQtYjZlMi00NmM3LWJjNzMtOWYyMWRiMWUwNGU0GOHAASIYCAISFGNkczAwMi5zazEuaHdjZG4ubmV0.1nNdHYXUHsB178/63ZQoEyc4MTrDQ5U3erj+hxfQLyQ=
x-hw: 1672321329.dop232.sk1.t,1672321329.cds212.sk1.hn,1672321329.cds002.sk1.c
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
e7483b98c56ad56b2767f384ad58c87e
4c2a479744b42d59c530576890b9c176b8ea47c6
7166c29d8574e8aa34137149842c6eaba8fc00851f24adb9e44091e66bc6b1e8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3340
Cache-Control: max-age=152099
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:09 GMT
Etag: "63ad3b49-116"
Expires: Sat, 31 Dec 2022 07:57:08 GMT
Last-Modified: Thu, 29 Dec 2022 07:01:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
794630798ece5fdc7622c5736cfc8c4c
b88d8c63c8c85072202fb76e4106789df8394ff3
aa8225bea6518ce7a35b1dcdd5ae62b217b5720d9d9143f9ae4360e8614c0c18

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
e7483b98c56ad56b2767f384ad58c87e
4c2a479744b42d59c530576890b9c176b8ea47c6
7166c29d8574e8aa34137149842c6eaba8fc00851f24adb9e44091e66bc6b1e8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3340
Cache-Control: max-age=152099
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:09 GMT
Etag: "63ad3b49-116"
Expires: Sat, 31 Dec 2022 07:57:08 GMT
Last-Modified: Thu, 29 Dec 2022 07:01:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

fonts.googleapis.com/css?family=IBM+Plex+Sans%3A300%2C400%2C500%7CIBM+Plex+Serif%3A300%2C400%2C500&display=swap%22&ver=5.8.6

142.250.74.106

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=IBM+Plex+Sans%3A300%2C400%2C500%7CIBM+Plex+Serif%3A300%2C400%2C500&display=swap%22&ver=5.8.6
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1296 bytes)
Hash
001d2ba5adbbb54638299ff52ff714d2
5dc1922892ab3d9942d2ea1c410a4c9d23bfbeae
efb348232524f1f0e0cdcdd2513c36c9d10a130672a27592295d9a39f32c0532

HTTP Headers

GET /css?family=IBM+Plex+Sans%3A300%2C400%2C500%7CIBM+Plex+Serif%3A300%2C400%2C500&display=swap%22&ver=5.8.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Dec 2022 13:42:09 GMT
date: Thu, 29 Dec 2022 13:42:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

casetext.com/wp-content/uploads/2019/12/no-tricks-160x160.png

172.66.43.64

200 OK

1.8 kB

URL HTTP/2
casetext.com/wp-content/uploads/2019/12/no-tricks-160x160.png
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.8 kB (1836 bytes)
Hash
068360a60e73124ef9781fb621e83637
923974ebb71899ed477cbc8aea1d76da824afd49
2725b8d9a397cb2e72e5aa41d2d0b749b7a4aa8e747ffcf6da6320f6cd3a2202

HTTP Headers

GET /wp-content/uploads/2019/12/no-tricks-160x160.png HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Cookie: cf_chl_2=b5cf492799abeca; cf_clearance=S06pNLKOyaMcpATED9UM2TZrybAf48o95JVpgQBTn0g-1672321329-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: image/webp
content-length: 1836
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=5105
content-disposition: inline; filename="no-tricks-160x160.webp"
etag: "13f1-598fd4f56d5c0"
last-modified: Thu, 05 Dec 2019 23:30:08 GMT
strict-transport-security: max-age=31536000
vary: Accept
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 7812f5164feab4ee-OSL
X-Firefox-Spdy: h2

casetext.com/wp-content/uploads/2019/12/affordable-160x160.png

172.66.43.64

200 OK

2.1 kB

URL HTTP/2
casetext.com/wp-content/uploads/2019/12/affordable-160x160.png
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2148 bytes)
Hash
b9da578f342089d0c02d9bf669c0f879
56776e61c1e9bd02d17731dbb1b7b3e08f83cc2d
4c8679e6f1afe8266c683d049bf6f6e3337ae825fa3fcd7cf84cfa2f27ac414d

HTTP Headers

GET /wp-content/uploads/2019/12/affordable-160x160.png HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Cookie: cf_chl_2=b5cf492799abeca; cf_clearance=S06pNLKOyaMcpATED9UM2TZrybAf48o95JVpgQBTn0g-1672321329-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: image/webp
content-length: 2148
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=6383
content-disposition: inline; filename="affordable-160x160.webp"
etag: "18ef-598fd4f533fc8"
last-modified: Thu, 05 Dec 2019 23:30:08 GMT
strict-transport-security: max-age=31536000
vary: Accept
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 7812f5164fe8b4ee-OSL
X-Firefox-Spdy: h2

casetext.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2411273445071274:1672319146:gXEW13Y2DaNHmfTC04bqD9NBYJSMt3tk4tf2SelTEsw/7812f5097f8eb4ee/b5cf492799abeca

172.66.43.64

200 OK

3.8 kB

URL HTTP/2
casetext.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2411273445071274:1672319146:gXEW13Y2DaNHmfTC04bqD9NBYJSMt3tk4tf2SelTEsw/7812f5097f8eb4ee/b5cf492799abeca
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2284), with no line terminators
Size
3.8 kB (3827 bytes)
Hash
af45c479d22792fa79d00cf7249f4fbf
9e5405d2a09f4224d8cad2e8a23bfd0179a9edfe
30ec729d3ad69ed4cc47cdad60ec725632e38f380faea9d5f4cba2961d3cdbed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.2411273445071274:1672319146:gXEW13Y2DaNHmfTC04bqD9NBYJSMt3tk4tf2SelTEsw/7812f5097f8eb4ee/b5cf492799abeca HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Content-type: application/x-www-form-urlencoded
CF-Challenge: b5cf492799abeca
Content-Length: 16645
Origin: https://casetext.com
Connection: keep-alive
Cookie: cf_chl_2=b5cf492799abeca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_chl_rc_ni=;Expires=Wed, 28 Dec 2022 13:42:09 GMT;SameSite=Strict
cf_chl_out: n6xliPO7a+YWnH7E+zv240Nb5Tc6XsG75PD8JwlBErsOSIBBsWhbdVPvmVvztvKRCl/7H0baEsW8CRCNLyOUiA==$HGzHXcxvRiWJOF4N6UIRkg==
cf_chl_out_s: huF+kc5RluFQGyU4J5bQgX+arFC9V6Hv3E0SbfuhQskHn3V8HWP5imOBsaelUWOnsysFZIS7NtBBcn2NWByW5WIaUsf09No0ShGnf8ZdSdZlamvcOS0wj8Nfy9n3FJ0+jpQzElWHOD7iSibAgjaYy3GrEXV9vbhJWPlHwWklwm5VXOAjbTTGckM4t4o0rN8H36XQXm/3pKDRD1RBioCxtQ==$ugPbj/G9n1feKT2TcPXbXg==
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f5137c82b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

casetext.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6

172.66.43.64

200 OK

5.3 kB

URL HTTP/2
casetext.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.6
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15224)
Size
5.3 kB (5279 bytes)
Hash
3b3fa3aaa4b5a3958a879a8c76fe03ab
fadf0855f2a198bc9f95da64534712daae1c0015
b0197ed6fbefa94b81fc1d2a5b0e167cac563e5afb85618e2cff41a844fcb620

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.6 HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Cookie: cf_chl_2=b5cf492799abeca; cf_clearance=S06pNLKOyaMcpATED9UM2TZrybAf48o95JVpgQBTn0g-1672321329-0-150
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: application/javascript; charset=utf-8
etag: W/"4705-5c4487ddedc00-gzip"
last-modified: Tue, 08 Jun 2021 22:15:12 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block
cf-cache-status: HIT
server: cloudflare
cf-ray: 7812f5169871b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15566
Expires: Thu, 29 Dec 2022 18:01:35 GMT
Date: Thu, 29 Dec 2022 13:42:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15566
Expires: Thu, 29 Dec 2022 18:01:35 GMT
Date: Thu, 29 Dec 2022 13:42:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15566
Expires: Thu, 29 Dec 2022 18:01:35 GMT
Date: Thu, 29 Dec 2022 13:42:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15566
Expires: Thu, 29 Dec 2022 18:01:35 GMT
Date: Thu, 29 Dec 2022 13:42:09 GMT
Connection: keep-alive

casetext.com/favicon.ico

172.66.43.64

503 Service Unavailable

16 kB

URL HTTP/2
casetext.com/favicon.ico
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
16 kB (16363 bytes)
Hash
7a47a5ce7e6f1d65286adb6c2ed65783
377ce3eece1ba1cc98167840aecff6ed6af57d3e
d196fd710dd60f6893625368bc82a259fd0e1851e0356e750f4c14fbf2d16e83

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 503 Service Unavailable
date: Thu, 29 Dec 2022 13:42:07 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f50b197ab4ee-OSL
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d5cced3-ee4c-4804-80dc-584edd53c321.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d5cced3-ee4c-4804-80dc-584edd53c321.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7413 bytes)
Hash
ffc1e01c2625e4cc8daff9cdb97e6419
d19e66f29d5109434382cd32bf9b2241e78cfad7
52c79fd4a79b7892ddd90a2294d200e5fdfce733d57e8416d248e1316405f627

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d5cced3-ee4c-4804-80dc-584edd53c321.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7413
x-amzn-requestid: d6a53b1a-bd52-4fd5-939d-82e00b6481b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuLFKCoAMFwcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c0-2152131e1043802c428082bb;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sDMe0v5BC-1UzhCCMUov8D6VlwJH8k_vXD6Q2URln-5GRp15nLho9w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:46:17 GMT
age: 57352
etag: "d19e66f29d5109434382cd32bf9b2241e78cfad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa04c7a62-2098-4ad1-ad79-eeb854075102.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6930 bytes)
Hash
9c45a2734abffd117a633d39d4fbff29
8c3c2b8d34ba6291307ddd43b625032118fa71e2
76aa0dc08d7f5755d7666f0e82e8d5ced9c84443e24048c5c6100825ed4fb963

