Overview

URL corp-sso.net/
IP20.88.160.31
ASNMICROSOFT-CORP-MSN-AS-BLOCK
Location United States
Report completed2022-09-30 20:28:01 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-30 2 corp-sso.net/ AT&T Inc.
2022-09-30 2 corp-sso.net/ AT&T Inc.
2022-09-30 2 corp-sso.net/ AT&T Inc.
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-30 2 corp-sso.net/ Phishing
2022-09-30 2 corp-sso.net/ Phishing
2022-09-30 2 corp-sso.net/cdn.cookielaw.org/consent/57b791a9-a472-4345-a9a8-bbb0b026a72f (...) Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (49)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS cookies-data.onetrust.io (1) 106060 2021-07-20 11:01:34 UTC 2022-09-30 06:49:27 UTC 104.18.32.192
mnemonic passive DNS www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-09-30 15:16:21 UTC 142.250.74.46
mnemonic passive DNS snap.licdn.com (1) 1044 2014-10-06 08:43:45 UTC 2022-09-30 08:33:25 UTC 23.36.76.210
mnemonic passive DNS static.ads-twitter.com (1) 614 2017-01-30 05:00:15 UTC 2022-09-30 13:26:00 UTC 151.101.84.157
mnemonic passive DNS www.googletagservices.com (1) 169 2021-02-14 03:54:38 UTC 2022-09-30 14:53:46 UTC 142.250.74.130
mnemonic passive DNS analytics.twitter.com (1) 526 2013-04-10 19:53:18 UTC 2022-09-30 13:26:01 UTC 104.244.42.195
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 17:00:01 UTC 143.204.55.36
mnemonic passive DNS www.rackspace.com (32) 268566 2012-07-27 15:33:22 UTC 2022-09-26 13:20:29 UTC 92.122.65.139
mnemonic passive DNS c.bing.com (1) 247 2012-05-22 10:26:32 UTC 2022-09-30 05:30:25 UTC 13.107.21.200
mnemonic passive DNS static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2022-09-30 05:30:22 UTC 54.230.111.8
mnemonic passive DNS www.linkedin.com (1) 608 2014-04-09 13:16:08 UTC 2022-09-30 08:33:25 UTC 13.107.42.14
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-30 04:55:34 UTC 157.240.221.35
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-30 04:55:42 UTC 157.240.221.16
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-30 04:55:45 UTC 142.250.74.72
mnemonic passive DNS adservice.google.no (1) 96969 2017-09-26 14:23:08 UTC 2022-09-30 04:55:56 UTC 142.250.74.98
mnemonic passive DNS pagead2.googlesyndication.com (1) 101 2021-02-20 15:52:05 UTC 2022-09-30 17:45:16 UTC 142.250.74.34
mnemonic passive DNS www.google.no (3) 25607 2016-04-05 19:50:59 UTC 2022-09-30 04:57:04 UTC 142.250.74.3
mnemonic passive DNS cdn.cookielaw.org (10) 502 2013-12-28 13:20:36 UTC 2022-09-30 12:43:23 UTC 104.16.149.64
mnemonic passive DNS ocsp.pki.goog (16) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS geolocation.onetrust.com (1) 802 2018-02-07 11:23:41 UTC 2022-09-30 12:43:24 UTC 104.18.41.98
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-30 16:35:12 UTC 142.250.74.164
mnemonic passive DNS script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-09-30 14:17:21 UTC 143.204.55.46
mnemonic passive DNS ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 34.160.144.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS b.clarity.ms (2) 3462 2021-07-27 12:49:08 UTC 2022-09-30 05:59:03 UTC 20.75.32.255
mnemonic passive DNS api3488.d41.co (2) 708383 2022-03-15 12:09:10 UTC 2022-07-03 08:34:33 UTC 35.153.151.203
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-30 13:49:02 UTC 34.120.237.76
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-30 04:55:54 UTC 64.233.165.157
mnemonic passive DNS in.hotjar.com (1) 1746 2018-10-22 17:15:59 UTC 2022-09-30 07:39:17 UTC 52.30.245.126
mnemonic passive DNS ocsp.digicert.com (13) 86 2012-05-21 07:02:23 UTC 2022-09-30 15:21:19 UTC 93.184.220.29
mnemonic passive DNS 4361691.fls.doubleclick.net (1) 646736 2014-02-17 04:16:12 UTC 2022-09-29 07:53:46 UTC 142.250.74.70
mnemonic passive DNS bat.bing.com (2) 387 2014-04-08 09:23:16 UTC 2022-09-30 04:57:12 UTC 13.107.21.200
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-30 05:54:11 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS googleads4.g.doubleclick.net (1) 274 2013-09-12 05:26:49 UTC 2022-09-30 17:02:44 UTC 142.250.74.162
mnemonic passive DNS www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2022-09-30 04:57:12 UTC 13.107.246.53
mnemonic passive DNS corp-sso.net (3) 0 2022-09-28 14:13:50 UTC 2022-09-30 15:35:53 UTC 20.88.160.31 Unknown ranking
mnemonic passive DNS adservice.google.com (1) 76 2021-02-20 16:10:48 UTC 2022-09-30 17:45:17 UTC 142.250.74.162
mnemonic passive DNS alb.reddit.com (1) 1521 2017-06-15 05:33:56 UTC 2022-09-30 15:18:00 UTC 151.101.85.140
mnemonic passive DNS vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-09-30 11:37:16 UTC 143.204.55.20
mnemonic passive DNS googleads.g.doubleclick.net (2) 42 2021-02-20 15:43:32 UTC 2022-09-30 13:56:09 UTC 216.58.207.226
mnemonic passive DNS c.clarity.ms (2) 803 2021-02-03 23:22:47 UTC 2022-09-30 05:30:25 UTC 20.234.93.27
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 34.215.107.141
mnemonic passive DNS www.redditstatic.com (1) 1440 2012-06-30 12:33:28 UTC 2022-09-30 15:17:59 UTC 151.101.85.140
mnemonic passive DNS ad.doubleclick.net (1) 186 2013-05-06 20:24:43 UTC 2022-09-30 13:56:09 UTC 216.58.207.198
mnemonic passive DNS px.ads.linkedin.com (2) 522 2017-08-08 16:28:50 UTC 2022-09-30 08:33:25 UTC 13.107.42.14
mnemonic passive DNS t.co (1) 569 2012-07-25 19:09:44 UTC 2022-09-30 13:31:20 UTC 104.244.42.197
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.77.32
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-30 17:50:54 UTC 142.250.74.174