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa04c7a62-2098-4ad1-ad79-eeb854075102.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6930
x-amzn-requestid: 261b7f75-c250-4443-b542-d46c8d75e164
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dyRonE1uIAMFwvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa6303-407e0c403bec2b4831067f40;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 03:14:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XZBmn_T0jP9yvtlHPtOsPNR2cfBLnYoUJVYhp7vI37B6xzFpkSEwEQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 07:35:10 GMT
age: 22019
etag: "8c3c2b8d34ba6291307ddd43b625032118fa71e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26073be1-1851-4348-a892-ee39e3b6f635.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9569 bytes)
Hash
d9f3c92ff3db8e0ec87e86aa28346ea5
c4cc987d54675d9285b43954ab8f010e5a258d9e
94be9c845c6373424c519720e61e2a1397f7390028d43dcdbf536686a7740b6b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26073be1-1851-4348-a892-ee39e3b6f635.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9569
x-amzn-requestid: 13baa87a-0f57-48c7-940a-de8e06d60278
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUiwFYmIAMFUuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce11-3cb3500473c3c28d694fd5ad;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 09jrhYwsh26t_Un3nHuTLOZMwln0vn-6fqUYvoelIAhuF6WIIwQ6jQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:41:53 GMT
age: 57616
etag: "c4cc987d54675d9285b43954ab8f010e5a258d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46059ea9-17d4-4278-9387-8af033f275e1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5687 bytes)
Hash
e100e2dc00534d3c6e4a4eccabd256d4
bb36fdbdd2ff78b5eac4becf508470d6f0a3512f
991a44a7aa774e41289f4b3ea2f13d0af69c86756d25763e81c274a9b3420e9a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46059ea9-17d4-4278-9387-8af033f275e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5687
x-amzn-requestid: 8fe763e5-63f9-4149-b494-4fe1298610f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4CXwGfTIAMFdlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63acb0fe-5958069220e442433e1941ce;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 21:11:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MM0AxcUhyYGa6e8s4W_jU0ihtU8pu2geeyxouqllG8ZdZ8PcxPUdJg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Dec 2022 03:55:16 GMT
age: 35213
etag: "bb36fdbdd2ff78b5eac4becf508470d6f0a3512f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f065733-5f7b-4113-9f70-8e9738de50f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6955 bytes)
Hash
db302f2c47edbbb185af9e4a96741d52
c616108fda3390ebd7f67926ba3e35a73b47135c
cc9e4fdb361624bb32511b195d4a1677e241502ba013b8f8a114ebb4956019ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f065733-5f7b-4113-9f70-8e9738de50f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6955
x-amzn-requestid: 59f34964-3642-4190-9edb-c2a1de006606
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhyXGHe0oAMFfSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3ca93-4acf45f93b24aebd33be5de1;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L4fg8oLUw2_pKOZNCh2YZi3_asUguQHaCtpPeCrUIYyVoAiwQlNqGg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 21:42:23 GMT
age: 57586
etag: "c616108fda3390ebd7f67926ba3e35a73b47135c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a76f9a6cacbb107da9d8d0b989936128
35f6bf4cf5d983f4f8edcb3e0db58cee5f2b552e
0a0ab2ab5964131b0bca0c63cc6ce85704e5d61b30c00555dbec6f399af6fedd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a76f9a6cacbb107da9d8d0b989936128
35f6bf4cf5d983f4f8edcb3e0db58cee5f2b552e
0a0ab2ab5964131b0bca0c63cc6ce85704e5d61b30c00555dbec6f399af6fedd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
107c7b24cc9711281977c9e9094da7af
18e6f30a0dbc072380e414236b2a8296e7a7f6f6
c8a97836b9b198c55753dd8e72c0ae03fe473f02f098deb2c4145b677d19be08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

casetext.com/dist/css/common?47e69468c9

172.66.43.64

200 OK

970 B

URL HTTP/2
casetext.com/dist/css/common?47e69468c9
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1316), with no line terminators
Size
970 B (970 bytes)
Hash
ea1b393ed3fb6c33812d4de12ceb27f8
d140f8d873ace863633b1d6880dfc450609d7835
fa8eafd8f6448a62323e8a8e3808421b63c54063671ed3f516e9b05c01e54ae0

HTTP Headers

GET /dist/css/common?47e69468c9 HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Cookie: cf_chl_2=b5cf492799abeca; cf_clearance=S06pNLKOyaMcpATED9UM2TZrybAf48o95JVpgQBTn0g-1672321329-0-150
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
etag: W/"524-18541b62048"
last-modified: Sat, 24 Dec 2022 01:18:53 GMT
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 66929
vary: Accept-Encoding
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f5180a70b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexserif/v15/jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2

216.58.207.227

200 OK

19 kB

URL HTTP/2
fonts.gstatic.com/s/ibmplexserif/v15/jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18648, version 1.0\012- data
Size
19 kB (18648 bytes)
Hash
0eff5f4f8454fc2e0b505d815d487f87
d0954aae86a8be7688bc51ed47a49d9f076c40a2
20e75a233afc04ee49453ab429df327ab951bfbc7264d6ce2e790fa7d928186c

HTTP Headers

GET /s/ibmplexserif/v15/jizDREVNn1dOx-zrZ2X3pZvkTiUf2zc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://casetext.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18648
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 15:47:02 GMT
expires: Wed, 27 Dec 2023 15:47:02 GMT
cache-control: public, max-age=31536000
age: 165308
last-modified: Tue, 26 Apr 2022 15:49:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PXDV7PJ

142.250.74.168

200 OK

55 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PXDV7PJ
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
55 kB (54637 bytes)
Hash
428e7e5ebaa9fb6b8563764b69eba5d3
bcf101cb977fce1d4a81a38256b7f9de60594fd5
4bd23b96e064464079f398457e8205c15554974ec06234efcad267c4a8504503

HTTP Headers

GET /gtm.js?id=GTM-PXDV7PJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Dec 2022 13:42:10 GMT
expires: Thu, 29 Dec 2022 13:42:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 54637
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexserif/v15/jizAREVNn1dOx-zrZ2X3pZvkTi3s-CI0q1s.woff2

216.58.207.227

200 OK

19 kB

URL HTTP/2
fonts.gstatic.com/s/ibmplexserif/v15/jizAREVNn1dOx-zrZ2X3pZvkTi3s-CI0q1s.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19256, version 1.0\012- data
Size
19 kB (19256 bytes)
Hash
d302ff5b8931304e18d2a259a2f57022
b2fb34907bb23c684a634b563b265318e0db10ee
8352c24b0192777b11a8b7ad96aab2853a2531e254c58dfc4774b8efc0cf6986

HTTP Headers

GET /s/ibmplexserif/v15/jizAREVNn1dOx-zrZ2X3pZvkTi3s-CI0q1s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://casetext.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:34:39 GMT
expires: Sat, 23 Dec 2023 13:34:39 GMT
cache-control: public, max-age=31536000
age: 518851
last-modified: Tue, 26 Apr 2022 16:03:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-NF4WQVP

142.250.74.168

200 OK

40 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NF4WQVP
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
40 kB (39866 bytes)
Hash
f8a40ee049ba6477961deccef243f000
e6fb175b7c3734d8ab187a2b91aa6c2447d1ffb1
27c3ccb2116b86783ccd848c0d966a61f1005d29a7301406f23a0d7625547bff

HTTP Headers

GET /gtm.js?id=GTM-NF4WQVP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Dec 2022 13:42:10 GMT
expires: Thu, 29 Dec 2022 13:42:10 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

216.58.207.227

200 OK

19 kB

URL HTTP/2
fonts.gstatic.com/s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18860, version 1.0\012- data
Size
19 kB (18860 bytes)
Hash
c91aac6ef66a18aed734e40c1b7ef33c
8e7075376823d45b4367b876d9ca7e24b22e07af
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785

HTTP Headers

GET /s/ibmplexsans/v14/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://casetext.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 17:55:35 GMT
expires: Wed, 27 Dec 2023 17:55:35 GMT
cache-control: public, max-age=31536000
age: 157595
last-modified: Tue, 26 Apr 2022 15:50:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a76f9a6cacbb107da9d8d0b989936128
35f6bf4cf5d983f4f8edcb3e0db58cee5f2b552e
0a0ab2ab5964131b0bca0c63cc6ce85704e5d61b30c00555dbec6f399af6fedd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
107c7b24cc9711281977c9e9094da7af
18e6f30a0dbc072380e414236b2a8296e7a7f6f6
c8a97836b9b198c55753dd8e72c0ae03fe473f02f098deb2c4145b677d19be08

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

casetext.com/pages/wp-content/uploads/2022/07/casetext-logo-dark.png

172.66.43.64

200 OK

3.4 kB

URL HTTP/2
casetext.com/pages/wp-content/uploads/2022/07/casetext-logo-dark.png
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.4 kB (3448 bytes)
Hash
d8ba657c0858eda170a08d3bdeab8260
7ba246379f6d93f825432f498cf7d1d45636279e
7a26abecf4275a9ff59c88ac087909fb690cfdb1ae9a06f368d06471749ec884

HTTP Headers

GET /pages/wp-content/uploads/2022/07/casetext-logo-dark.png HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Cookie: cf_chl_2=b5cf492799abeca; cf_clearance=S06pNLKOyaMcpATED9UM2TZrybAf48o95JVpgQBTn0g-1672321329-0-150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:10 GMT
content-type: image/webp
content-length: 3448
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=3771
content-disposition: inline; filename="casetext-logo-dark.webp"
etag: "635be510-ebb"
last-modified: Fri, 28 Oct 2022 14:20:00 GMT
vary: Accept
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block
cf-cache-status: HIT
accept-ranges: bytes
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f5187af2b4ee-OSL
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

4.7 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (13063)
Size
4.7 kB (4654 bytes)
Hash
bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=61581
date: Thu, 29 Dec 2022 13:42:10 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0cd4160787e99315a372ee1f26de398c
a83328d83b89e321dd90b7803afb1aef40552840
59bc9ec6df549bfdc0abe4b4d9a08cca190ef7f0fd54d844986eebf4d28bbfa4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4056
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Last-Modified: Thu, 29 Dec 2022 12:34:34 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aff94ab908d47a02a12d3a22aa7532ae
1dc1591860c8cf9d2044c2e0738013688844770d
1dbe84578c7cb1c7886469e36ed6ddc11a9d1892e46dcdcd6d6533331e64a1a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27298 bytes)
Hash
8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ++fm2uCxaxURJ07OuZGTnxYtM6iMC+EtLWVM39UuC4hygF1hzjscaaHxnn/EcB2JAVlzqyuPoHhxVPzotuKPFA==
content-length: 27298
x-fb-trip-id: 1904183273
date: Thu, 29 Dec 2022 13:42:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/10841373491/?random=1672321324799&cv=11&fst=1672321324799&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&rfmt=3&fmt=4

142.250.74.34

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10841373491/?random=1672321324799&cv=11&fst=1672321324799&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2843), with no line terminators
Size
1.1 kB (1080 bytes)
Hash
acbe054dd2c57c48d524c69c1323fd2c
e36556f9b1b23912efd43cdc6cd87cbf2686bcb0
1e40fe2c9665989a3eb8273cc19edf39aef9537ff8dd901cf29b762741091a0d

HTTP Headers

GET /pagead/viewthroughconversion/10841373491/?random=1672321324799&cv=11&fst=1672321324799&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 13:42:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1080
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Dec-2022 13:57:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
7e78bcb486a6bc5b61700b7cb0034441
e1c0d5dadc460a10f1caa74170a89ef698c0a19a
61a2cbaa16ed476197d754951bc827e0781071cc49ee14ee3d9dedecbb4996ac

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 29 Dec 2022 13:42:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 29 Dec 2022 00:42:49 GMT
Expires: Fri, 30 Dec 2022 00:42:49 GMT
ETag: "e1c0d5dadc460a10f1caa74170a89ef698c0a19a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0cd4160787e99315a372ee1f26de398c
a83328d83b89e321dd90b7803afb1aef40552840
59bc9ec6df549bfdc0abe4b4d9a08cca190ef7f0fd54d844986eebf4d28bbfa4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4056
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Last-Modified: Thu, 29 Dec 2022 12:34:34 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
da192d63f97a40e364982def84c67a13
5369ab3ee7f5acd74792cc36919b6c6ba8cf9c74
448893a0c607e1b5ac6e4918f8f70e7c950778acc36bba82fbe1d30572699f77

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 29 Dec 2022 13:42:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Dec 2022 22:26:09 GMT
Expires: Thu, 29 Dec 2022 22:26:09 GMT
ETag: "5369ab3ee7f5acd74792cc36919b6c6ba8cf9c74"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aff94ab908d47a02a12d3a22aa7532ae
1dc1591860c8cf9d2044c2e0738013688844770d
1dbe84578c7cb1c7886469e36ed6ddc11a9d1892e46dcdcd6d6533331e64a1a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.starfieldtech.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
da192d63f97a40e364982def84c67a13
5369ab3ee7f5acd74792cc36919b6c6ba8cf9c74
448893a0c607e1b5ac6e4918f8f70e7c950778acc36bba82fbe1d30572699f77

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 29 Dec 2022 13:42:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 28 Dec 2022 22:26:09 GMT
Expires: Thu, 29 Dec 2022 22:26:09 GMT
ETag: "5369ab3ee7f5acd74792cc36919b6c6ba8cf9c74"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

casetext.com/dist/js/common?e132fb805d

172.66.43.64

200 OK

18 kB

URL HTTP/2
casetext.com/dist/js/common?e132fb805d
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7507), with no line terminators
Size
18 kB (17996 bytes)
Hash
6103fa0079568dafc8d8ad5a57e56172
68db6dae7535ed0c9814e67e30af741800d10265
0194b55df889b061c15f5f64f6fb743cdd34866733f05962633878c71e17c8ef

HTTP Headers

GET /dist/js/common?e132fb805d HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Cookie: cf_chl_2=b5cf492799abeca; cf_clearance=S06pNLKOyaMcpATED9UM2TZrybAf48o95JVpgQBTn0g-1672321329-0-150
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
etag: W/"1d53-18541b77420"
last-modified: Sat, 24 Dec 2022 01:20:20 GMT
via: 1.1 spaces-router (e13668ca8eb7)
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 464805
vary: Accept-Encoding
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f5164feeb4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/3674196/domain/casetext.com/token

143.204.55.71

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/3674196/domain/casetext.com/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/3674196/domain/casetext.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://casetext.com/
Origin: https://casetext.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 0
date: Thu, 29 Dec 2022 08:16:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1Tote7_REd5BPcZR2oeVFMrWeAjO0INHv5TKV3GXsaBECdJRkGU_qQ==
age: 19544
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
281e831db193bdbb80e6ff33b3047078
91c685f3d3fa05fe966cd40c01fbf7e8f3a82ca6
d8f34ff19d7fa4165490af8228d1e3ab2a835c5cf02b80d2efe8203ade76e38d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5c99bc2bdc49e510ab1eaaba3318e81f
a26e89bef2ccb2aee1a8638f4164d130bd7c290f
e8879091414885eab109e13ccb0216ec0c103f744ecbec5ed13628cf1803427f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/10841373491/?random=1672321324799&cv=11&fst=1672318800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&fmt=3&is_vtc=1&random=1945033947&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/10841373491/?random=1672321324799&cv=11&fst=1672318800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&fmt=3&is_vtc=1&random=1945033947&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10841373491/?random=1672321324799&cv=11&fst=1672318800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&fmt=3&is_vtc=1&random=1945033947&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 13:42:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/10841373491/?random=1672321324799&cv=11&fst=1672318800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&fmt=3&is_vtc=1&random=1945033947&rmt_tld=1&ipr=y

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/10841373491/?random=1672321324799&cv=11&fst=1672318800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&fmt=3&is_vtc=1&random=1945033947&rmt_tld=1&ipr=y
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10841373491/?random=1672321324799&cv=11&fst=1672318800000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ref=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&tiba=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&fmt=3&is_vtc=1&random=1945033947&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 13:42:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
58f16dc497b3f884e2c830bdf344cd80
322e70c4b62d1482294f69752ae325f8a705f231
91e58e3782d5091a0407a602836e1a853ce9b754f16c2df501c3c4d65ef136d0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5c99bc2bdc49e510ab1eaaba3318e81f
a26e89bef2ccb2aee1a8638f4164d130bd7c290f
e8879091414885eab109e13ccb0216ec0c103f744ecbec5ed13628cf1803427f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

px.ads.linkedin.com/collect?v=2&fmt=js&pid=3674196&time=1672321324977&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3674196&time=1672321324977&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3674196&time=1672321324977&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3674196%26time%3D1672321324977%26url%3Dhttps%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJG0g54H8IeyQAAAYVeHm4_SY9u8DOtTNScKd1wNWXJXhUTFiDDY0N8xEmA6Pf4-4SFu32C5ySxeQ; Max-Age=2592000; Expires=Sat, 28 Jan 2023 13:42:10 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJUlTArNiJs0gAAAYVeHm4_XwQFL5YAQeRiq8Kuis9k5SxdUF7zbqDKUEPgX2fycU_auR17B1__C9w3ro7dWg; Max-Age=2592000; Expires=Sat, 28 Jan 2023 13:42:10 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&c3dc6e11-3b1b-43b8-8d7d-325a5cb75614"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 29-Dec-2023 13:42:10 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2403:u=1:x=1:i=1672321330:t=1672407730:v=2:sig=AQEs08D2rS_PHZUzt68shFSj7u5laDxL"; Expires=Fri, 30 Dec 2022 13:42:10 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXw96beXI+XXE5hT66tYg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 21085BBC606B47F39BFE74B461F355F6 Ref B: OSL30EDGE0522 Ref C: 2022-12-29T13:42:10Z
date: Thu, 29 Dec 2022 13:42:10 GMT
content-length: 0
X-Firefox-Spdy: h2

script.crazyegg.com/pages/data-scripts/0089/7395/site/casetext.com.json?t=1

104.19.147.8

200 OK

1.6 kB

URL HTTP/2
script.crazyegg.com/pages/data-scripts/0089/7395/site/casetext.com.json?t=1
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (4072), with no line terminators
Size
1.6 kB (1591 bytes)
Hash
5e5b837919cc1701270790a6de73293f
ecdd725f5898a33487f58ae2ba971daeafc9e1e4
5778786770c65306fc2a33ae9b684145d401184d0420f23f082d691764f4e77b

HTTP Headers

GET /pages/data-scripts/0089/7395/site/casetext.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:10 GMT
content-type: application/json
content-length: 1591
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 29 Dec 2022 13:10:18 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7812f51cb9b90b65-OSL
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/3674196/domain/casetext.com/token

143.204.55.71

200 OK

62 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/3674196/domain/casetext.com/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
d39abb34da93ec5faa48669ac4788977
cc2627a86b99e91540251b6fb7e17a9b1faa1ee7
b329d16bd7e06de93beac4a9e4d67b8be6d1c944b7b8e398b929460f73b7c4ce

HTTP Headers

GET /partner/3674196/domain/casetext.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Thu, 29 Dec 2022 12:44:02 GMT
access-control-allow-origin: *
cache-control: public, max-age=13499
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rhVLuC6pLEPgnWoKdAEc_kFmqJdIpnuEvca9gz0A5b796HPsPTiI_g==
age: 3488
X-Firefox-Spdy: h2

script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js

104.19.147.8

200 OK

27 kB

URL HTTP/2
script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (63889)
Size
27 kB (26887 bytes)
Hash
11878d289c10ebc964291941e629da81
64a6acf46f0d22a9d1dbd49e504948c7f4ba6f4d
e93037c1a50484a39322a09c9b0e4aca3e6c8c44ba8f968fb3c3bcf57c573fe7

HTTP Headers

GET /pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:10 GMT
content-type: text/javascript
content-length: 26887
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Wed, 21 Dec 2022 12:59:21 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 675406
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7812f51eaa72b4f3-OSL
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=298262282273739&ev=PageView&dl=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&rl=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&if=false&ts=1672321325409&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672321325408.1152558792&it=1672321325042&coo=false&exp=c0&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=298262282273739&ev=PageView&dl=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&rl=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&if=false&ts=1672321325409&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672321325408.1152558792&it=1672321325042&coo=false&exp=c0&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=298262282273739&ev=PageView&dl=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&rl=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&if=false&ts=1672321325409&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672321325408.1152558792&it=1672321325042&coo=false&exp=c0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 29 Dec 2022 13:42:11 GMT
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3674196%26time%3D1672321324977%26url%3Dhttps%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3674196%26time%3D1672321324977%26url%3Dhttps%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3674196%26time%3D1672321324977%26url%3Dhttps%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3674196&time=1672321324977&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&5e9fb1c1-07b4-437c-85ff-8f058a4bf59f"; Domain=.linkedin.com; Expires=Fri, 29-Dec-2023 13:42:11 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202212291342112c60c8ac-794f-41cc-89d1-bdaa3e5e3c72AQGWXS3Z4kdsAor8Lx4NePY_zsCztK7j"; Domain=.www.linkedin.com; Expires=Fri, 29-Dec-2023 13:42:11 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzIzMjEzMzE7MjswMjH4ZAyw1JoA+wQOcGrRoOeLrI0UkXwDBSk8zhG1p7hVdA==; Domain=.linkedin.com; Expires=Tue, 27 Jun 2023 13:42:11 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2403:u=1:x=1:i=1672321331:t=1672407731:v=2:sig=AQEaqllZXoBeuRvtXX5ExoWWuDcC-V63"; Expires=Fri, 30 Dec 2022 13:42:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXw96bjpsvdfo+JHThuAg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 93D8EF391EB14A8185F8C7F6B835E918 Ref B: OSL30EDGE0522 Ref C: 2022-12-29T13:42:10Z
date: Thu, 29 Dec 2022 13:42:10 GMT
content-length: 0
X-Firefox-Spdy: h2

script.crazyegg.com/pages/data-scripts/0089/7395/sampling/casetext.com.json?t=464533

104.19.147.8

200 OK

144 B

URL HTTP/2
script.crazyegg.com/pages/data-scripts/0089/7395/sampling/casetext.com.json?t=464533
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
11af5d34c181a93de8461bf4f52a9fe5
cf36e00c3c0971f1290f1c97d1db9ec42ca9664a
769700d10ecd71188e66e3d1ffb8ee2c4c2e6a82b4a0f76bd147a88cef3c4251

HTTP Headers

GET /pages/data-scripts/0089/7395/sampling/casetext.com.json?t=464533 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:11 GMT
content-type: application/json
content-length: 144
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 29 Dec 2022 13:10:19 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7812f51f0c410b65-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
892c2609c2261b4752e23772625858c6
3a069ba68bb3cc984f446e71dcf8e64a4ece10c5
ce54af5fa2b0869db2779bac884a4ef0b97d41690c7f708070d43cc036ec907d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Dec 2022 13:42:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 29 Dec 2022 11:36:11 GMT
Expires: Thu, 05 Jan 2023 11:36:10 GMT
Etag: "3a069ba68bb3cc984f446e71dcf8e64a4ece10c5"
Cache-Control: max-age=596638,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7812f51f1d5ab50c-OSL

pagestates-tracking.crazyegg.com/healthcheck

54.230.111.20

200 OK

19 B

URL HTTP/2
pagestates-tracking.crazyegg.com/healthcheck
IP
54.230.111.20:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 14 Nov 2022 03:38:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gINhrl0nhTLDPNHNtp-KsegSvYpNEVF2KRKos7t1q3fdQd0H8psO-A==
age: 3924226
X-Firefox-Spdy: h2

assets-tracking.crazyegg.com/healthcheck

54.230.111.11

200 OK

19 B

URL HTTP/2
assets-tracking.crazyegg.com/healthcheck
IP
54.230.111.11:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
19 B (19 bytes)
Hash
d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