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 20.88.160.31

Date UQ / IDS / BL URL IP
2022-09-30 20:28:01 +0000
0 - 0 - 6 corp-sso.net/ 20.88.160.31

Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK

Date UQ / IDS / BL URL IP
2022-12-04 09:31:45 +0000
0 - 0 - 3 mmetamasmsk.azurewebsites.net/ 20.40.202.30
2022-12-04 09:31:17 +0000
0 - 0 - 1 94408j.com/ 20.187.89.147
2022-12-04 09:06:50 +0000
0 - 0 - 34 support.uoh.sa/ 40.114.227.126
2022-12-04 08:23:26 +0000
0 - 0 - 7 useraafcu00.ath.cx/login/verifymail/email_ide (...) 20.26.233.152
2022-12-04 08:00:53 +0000
19 - 0 - 10 portail-orange00.ddns.net/orange/534ecdc45b91 (...) 20.51.250.118

Last 1 reports on domain: corp-sso.net

Date UQ / IDS / BL URL IP
2022-09-30 20:28:01 +0000
0 - 0 - 6 corp-sso.net/ 20.88.160.31

No other reports with similar screenshot



JavaScript

Executed Scripts (52)


Executed Evals (40)

#1 JavaScript::Eval (size: 85, repeated: 1) - SHA256: c2dc78eb42c7d03aee6e7ade603fbd779d19ebe1a440f36edbd40d1df9ca3d10

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(94).hasAttribute("id")
})();
                                    

#2 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 4acfbeb30b7c208922f712096c1a8a24c6b6d6b89e1589ce44539dd3342a608b

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(2).hasAttribute("id")
})();
                                    

#3 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 8f82b5d4a6dc6eccee627c12724c3411f0c91f0102cf936e31a4e84f74152f33

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(45).hasAttribute("id")
})();
                                    

#4 JavaScript::Eval (size: 85, repeated: 1) - SHA256: dacaeeb9ee807d7f3cda923d859c872b6b5f875bdd5a087442480d997dc707b6

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(47).hasAttribute("id")
})();
                                    

#5 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 16a70fda9072fde3ba6d7c59d7edc139c8453b66e74afee1e73896180fe4f671

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(57).hasAttribute("id")
})();
                                    

#6 JavaScript::Eval (size: 79, repeated: 1) - SHA256: 4d96e8d27292608409a3f7176bcbf2cf2888734b41e4b74bb3a50c8d094cfda1

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(58).getRackUID()
})();
                                    

#7 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 9f963f460701e1452a1c9661a11afda28159b5727d5ba6dc6babdb72ba962c92

                                        (function() {
    return "".substring(0, 254)
})();
                                    

#8 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 4b4534ab00d6f9eed387ee55e28457c62b3be8ca838f7873ec460779e76d58ec

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(79).hasAttribute("id")
})();
                                    

#9 JavaScript::Eval (size: 84, repeated: 1) - SHA256: a4ad8fb6441d11811e151bb578e979cd30dd8901f5ed68359d1146f145208dc9

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(3).hasAttribute("id")
})();
                                    

#10 JavaScript::Eval (size: 82, repeated: 1) - SHA256: 5c062f872f85efcc68aa7dcf16b70b6658b311d02bb38e71087d2079d5db33e2

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(19) || document.title
})();
                                    

#11 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 60a2732bb577feb78c3e6faf484b8f26645e33c1ce0bda9566472c996abb9167

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(37).hasAttribute("id")
})();
                                    

#12 JavaScript::Eval (size: 85, repeated: 1) - SHA256: f6a8417