HTTP Headers

GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Tue, 06 Dec 2022 01:51:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KJRl2zP6Xab1ME4vK6VdMQbFGyK_AkWcyxDAxuTzyZbMBS00mU16nA==
age: 2029857
X-Firefox-Spdy: h2

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3674196&time=1672321324977&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=3674196&time=1672321324977&url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&903256f5-c4f5-452c-8754-424776e2e4fc"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 29-Dec-2023 13:42:11 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2403:u=1:x=1:i=1672321331:t=1672407731:v=2:sig=AQEaqllZXoBeuRvtXX5ExoWWuDcC-V63"; Expires=Fri, 30 Dec 2022 13:42:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXw96bm5Cfi4GHhr1Cmlw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EC6A6810AF834A21A5B8BD06EAB51C56 Ref B: OSL30EDGE0522 Ref C: 2022-12-29T13:42:11Z
date: Thu, 29 Dec 2022 13:42:11 GMT
content-length: 0
X-Firefox-Spdy: h2

34.215.155.61/is

34.215.155.61

200 OK

32 B

URL HTTP/1.1
34.215.155.61/is
IP
34.215.155.61:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
58204784e4490bb2717089c4a22182a9
0a029b1a3358db73b8105c9ed6b834b13b98574f
cd26786587caa46e51210956c505d896063f198bcd55cc2b675fa58d05c4c879

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /is HTTP/1.1
Host: 34.215.155.61
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/
Origin: https://casetext.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 29 Dec 2022 13:42:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 0
server: istio-envoy
connection: close

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
02906cd99bb8cddf98b1d4e2900ad168
482d9b7e3c7ef475f0c3ffbdd70f1fbd6370168f
644ecb707c1eaf23ae9e01441f7906806d14551e6f4011e9009887787c19cbc1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97837
Date: Thu, 29 Dec 2022 13:42:11 GMT
Etag: "63ac5b8e-1d7"
Expires: Fri, 30 Dec 2022 16:52:48 GMT
Last-Modified: Wed, 28 Dec 2022 15:06:54 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8UBBIbyHV9gow6uOjDK_erZd2sUBIddrWD0L1PvrhzWZNoleUic1yA==
Age: 6354

tracking.crazyegg.com/clock?t=1672321325932&tk=e03dd7d67bf35801af063e0484db2629

34.247.113.167

200 OK

26 B

URL HTTP/2
tracking.crazyegg.com/clock?t=1672321325932&tk=e03dd7d67bf35801af063e0484db2629
IP
34.247.113.167:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
64d8cbf1ca2fdf9915e5c27224fa8989
5333e3b93d66406980dc9ad864748d6918c52df1
03e711f0833a17a7c2c58acc6a964f2e785f366c7bcab6c5a7b50e24f2b7ee52

HTTP Headers

GET /clock?t=1672321325932&tk=e03dd7d67bf35801af063e0484db2629 HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: awselb/2.0
date: Thu, 29 Dec 2022 13:42:11 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2

widget.intercom.io/widget/qkjicb4d

54.230.111.53

200 OK

6.2 kB

URL HTTP/2
widget.intercom.io/widget/qkjicb4d
IP
54.230.111.53:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (18920), with no line terminators
Size
6.2 kB (6169 bytes)
Hash
dedb187b013d08b7a0a1b185e114c852
f88062531b24d72a89143082314baaee633efad9
899790458df932aeb01bfe0f7293e967e8e83b0c41afaa0a1be9bcb71ab81363

HTTP Headers

GET /widget/qkjicb4d HTTP/1.1
Host: widget.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 6169
last-modified: Thu, 22 Dec 2022 14:57:43 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: ek5KExvHI.BvxyAq59cvRwh1Xf.Ev15U
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 13:32:36 GMT
cache-control: max-age=900, s-maxage=900, public
etag: "dedb187b013d08b7a0a1b185e114c852"
x-cache: Error from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6HRLmJuoygrJJiqbJu6Pw6PITXByV9Wt4NSr2pfJbEcfv_4Vq-uNhg==
age: 650
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

js.intercomcdn.com/frame.32905950.js

54.230.111.118

200 OK

138 kB

URL HTTP/2
js.intercomcdn.com/frame.32905950.js
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
138 kB (138495 bytes)
Hash
5b4f23747953a9e88179d2e4aa0bfedd
b33fc6a2df567cc060f309a45ae1e15ec1b1f38e
cb03ebb906ac57bf61db8956c39964b1635589a45818acc2e1ca3d8ed21c84f4

HTTP Headers

GET /frame.32905950.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 138495
last-modified: Thu, 22 Dec 2022 14:56:06 GMT
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: VR2.wcnFa_lmwV_CWuI5hxGkdAo2F6pv
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 13:21:47 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "5b4f23747953a9e88179d2e4aa0bfedd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HJQ6sUlCk_Y7antiTw7iNliwlETtWjExkHFV0SMgLmVCHJHrQM6Fiw==
age: 1227
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js

143.204.48.96

200 OK

5.5 kB

URL HTTP/2
cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (15962)
Size
5.5 kB (5507 bytes)
Hash
06f670245f15dfabaf8679a7c51ae2fc
8aaef272cdb97d530221b940eba8903d9abe4665
bd8a271448c910f1beff146966b131024951743ff6085f9a8ce78aa957cf1b33

HTTP Headers

GET /analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Sun, 04 Dec 2022 05:04:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sun, 04 Dec 2022 04:06:01 GMT
etag: W/"3e448afdfea355c0f19700d04431ce7d"
cache-control: public,max-age=31536000,immutable
x-amz-version-id: DaaIbLnzvn06V4JPscsHdkknFnPWetFJ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hIPpI--FpBIL9ILrRgucJs-s3wnuUHEtG8efSaF7wln_2Nuu9V-hSA==
age: 2191066
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz

143.204.48.96

200 OK

1.1 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (2155)
Size
1.1 kB (1061 bytes)
Hash
9fb524ce2b800e7ddc8a15d53c31c3d1
d6c3aa637290e157c4b2a3f8e2ba6c11f39c55a0
7f5472db069c402357687def1a8fa7ee4704b91f22ebcec1ca056a7a8e871975

HTTP Headers

GET /next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1061
date: Fri, 18 Nov 2022 22:43:01 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 24 Oct 2022 18:48:00 GMT
etag: "9fb524ce2b800e7ddc8a15d53c31c3d1"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: FMY8BWawEYdUKyos6WMQbV7a6Ro2PnOl
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SkiDDgnbmWOmdqN0LUrYVz77qTXa2YWh-xyxpTPiC34pt__rfHHIPQ==
age: 3509953
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz

143.204.48.96

200 OK

3.3 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (10395)
Size
3.3 kB (3273 bytes)
Hash
4b03a476015c2ba9b9e74e895b97c12c
6c637bf7b7cfaadbb85b675809f52601581e760d
cc6c205c3a2d7a844b1825c4b9925f2811d0391bc937fc322ad973808e459fd5

HTTP Headers

GET /next-integrations/integrations/facebook-pixel/2.11.5/facebook-pixel.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 3273
date: Thu, 08 Dec 2022 02:50:51 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 07 Dec 2022 17:21:16 GMT
etag: "4b03a476015c2ba9b9e74e895b97c12c"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: 686e2wIFZmzwy5OG3P1.gQ.uj44oG_AK
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d4Fr8ZYjwosgfui76OLTmlMIUXORT3HkC6ya20pc0UUk-nnwS2od2w==
age: 1853483
X-Firefox-Spdy: h2

cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.1466bb14223e695495e6.js

143.204.48.96

200 OK

4.5 kB

URL HTTP/2
cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.1466bb14223e695495e6.js
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (9147)
Size
4.5 kB (4527 bytes)
Hash
5b4b8f3be27ff50f7575a56c1eaa47e6
a8e74ab55f76a1864e45c3a00b175e98c2549439
e79046d660103afd7d95fc0ce32c7903a2128084c0232a782c548ff6ae137e1c

HTTP Headers

GET /analytics-next/bundles/ajs-destination.bundle.1466bb14223e695495e6.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Thu, 08 Dec 2022 03:00:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Dec 2022 00:52:27 GMT
etag: W/"238b8357fd89fec8e05754f2e8550aa2"
cache-control: public,max-age=31536000,immutable
x-amz-version-id: laxW76Utysumpt4PGNIVrD2EkpEC_Vx5
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NxeaSUEYI0cohRa45w1otxlWSsGkBqdUJFxNrBMzXZRxOCdrrn89jw==
age: 1852891
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz

143.204.48.96

200 OK

2.0 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (5487)
Size
2.0 kB (1969 bytes)
Hash
c8cbba72a05e723659d348e2dd175bb0
c992526eb9fcf4503f1dfe8d8ff36f57da01a461
cdb410e6855415a38cbd8b5b9641c0b3f50bcec8e3b3b4e42983908cde7973a4

HTTP Headers

GET /next-integrations/integrations/twitter-ads/2.5.2/twitter-ads.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1969
date: Fri, 18 Nov 2022 17:34:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 24 Oct 2022 18:48:00 GMT
etag: "c8cbba72a05e723659d348e2dd175bb0"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: NfYq3in4OnAhDJmNOqUpw8cr.PmoHBix
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lYwdzrbnjllfNS2Jkfo-mT8Mqq4e9gEnBsvU4oP5t5fl6KDgxJuNDw==
age: 3528474
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz

143.204.48.96

200 OK

16 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (46392)
Size
16 kB (15523 bytes)
Hash
22f964b449ca210bdea17404f4624ac9
f0e3360fc9b478482c534fc68431d6140aaa42e6
4db88b3ba99870f85e8a5d540219f7411cdaf77d602deb5d36a0bfdaff69e476

HTTP Headers

GET /next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 15523
date: Fri, 18 Nov 2022 12:14:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 24 Oct 2022 18:48:00 GMT
etag: "22f964b449ca210bdea17404f4624ac9"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: f0UvIyKo7YaS5g9vrzKRek8TePrn1hB5
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wBVpLxwkxQWkfkpTbAc9dJ1mfIW6H2wpDRHTwv02CdcACekcIjw35w==
age: 3547646
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz

143.204.48.96

200 OK

1.3 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (2963)
Size
1.3 kB (1342 bytes)
Hash
a1bed0458702cf863f2d24fb1b9d39ae
d39f92c601bbdb4b23ef82f8f2db000c8aef44da
58741d95ef94921adc6950bd1e59798f4dd43c6f04dfdb58ee425a99a925e279

HTTP Headers

GET /next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1342
date: Wed, 30 Nov 2022 15:34:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 24 Oct 2022 18:48:00 GMT
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: qKZ6.5ZKEE1pA7EqDU_6D5gjnPEealH2
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hOXFxUj8qcgJHM8gRHMMaFUNEThsSYiXCawTCqzrhVd6DsrvmRWWSw==
age: 2498865
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/woopra/3.0.0/woopra.dynamic.js.gz

143.204.48.96

200 OK

1.6 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/woopra/3.0.0/woopra.dynamic.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (3579)
Size
1.6 kB (1645 bytes)
Hash
0fa10ec6ef96754af5f93a12ebc3849d
7639cef5027452de48030365dc1904784ab6fe8b
7093d69a5de5ab383cd22e8d08c7cdf0f7ff2aba86f22904665591262096916b

HTTP Headers

GET /next-integrations/integrations/woopra/3.0.0/woopra.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1645
date: Fri, 18 Nov 2022 23:55:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 24 Oct 2022 18:48:00 GMT
etag: "0fa10ec6ef96754af5f93a12ebc3849d"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: aH.vkALqOMLmdDSqaZNvOvklog2.uVyv
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 21WH-H2Rd1P9s5Vvq6-masgVpWCbBISZuDS6497s5SWvym1KaeLfUg==
age: 3505592
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz

143.204.48.96

200 OK

1.6 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (3477)
Size
1.6 kB (1554 bytes)
Hash
eca7290acd47797e77fc87621b4b7a5d
7c8a86ec89f9a931efe1cc1355f07b62f0527cee
223a450e4d786bac93559a8a5d34c78be271a89f7417842b0ae254bf7e90fb55

HTTP Headers

GET /next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 1554
date: Fri, 18 Nov 2022 23:07:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 24 Oct 2022 18:48:00 GMT
etag: "eca7290acd47797e77fc87621b4b7a5d"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: bSNXSiHZKNjKP8l9nkhoMu.CM3PHdWFN
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: csGyqbqH9DoWhx862UeLNuhNIq8HXfl8-LVFqKpuT7nzRJvhJcF7zg==
age: 3508481
X-Firefox-Spdy: h2

cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

143.204.48.96

200 OK

22 kB

URL HTTP/2
cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
22 kB (22177 bytes)
Hash
befb217271e2e926c7d898f1c85f6cb7
b6ca8f0b9eb7ddebc916cbc77eddab8532216748
21c28b41965eaf22aae5ee670f71227bd2d8fd32a024d62864873f7c8621e8f4

HTTP Headers

GET /next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 22177
date: Fri, 09 Dec 2022 10:16:22 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 07 Dec 2022 17:21:14 GMT
etag: "befb217271e2e926c7d898f1c85f6cb7"
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: nCe7.wX1BbiLVINghrbErhSI9GNiVjGD
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HWzUWMltU_iZzYDz9bea3Q8fkjQ4lyPpDqyT2qVpYmFCMXj0cQ7fvg==
age: 1740352
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ef8746414f868a2c853256eac55c7f6e
dd1c805a4eb9cbf400cf70ab0d8d1999167fae2f
a0fa0852b826e02751eed9c7541c1bca9f569a2e28902b1e7bfbc5ae0220ffb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170239
Date: Thu, 29 Dec 2022 13:42:13 GMT
Etag: "63ad7ec3-1d7"
Expires: Sat, 31 Dec 2022 12:59:32 GMT
Last-Modified: Thu, 29 Dec 2022 11:49:23 GMT
Server: ECS (nyb/1D06)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AN4Dmu-27dT5ZqHNKjMUrGTRfGD1Vh1w0o0ZIPlhAngoZ7vr7UHbAA==
Age: 4209

www.googleoptimize.com/optimize.js?id=OPT-W5B6NND

142.250.74.78

200 OK

43 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=OPT-W5B6NND
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
43 kB (42966 bytes)
Hash
d2128d37129fa79f6058da7fc9e1f567
911a93c8e873ce07ced0b077a946d0b76714e35f
574a592b82ffc4b3e6d95a4812c60be9abcf4e6418c8a0f70355d1cfaa0ee36d

HTTP Headers

GET /optimize.js?id=OPT-W5B6NND HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Dec 2022 13:42:14 GMT
expires: Thu, 29 Dec 2022 13:42:14 GMT
cache-control: private, max-age=900
last-modified: Thu, 29 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/253028,3674196/domain/casetext.com/token

143.204.55.71

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/253028,3674196/domain/casetext.com/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/253028,3674196/domain/casetext.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://casetext.com/
Origin: https://casetext.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 0
date: Thu, 29 Dec 2022 08:42:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jlzCkPRmjHdyIFvWX2dToRw5pYaD7P4ITuB5D0qRNqhTZuOgm1sQVg==
age: 17991
X-Firefox-Spdy: h2

static.woopra.com/js/w.js

151.101.129.91

200 OK

13 kB

URL HTTP/2
static.woopra.com/js/w.js
IP
151.101.129.91:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (37657)
Size
13 kB (12876 bytes)
Hash
e4f79b4d7cfe7f1d136e26a22135462c
794bc954d4ecf992e05c71edc01673ae3bf7d770
aa3f78a4e2893d795c626b991bb03ba7788ff4969459a04d69f0fddd44d4e73a

HTTP Headers

GET /js/w.js HTTP/1.1
Host: static.woopra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache/2.2.15 (Red Hat)
last-modified: Tue, 27 Dec 2022 23:19:58 GMT
etag: "21dbc-93bb-5f0d77d862888"
content-encoding: gzip
cache-control: public, max-age=86400
content-type: text/javascript
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 29 Dec 2022 13:42:14 GMT
age: 51658
x-served-by: cache-iad-kjyo7100087-IAD, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 217
x-timer: S1672321334.317091,VS0,VE0
vary: Accept-Encoding
content-length: 12876
X-Firefox-Spdy: h2

static.ads-twitter.com/uwt.js

151.101.84.157

200 OK

15 kB

URL HTTP/2
static.ads-twitter.com/uwt.js
IP
151.101.84.157:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (57596), with no line terminators
Size
15 kB (15375 bytes)
Hash
573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7

HTTP Headers

GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Thu, 29 Dec 2022 13:42:14 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

216.239.34.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.34.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 29 Dec 2022 12:41:11 GMT
expires: Thu, 29 Dec 2022 14:41:11 GMT
cache-control: public, max-age=7200
age: 3663
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&cb=32225382712832184term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue

52.42.124.195

200 OK

1.4 kB

URL HTTP/1.1
px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&cb=32225382712832184term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
IP
52.42.124.195:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2865)
Size
1.4 kB (1368 bytes)
Hash
97a3762c4cce404fce041f14fcca9043
885b65aaf261096c0cc48d3f633fd90734e76a1b
0070978e39ce129daee8aab1bde53f7b82e4ced54205cae01c0ec8e8ab75db20

HTTP Headers

GET /st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&cb=32225382712832184term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 29 Dec 2022 13:42:14 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=9a5935da-877e-11ed-aba1-ed947ac34bc9;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked

js.hs-analytics.net/analytics/1672321500000/20321369.js

104.17.70.176

200 OK

21 kB

URL HTTP/2
js.hs-analytics.net/analytics/1672321500000/20321369.js
IP
104.17.70.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (63471)
Size
21 kB (21077 bytes)
Hash
29f4302a0c5138873efb354ced670562
964f7e7bcf3434d38cf11c57f6250794de8b8e40
570a6c1ef072ec6856ddc5118201d886a3ab07a188125e482a78c584b204ddd3

HTTP Headers

GET /analytics/1672321500000/20321369.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:14 GMT
content-type: text/javascript
x-amz-id-2: Wn4sQQG5JSbMjhzNpG5mCMPjjXFRZEVNszO0cg14Hfvh5xM+oZArSAxYxcacoe1z4yv4CkngoFc=
x-amz-request-id: CNEP20Z6BSGCMRG0
last-modified: Fri, 16 Dec 2022 20:44:05 GMT
etag: W/"46a092a86520688319aebb0f04078657"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Thu, 29 Dec 2022 13:47:14 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7812f5336c830b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
04a781e0cb56524db58c4ce647062abd
7050526991f93f93ac794d4abfa25a0a50912f63
df8a997e78ec39192f4c204c28a00d817bd65f93708deecffc6e48babb39b99a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5443
Cache-Control: max-age=171790
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:14 GMT
Etag: "63ad8001-13a"
Expires: Sat, 31 Dec 2022 13:25:24 GMT
Last-Modified: Thu, 29 Dec 2022 11:54:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3170a27f6289d0ac397375d73e650d06
a84ddb95e9a87688d57c941cd69b32b4838111c0
bc4fd1c326ef3c9536dc29f70f2b4444e0184d4962e121bbee9b22ce3ee2b18f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120407
Date: Thu, 29 Dec 2022 13:42:14 GMT
Etag: "63acc0b4-1d7"
Expires: Fri, 30 Dec 2022 23:09:01 GMT
Last-Modified: Wed, 28 Dec 2022 22:18:28 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gGm9cz0O1mFlvbaxamg6UAIiqXRAz_qEWpdmS8lQOl1us9P2lrlv6g==
Age: 3033

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3170a27f6289d0ac397375d73e650d06
a84ddb95e9a87688d57c941cd69b32b4838111c0
bc4fd1c326ef3c9536dc29f70f2b4444e0184d4962e121bbee9b22ce3ee2b18f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Dec 2022 13:42:14 GMT
Last-Modified: Thu, 29 Dec 2022 12:39:44 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OM6xCZFVzSQzesIMK4ah4VIYlB_vYRJal7tsbWDnIfwuAgSt_X-oLA==
Age: 3751

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
7e0e23cd96127509f7b9fc4667e5d0c3
4506de62cee7d757da1e2912c7eee52e52bbd688
fbdb37ff71e7e0e8a800eb9dcd69e29f8027b5020d5f1d77641024e5c2831e85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6586
Cache-Control: max-age=95891
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:14 GMT
Etag: "63ac530f-116"
Expires: Fri, 30 Dec 2022 16:20:25 GMT
Last-Modified: Wed, 28 Dec 2022 14:30:39 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae7a6ba6b8ac3ba2437235b069951fa1
ab3b62d119fd6fb58fa5b682fdb6cfe4805a13d2
33d34c1e7b7804876806f1ed16a54592cc5af19d9117a5ba23ee0aefccdffe3a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33D34C1E7B7804876806F1ED16A54592CC5AF19D9117A5BA23EE0AEFCCDFFE3A"
Last-Modified: Thu, 29 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13245
Expires: Thu, 29 Dec 2022 17:22:59 GMT
Date: Thu, 29 Dec 2022 13:42:14 GMT
Connection: keep-alive

www.woopra.com/track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=pv&timeout=300000&idptnc=FwfXmLMdCYSy&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_path=%2Fend-of-tax-year-sale%2F&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_search=%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_domain=casetext.com&ce_uri=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_scroll%20depth=0.28189732812969076&ce_returning=false&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D

162.55.95.216

200 OK

61 B

URL HTTP/2
www.woopra.com/track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=pv&timeout=300000&idptnc=FwfXmLMdCYSy&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_path=%2Fend-of-tax-year-sale%2F&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_search=%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_domain=casetext.com&ce_uri=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_scroll%20depth=0.28189732812969076&ce_returning=false&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D
IP
162.55.95.216:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
de6e5ee247e19ff2d24b79b644c463ed
c90907c70ba09825ea5487a1c7d9adc01629c4d1
8a56cdaadc589bfc67cffca51bcfda514fb61dab05fa7d153eb961e142ad214c

HTTP Headers

GET /track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=pv&timeout=300000&idptnc=FwfXmLMdCYSy&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_path=%2Fend-of-tax-year-sale%2F&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_search=%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_url=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_domain=casetext.com&ce_uri=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_scroll%20depth=0.28189732812969076&ce_returning=false&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D HTTP/1.1
Host: www.woopra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 61
date: Thu, 29 Dec 2022 13:42:14 GMT
X-Firefox-Spdy: h2

t.co/i/adsct?bci=3&eci=2&event_id=7e34719b-0c2f-4b0b-bc52-8d4bc18cb56b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95adae23-f0e0-4b02-9462-9a2abfd356c4&tw_document_href=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2lyg&type=javascript&version=2.3.29

104.244.42.133

200 OK

86 kB

URL HTTP/2
t.co/i/adsct?bci=3&eci=2&event_id=7e34719b-0c2f-4b0b-bc52-8d4bc18cb56b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95adae23-f0e0-4b02-9462-9a2abfd356c4&tw_document_href=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2lyg&type=javascript&version=2.3.29
IP
104.244.42.133:0
ASN
#13414 TWITTER

File type
gzip compressed data, from Unix\012- data
Size
86 kB (86185 bytes)
Hash
724e28a67ce6cf7af8647ae5ec875060
fa6e1716deea316e0c37929a43d17ef0a3a8b30b
3bdadd1e239a95db9894b400dd8b392f0968ac8920a9565eeb05e14251db48df

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=7e34719b-0c2f-4b0b-bc52-8d4bc18cb56b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95adae23-f0e0-4b02-9462-9a2abfd356c4&tw_document_href=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2lyg&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:14 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=26f2ce50-b3d6-4835-81f0-cfc3e65bf618; Max-Age=63072000; Expires=Sat, 28 Dec 2024 13:42:14 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 441e8237794f1fbd
strict-transport-security: max-age=0
x-response-time: 106
x-connection-hash: 21dfa73264fee5f59b54a79e79b4d77f81c5477049ad18b143fa8054ee1c2f24
X-Firefox-Spdy: h2

api.segment.io/v1/p

52.26.96.136

200 OK

21 B

URL HTTP/2
api.segment.io/v1/p
IP
52.26.96.136:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
21 B (21 bytes)
Hash
90749a50019a27e1f32cebdbaa7a1bc1
8329e3339f928f8591024bb0f938dab99c0ad4b8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

HTTP Headers

POST /v1/p HTTP/1.1
Host: api.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/
Content-Type: text/plain
Origin: https://casetext.com
Content-Length: 2517
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:14 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: https://casetext.com
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2

api.segment.io/v1/t

52.26.96.136

200 OK

21 B

URL HTTP/2
api.segment.io/v1/t
IP
52.26.96.136:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
21 B (21 bytes)
Hash
90749a50019a27e1f32cebdbaa7a1bc1
8329e3339f928f8591024bb0f938dab99c0ad4b8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

HTTP Headers

POST /v1/t HTTP/1.1
Host: api.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/
Content-Type: text/plain
Origin: https://casetext.com
Content-Length: 2366
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:14 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: https://casetext.com
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2

cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js

143.204.48.96

200 OK

29 kB

URL HTTP/2
cdn.segment.com/analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type
data
Size
29 kB (28693 bytes)
Hash
a7d6525b4c6736c3f2e4cb50dab1ba09
9b5e10578761fbca453cfb29a5eb21cce42c6d18
ece273197e7716aaa255ad2f37e5a4698c7e475d4c124e819ead6dbb96405e1d

HTTP Headers

GET /analytics.js/v1/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/analytics.min.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Dec 2022 00:19:03 GMT
x-amz-version-id: MHx64wyukGuuulnXs6PlvX6YFowBmW21
server: AmazonS3
content-encoding: gzip
date: Thu, 29 Dec 2022 13:42:13 GMT
cache-control: public, max-age=120
etag: W/"48c979abbaf0b6ee1b8cf52e89808c26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OHvW0BoTqaMmpvRvip1dsU_V3m2CtTNmo46fRnHJIOrqa1zey_eXBg==
age: 35
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
e622a2c884dbda2da7113a68d3e7e6f4
732ab04dcffbca850764f09e23f47165b657857e
05294dd7229bb1357e7ccd780ca930835a09f13afc3c0b54b480622b0e652492

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5267
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:15 GMT
Last-Modified: Thu, 29 Dec 2022 12:14:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
59721b59cc9b1ca8a6912fbe8c0965e6
48c57aba883a922f73307298cb1e0fffdaf9fc14
abe26c7bdf8e53a497438255268053f758d7187e3657453614c73bda8c988f4e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4654
Cache-Control: max-age=151957
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:15 GMT
Etag: "63ad359e-118"
Expires: Sat, 31 Dec 2022 07:54:52 GMT
Last-Modified: Thu, 29 Dec 2022 06:37:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
063783e5dc92a42b4d4cd1dbee5d3e89
b2e5c2e2e3b163e86136109fe35a5c996e270e27
a35a08a0f77f45f858992903130b883953b4c05fe5550e4ebaf0d9a7f12f13c3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6380
Cache-Control: max-age=115509
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:15 GMT
Etag: "63aca080-118"
Expires: Fri, 30 Dec 2022 21:47:24 GMT
Last-Modified: Wed, 28 Dec 2022 20:01:04 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

gs.mountain.com/gs

35.81.162.201

200 OK

144 B

URL HTTP/1.1
gs.mountain.com/gs
IP
35.81.162.201:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
144 B (144 bytes)
Hash
1d3919bb68d02cdf1bba789ef79d3714
b1b342e9b192363d5045550609b2ce3974e7deb6
f9552a215225a62bc7941c6f8487d018f0fa716653c18db854aeeae1af1ba5d0

HTTP Headers

GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Cookie: guid=9a5935da-877e-11ed-aba1-ed947ac34bc9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 3
server: istio-envoy
connection: close

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7bcf5c29d9a41fcef095e8e239cc8af0
d54122e55ac3dbbbb3837fac5f507a578fcaa930
00600ca3059e762b57d1b4669bbfb24777a1c57a27f767d04841931dd3fd17d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4906
Cache-Control: max-age=106137
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:15 GMT
Etag: "63ac81a6-117"
Expires: Fri, 30 Dec 2022 19:11:12 GMT
Last-Modified: Wed, 28 Dec 2022 17:49:26 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7bcf5c29d9a41fcef095e8e239cc8af0
d54122e55ac3dbbbb3837fac5f507a578fcaa930
00600ca3059e762b57d1b4669bbfb24777a1c57a27f767d04841931dd3fd17d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5389
Cache-Control: max-age=106620
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:15 GMT
Etag: "63ac81a6-117"
Expires: Fri, 30 Dec 2022 19:19:15 GMT
Last-Modified: Wed, 28 Dec 2022 17:49:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7e34719b-0c2f-4b0b-bc52-8d4bc18cb56b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95adae23-f0e0-4b02-9462-9a2abfd356c4&tw_document_href=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2lyg&type=javascript&version=2.3.29

104.244.42.3

200 OK

43 B

URL HTTP/2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7e34719b-0c2f-4b0b-bc52-8d4bc18cb56b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95adae23-f0e0-4b02-9462-9a2abfd356c4&tw_document_href=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2lyg&type=javascript&version=2.3.29
IP
104.244.42.3:0
ASN
#13414 TWITTER

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

HTTP Headers

GET /i/adsct?bci=3&eci=2&event_id=7e34719b-0c2f-4b0b-bc52-8d4bc18cb56b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95adae23-f0e0-4b02-9462-9a2abfd356c4&tw_document_href=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2lyg&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:14 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_fx4uWFUX7R+scu40rL5Exg=="; Max-Age=63072000; Expires=Sat, 28 Dec 2024 13:42:15 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: b6345b7af912b435
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 2014644437110651bd7c80ece8a1499025af9a5a3907944c295bdf6fa10167ae
X-Firefox-Spdy: h2

nexus-websocket-a.intercom.io/pubsub/5-FTz1WDdCZ1CVyAAK4MXPmnMFWx9YthM1aksfdZ5p7eTNy4YYOsH0WWUjFHYVzQ9ZrMTYI2Lp2ZMBsx8DQfbyhVRyLspqyDWSluOD?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined

34.237.73.95

101 Switching Protocols

0 B

URL HTTP/1.1
nexus-websocket-a.intercom.io/pubsub/5-FTz1WDdCZ1CVyAAK4MXPmnMFWx9YthM1aksfdZ5p7eTNy4YYOsH0WWUjFHYVzQ9ZrMTYI2Lp2ZMBsx8DQfbyhVRyLspqyDWSluOD?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined
IP
34.237.73.95:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pubsub/5-FTz1WDdCZ1CVyAAK4MXPmnMFWx9YthM1aksfdZ5p7eTNy4YYOsH0WWUjFHYVzQ9ZrMTYI2Lp2ZMBsx8DQfbyhVRyLspqyDWSluOD?X-Nexus-New-Client=true&X-Nexus-Version=0.9.0&user_role=undefined HTTP/1.1
Host: nexus-websocket-a.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://casetext.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3n8TNTXzO/OpvwgK+6DUYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Thu, 29 Dec 2022 13:42:15 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HUcdL30E4x2O6FGNSvtRMDkZBvI=
Sec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover

js.usemessages.com/conversations-embed.js

104.17.237.204

200 OK

21 kB

URL HTTP/2
js.usemessages.com/conversations-embed.js
IP
104.17.237.204:0
ASN
#13335 CLOUDFLARENET

File type
C source, ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20672 bytes)
Hash
d38b41003b0f2574de6b965123d244ac
7337929c94360c77f4a927a43700a820849916de
014326a9b1c1c380f3c6af65ed54b7cacd9f243f62037ca7b5d774ae7de66e73

HTTP Headers

GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Dec 2022 07:38:59 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: zFL9ePVKol2FHiQyTIIp8GqFQtgXkdvq
etag: W/"3f8937b5e0033972ae4f0d4dcf06cffa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: fkSXH1qvIwVH3zMfrgHIYc2lXAIHTRA0fexq-0ANtp-UYKnZbd3L-A==
age: 481
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11564/bundles/project.js&cfRay=7812aec97eebb523-IAD
x-hs-target-asset: conversations-embed/static-1.11564/bundles/project.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 7812f5388c4d0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

api-iam.intercom.io/messenger/web/ping

52.22.156.216

200 OK

2.3 kB

URL HTTP/2
api-iam.intercom.io/messenger/web/ping
IP
52.22.156.216:0
ASN
#14618 AMAZON-AES

File type
data
Size
2.3 kB (2318 bytes)
Hash
472ff342971f9aa14f32e5f502f85d2e
d0bc4a5688f03f2ebb3320fbb7d3d188e4c159d2
80d99cf5e45bd442197159ef3f70d418d2d28451e7dc72807ea20fc2547516a5

HTTP Headers

POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 981
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1672321340
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13323
access-control-allow-origin: https://casetext.com
vary: Accept,Accept-Encoding
x-intercom-version: bf3e36ce104081d44937329b19fde07c6fb3ed23
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 00018uresggn88f6n1v0
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"46c30fd0fca7c0377f881a8bb0611ecf"
x-runtime: 0.238087
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-054b48e626e6a2971
X-Firefox-Spdy: h2

api.hubspot.com/livechat-public/v1/message/public?portalId=20321369&conversations-embed=static-1.11564&mobile=false&messagesUtk=283319c8b13f41ad874b366306d09a23&traceId=283319c8b13f41ad874b366306d09a23&referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU

104.19.154.83

200 OK

301 B

URL HTTP/2
api.hubspot.com/livechat-public/v1/message/public?portalId=20321369&conversations-embed=static-1.11564&mobile=false&messagesUtk=283319c8b13f41ad874b366306d09a23&traceId=283319c8b13f41ad874b366306d09a23&referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU
IP
104.19.154.83:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (401), with no line terminators
Size
301 B (301 bytes)
Hash
2e9bc788deede9d55a163fd72135f566
42b3bfb62f458f6722e788ada487348dc605d432
e8552465a1a267bb5804e683f20a99f4123a625a0d1d77a87a00897d92d52ac6

HTTP Headers

GET /livechat-public/v1/message/public?portalId=20321369&conversations-embed=static-1.11564&mobile=false&messagesUtk=283319c8b13f41ad874b366306d09a23&traceId=283319c8b13f41ad874b366306d09a23&referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU HTTP/1.1
Host: api.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-HubSpot-Messages-Uri: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
content-type: application/json;charset=utf-8
content-length: 301
cf-ray: 7812f539faf1b51e-OSL
access-control-allow-origin: https://casetext.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-hubspot-correlation-id: e2605666-807e-4269-aafe-f5588cc590d0
x-trace: 2B16253A6811A6B931FF94367A8C3B1CD7D9BAAF3F000000000000000000
set-cookie: __cf_bm=GfoFRwYEQMrjJicCjbdK4k2YRj6Njt.knxfgI5q44NI-1672321335-0-AQJYqo6KcMU6d5TVYIikbM0jaMTu+3u3wMuBDfk/KQm5j5PXg49P4/fMQB7aWCoJ8Y4K+rlzLfuCMS2C1I4tJvU=; path=/; expires=Thu, 29-Dec-22 14:12:15 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzwFL%2Bf6KQjaWJq2fv9AOevqvJkNAhM5VgUgbGGsGX8XPuHABM%2FeUNkSu7b9ZN2XBhzFlkrMyZrIYwn3EChq%2FqeIRBqZvL4%2BSN8bmacaQjQT6j4soqVGGjSBDZQ7Q9aNGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
40a2c8de87734a6ee24a433bec44b8a5
596a7ea8a0ca3a55e8893d324d8243a9208c0ab7
bf58facdcaff5e2e82d3fbf40ca4da98c2cac0b1d44384785b6490003ec4519c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5266
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Dec 2022 13:42:15 GMT
Last-Modified: Thu, 29 Dec 2022 12:14:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=20321369

104.17.203.204

200 OK

378 B

URL HTTP/2
api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=20321369
IP
104.17.203.204:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
378 B (378 bytes)
Hash
db9992a1f97df8c1165e995cc3748e10
20e3fc7b1605a56da4e8856c29bbb002f7a9dc22
e0e14e46d4a6474d33fd1f103612f475cf471786814abc952093e5f69a4db232

HTTP Headers

GET /hs-script-loader-public/v1/config/pixel/json?portalId=20321369 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
content-type: application/json;charset=utf-8
cf-ray: 7812f53b2ae2b524-OSL
access-control-allow-origin: https://casetext.com
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: d68d15e9-3c6b-4fd4-a8c4-c2b53e2f24f8
x-trace: 2B3DC2D038094DFC7CCEE436704F77EECCFDE8EC27000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGtfdoYqdKCd4hxyZRDcJTBCIgFoo9gm0qc%2BvsifegG8CdbZkwVtt%2BA%2BBtrqZkQsQTj4GLcFCv6Hspee4AszdHNHv8EhC3cp%2Bx1n%2FTX8w9CAbx6YUBoKg3vdiTfMxDXS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.woopra.com/track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=Viewed%20Page&timeout=300000&idptnc=YR3EaobNlNOl&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_url=%2Fend-of-tax-year-sale%2F%3F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_nonInteraction=1&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522%252Fend-of-tax-year-sale%252F%253F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D

162.55.95.216

200 OK

61 B

URL HTTP/2
www.woopra.com/track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=Viewed%20Page&timeout=300000&idptnc=YR3EaobNlNOl&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_url=%2Fend-of-tax-year-sale%2F%3F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_nonInteraction=1&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522%252Fend-of-tax-year-sale%252F%253F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D
IP
162.55.95.216:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
de6e5ee247e19ff2d24b79b644c463ed
c90907c70ba09825ea5487a1c7d9adc01629c4d1
8a56cdaadc589bfc67cffca51bcfda514fb61dab05fa7d153eb961e142ad214c

HTTP Headers

GET /track/ce/?project=casetext.com&instance=woopra&meta=&screen=1280x1024&language=en-US&app=js-client&referer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&cookie=bFkogRkZQ1HD&event=Viewed%20Page&timeout=300000&idptnc=YR3EaobNlNOl&ce_campaign_name=Q422-EOYTaxSale&ce_campaign_content=Q4-SMBEOYTaxsaletouch2&ce_campaign_medium=Iterable&ce_campaign_source=email&ce_campaign_term=cta2save30now&ce_url=%2Fend-of-tax-year-sale%2F%3F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&ce_referrer=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&ce_title=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ce_nonInteraction=1&context=%257B%2522page%2522%253A%257B%2522path%2522%253A%2522%252Fend-of-tax-year-sale%252F%2522%252C%2522referrer%2522%253A%2522https%253A%252F%252Fcasetext.com%252Fend-of-tax-year-sale%252F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2526__cf_chl_tk%253DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU%2522%252C%2522search%2522%253A%2522%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%252C%2522title%2522%253A%2522Sign%2520up%2520for%2520Casetext%2520by%2520December%252031%2520to%2520lock%2520in%252030%2525%2520off%2520%257C%2520Casetext%2522%252C%2522url%2522%253A%2522%252Fend-of-tax-year-sale%252F%253F%253Futm_campaign%253DQ422-EOYTaxSale%2526utm_source%253Demail%2526utm_medium%253DIterable%2526utm_term%253Dcta2save30now%2526utm_content%253DQ4-SMBEOYTaxsaletouch2%2522%257D%257D HTTP/1.1
Host: www.woopra.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 61
date: Thu, 29 Dec 2022 13:42:15 GMT
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41954442-1&cid=1600163763.1672321325&jid=724550186&gjid=1252713167&_gid=684628252.1672321329&_u=aCDAgEADQAAAAEgCIAB~&z=411279345

209.85.233.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41954442-1&cid=1600163763.1672321325&jid=724550186&gjid=1252713167&_gid=684628252.1672321329&_u=aCDAgEADQAAAAEgCIAB~&z=411279345
IP
209.85.233.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-41954442-1&cid=1600163763.1672321325&jid=724550186&gjid=1252713167&_gid=684628252.1672321329&_u=aCDAgEADQAAAAEgCIAB~&z=411279345 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://casetext.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Dec 2022 13:42:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1672321334352559&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672321335064

52.42.124.195

200 OK

1.5 kB

URL HTTP/1.1
px.mountain.com/st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1672321334352559&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672321335064
IP
52.42.124.195:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (6485), with no line terminators
Size
1.5 kB (1502 bytes)
Hash
6048bf872c6d4bb7c9e3541e4342d66c
d3a8c56ceb80426fcd5757fd26b0106773e7d855
bad1a83c7ba4314f913c9830534ff7956cfca6e4874c38084cd996a2c03c3247

HTTP Headers

GET /st?ga_tracking_id=UA-41954442-1&shpt=Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext&ga_info=%7B%22status%22%3A%22FAILED%22%2C%22ga_tracking_id%22%3A%22UA-41954442-1%22%2C%22shpt%22%3A%22Sign%20up%20for%20Casetext%20by%20December%2031%20to%20lock%20in%2030%25%20off%20%7C%20Casetext%22%2C%22dcm_cid%22%3A%221672321324.1%22%2C%22ga_utm_campaign%22%3A%22Q422-EOYTaxSale%22%2C%22ga_utm_source%22%3A%22email%22%2C%22ga_utm_medium%22%3A%22Iterable%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A29%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%2C%22message%22%3A%22Could%20not%20evaluate%20some%20of%20the%20GA%20parameters%20due%20to%20timeout%20reached%20(3000ms).%20Check%20the%20execution_workflow%20for%20details.%22%7D&dcm_cid=1672321324.1&dxver=4.0.0&shaid=32220&tdr=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2%26__cf_chl_tk%3DjTvnPzt5HHcujj.ZzE7SOqRnXwC9sQI1huer.jHiN5A-1672321327-0-gaNycGzNCCU&plh=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1672321334352559&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1672321335064 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Cookie: guid=9a5935da-877e-11ed-aba1-ed947ac34bc9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWMjYyMjKIN7IwtlCyMjQzNzI2MjQ2NjU3M9dR8guKh8qaWxorWRnoKJUpWRkhi4N1GdQCACLbHThGAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
rt="MzIyMjA6MTY3MjMyMTMzNQ==";Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=9a5935da-877e-11ed-aba1-ed947ac34bc9;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 16
server: istio-envoy
connection: close
transfer-encoding: chunked

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
84a08f3e114e275cabf6044f7837f860
ef08da1eeb128197122b07a1331fc0adf6b70cd0
e745e45f1b218776f4dddf6246c11dc55ea5e73adb94a739e209ea8536148680

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Dec 2022 13:42:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 02 Jan 2023 10:46:58 GMT
ETag: "ef08da1eeb128197122b07a1331fc0adf6b70cd0"
Last-Modified: Thu, 29 Dec 2022 10:46:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 784
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7812f53dda580b4d-OSL

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
84a08f3e114e275cabf6044f7837f860
ef08da1eeb128197122b07a1331fc0adf6b70cd0
e745e45f1b218776f4dddf6246c11dc55ea5e73adb94a739e209ea8536148680

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Dec 2022 13:42:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 02 Jan 2023 10:46:58 GMT
ETag: "ef08da1eeb128197122b07a1331fc0adf6b70cd0"
Last-Modified: Thu, 29 Dec 2022 10:46:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 784
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7812f53dea600b4d-OSL

match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=9a5935da-877e-11ed-aba1-ed947ac34bc9&gdpr=&gdpr_consent=

15.197.193.217

200 OK

70 B

URL HTTP/2
match.adsrvr.org/track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=9a5935da-877e-11ed-aba1-ed947ac34bc9&gdpr=&gdpr_consent=
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
70 B (70 bytes)
Hash
58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

HTTP Headers

GET /track/cmf/generic?ttd_pid=steelhouse&ttd_tpi=1&ttd_puid=9a5935da-877e-11ed-aba1-ed947ac34bc9&gdpr=&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:16 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

js.intercomcdn.com/vendor.4f3408a9.js

54.230.111.118

200 OK

0 B

URL HTTP/2
js.intercomcdn.com/vendor.4f3408a9.js
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vendor.4f3408a9.js HTTP/1.1
Host: js.intercomcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 108270
last-modified: Thu, 22 Dec 2022 14:56:07 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: DN7HCDsbJX5aGDzfQxMN04PTwzDBZs8D
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Dec 2022 12:08:10 GMT
cache-control: max-age=31536000, s-maxage=7200, public
etag: "a82999b28a397ab7aae82648a0da1bea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GHKPuheG5Xq88zja6Q1r-14udcTbrZ4AeLAlPsSPVKS95_36LqUgKQ==
age: 5644
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

casetext.com/cdn-cgi/challenge-platform/h/g/pat/7812f5097f8eb4ee/1672321328060/bb02aaa82ca841769ac103d544b67b072d8ce0f6b711e7d44ffc129811b2287c/NXusIJlE7Ghs7Iz

172.66.43.64

401 Unauthorized

0 B

URL HTTP/2
casetext.com/cdn-cgi/challenge-platform/h/g/pat/7812f5097f8eb4ee/1672321328060/bb02aaa82ca841769ac103d544b67b072d8ce0f6b711e7d44ffc129811b2287c/NXusIJlE7Ghs7Iz
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/pat/7812f5097f8eb4ee/1672321328060/bb02aaa82ca841769ac103d544b67b072d8ce0f6b711e7d44ffc129811b2287c/NXusIJlE7Ghs7Iz HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Connection: keep-alive
Cookie: cf_chl_2=b5cf492799abeca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 401 Unauthorized
date: Thu, 29 Dec 2022 13:42:08 GMT
content-type: text/plain; charset=UTF-8
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20guwKqqCyoQXaawQPVRLZ7By2M4Pa3EefUT_wSmBGyKHwADGNhc2V0ZXh0LmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAxI23N9dHPV5pUViLmURuq16ZuftCiP9kaEJporcBwHIenBJmt2_wSCufslAU75nQo5Bi9MNHgbp8ZgtC1ervZMjlRduhYII-ZgxoL4RgvDvYhcPWfz5kvkrgr4nR__ge9VZAaBVwhlbB4_ZstiXzjUR5vNLG_wbEHcxi8IcWVXqZIG9pAUqp0-0IRjFFuWYSPm25VM4C0d1nPO5RfF8OK_X7yA9ZrbfucoW3t9KzvWBp7YvXMtuhNiufkWs2pJuom4lCx-PCwDbbep3aZWUPCaZoWT61VkrwzxjB57rsYtLoOgODcC4mFxYTs5uaVEj1eK59dBEzNbOvLJt7OSRNnwIDAQAB, max-age=15
vary: Accept-Encoding
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f50f3ecfb4ee-OSL
X-Firefox-Spdy: h2

js-na1.hs-scripts.com/20321369.js

104.17.212.204

200 OK

0 B

URL HTTP/2
js-na1.hs-scripts.com/20321369.js
IP
104.17.212.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /20321369.js HTTP/1.1
Host: js-na1.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2BCBCEBAB17CDEB942D45707B95A1AEED0D6DEA87A000000000000000000
cache-control: public, max-age=30
vary: origin, Accept-Encoding
x-hubspot-correlation-id: c8643988-742d-4782-8b69-0e5acdb987e5
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://casetext.com
last-modified: Thu, 29 Dec 2022 13:37:22 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 7812f5362ba5b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

script.crazyegg.com/pages/scripts/0089/7395.js

104.19.147.8

200 OK

0 B

URL HTTP/2
script.crazyegg.com/pages/scripts/0089/7395.js
IP
104.19.147.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pages/scripts/0089/7395.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:10 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.16
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 29 Dec 2022 13:10:17 GMT
timing-allow-origin: *
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7812f51aace8b4f3-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.segment.com/v1/projects/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/settings

143.204.48.96

200 OK

0 B

URL HTTP/2
cdn.segment.com/v1/projects/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/settings
IP
143.204.48.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/projects/a8ooLqo6w5KvZREvGgGiflZu1MlaErkk/settings HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 18:59:02 GMT
x-amz-version-id: fnk6NHYDBACLAGAeOVTJmq_YSxPGp9DT
server: AmazonS3
content-encoding: br
date: Thu, 29 Dec 2022 13:06:34 GMT
cache-control: public, max-age=10800
etag: W/"2cb2815a68735b48b5febc4e92791d31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: h5ZG8iRetUXg3LnIYd0pOqcH7YigKSw7g1FfXuCrXnBJh6QgAhqrFw==
age: 2140
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/253028,3674196/domain/casetext.com/token

143.204.55.71

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/253028,3674196/domain/casetext.com/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/253028,3674196/domain/casetext.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Thu, 29 Dec 2022 12:46:11 GMT
access-control-allow-origin: *
cache-control: public, max-age=25697
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OogfR9_4pEg2BaYWHyanThnW8sIOfsTAIMMHfcMKUwZZ4BS1Ik1cVw==
age: 3363
X-Firefox-Spdy: h2

js.hs-banner.com/v2/20321369/banner.js

104.18.33.171

200 OK

0 B

URL HTTP/2
js.hs-banner.com/v2/20321369/banner.js
IP
104.18.33.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/20321369/banner.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:15 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: 3NJncZFro90ph/Tr9KBFFZaRXVaqYInfiBRuRnHa1WBrNNO9YrtTa62rf3DCd3a+30PL6gX4x+E=
x-amz-request-id: 1DNDJTNC18EY5TDB
last-modified: Fri, 16 Dec 2022 20:44:04 GMT
etag: W/"ead60234ebef8c9a7e083ef98bb34ecb"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: QCX01tiYejK4n5c1Fm8fZ0eTFM2Nr.jz
access-control-allow-origin: https://casetext.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Thu, 29 Dec 2022 13:47:15 GMT
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7812f538890a0b69-OSL
content-encoding: br
X-Firefox-Spdy: h2

insight.adsrvr.org/track/evnt/?adv=udrkw28&ct=0:rmr94br&fmt=3

15.197.193.217

200 OK

0 B

URL HTTP/2
insight.adsrvr.org/track/evnt/?adv=udrkw28&ct=0:rmr94br&fmt=3
IP
15.197.193.217:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/evnt/?adv=udrkw28&ct=0:rmr94br&fmt=3 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:16 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

dev.visualwebsiteoptimizer.com/j.php?a=634530&u=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&f=1&r=0.17281047860969823

34.96.102.137

200 OK

0 B

URL HTTP/2
dev.visualwebsiteoptimizer.com/j.php?a=634530&u=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&f=1&r=0.17281047860969823
IP
34.96.102.137:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /j.php?a=634530&u=https%3A%2F%2Fcasetext.com%2Fend-of-tax-year-sale%2F%3Futm_campaign%3DQ422-EOYTaxSale%26utm_source%3Demail%26utm_medium%3DIterable%26utm_term%3Dcta2save30now%26utm_content%3DQ4-SMBEOYTaxsaletouch2&f=1&r=0.17281047860969823 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0, no-cache, must-revalidate
etag: W/"1671799691"
server: gams1
timing-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

casetext.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2411273445071274:1672319146:gXEW13Y2DaNHmfTC04bqD9NBYJSMt3tk4tf2SelTEsw/7812f5097f8eb4ee/b5cf492799abeca

172.66.43.64

200 OK

0 B

URL HTTP/2
casetext.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.2411273445071274:1672319146:gXEW13Y2DaNHmfTC04bqD9NBYJSMt3tk4tf2SelTEsw/7812f5097f8eb4ee/b5cf492799abeca
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.2411273445071274:1672319146:gXEW13Y2DaNHmfTC04bqD9NBYJSMt3tk4tf2SelTEsw/7812f5097f8eb4ee/b5cf492799abeca HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Content-type: application/x-www-form-urlencoded
CF-Challenge: b5cf492799abeca
Content-Length: 1897
Origin: https://casetext.com
Connection: keep-alive
Cookie: cf_chl_2=b5cf492799abeca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:08 GMT
content-type: text/plain; charset=UTF-8
cf_chl_gen: gWaQNirHVNIC1+vGKhLp+Sa4fkd+3Koi2VgX/6IjMw6C3xqIJjzal+P5+TyLToM8aIVP0ISiEWlWbRvBrNpvG77xIH6riB8OKO+qFzQ6pNTctcqmgcDvEZUiKAT7kQwi9KtMwquM0xaUZC9491Hn0rHBA/7x1CylYyupGA3IqES739jd7M66Kg6UJ4P2D+GS7bzLKMGvOL2qawCy1G7QiM0/2WX3LWwib/J8dbHnkrsy8WY6dZQAsLjzJ8Nh/gypL/rh1ZhIVzBhDzCrc0+Lr0ZYd5NOfccMrBWUMBSb7jN0yNPig8WVxAKi//7dYmKs3yhrweH0CN97Avpn6AQccQ==$izYAd0PqDHOKCfu4IEkrTg==
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f50c4b3db4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css?ver=5.8.6

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css?ver=5.8.6
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.3.1/css/bootstrap.min.css?ver=5.8.6 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 08/15/2022 13:52:49
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 8dd2525f1d29c64132f2416cc6ef442f
cdn-cache: HIT
cf-cache-status: HIT
age: 6272435
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7812f516cc69b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2

172.66.43.64

503 Service Unavailable

0 B

URL HTTP/2
casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2 HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 503 Service Unavailable
date: Thu, 29 Dec 2022 13:42:07 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 7812f5097f8eb4ee-OSL
X-Firefox-Spdy: h2

casetext.com/cdn-cgi/styles/challenges.css

172.66.43.64

200 OK

0 B

URL HTTP/2
casetext.com/cdn-cgi/styles/challenges.css
IP
172.66.43.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: casetext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casetext.com/end-of-tax-year-sale/?utm_campaign=Q422-EOYTaxSale&utm_source=email&utm_medium=Iterable&utm_term=cta2save30now&utm_content=Q4-SMBEOYTaxsaletouch2
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:07 GMT
content-type: text/css
last-modified: Tue, 20 Dec 2022 16:36:00 GMT
etag: W/"63a1e470-1896"
server: cloudflare
cf-ray: 7812f50b1977b4ee-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Thu, 29 Dec 2022 15:42:07 GMT
cache-control: max-age=7200, public
content-encoding: gzip
X-Firefox-Spdy: h2

api-iam.intercom.io/messenger/web/ping

52.22.156.216

200 OK

0 B

URL HTTP/2
api-iam.intercom.io/messenger/web/ping
IP
52.22.156.216:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /messenger/web/ping HTTP/1.1
Host: api-iam.intercom.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 868
Origin: https://casetext.com
Connection: keep-alive
Referer: https://casetext.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Dec 2022 13:42:14 GMT
content-type: application/json; charset=utf-8
status: 200 OK
cache-control: max-age=0, private, must-revalidate
x-ratelimit-limit: 13333
x-ratelimit-reset: 1672321340
strict-transport-security: max-age=31556952; includeSubDomains; preload
x-ratelimit-remaining: 13324
access-control-allow-origin: https://casetext.com
vary: Accept,Accept-Encoding
x-intercom-version: bf3e36ce104081d44937329b19fde07c6fb3ed23
x-xss-protection: 1; mode=block
content-encoding: gzip
x-request-id: 0000h7keukcogppqluh0
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
etag: W/"7ebbbc44cc93a234e9ca60fe8e0a021b"
x-runtime: 0.539053
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
server: nginx
x-ami-version: ami-054b48e626e6a2971
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (74)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations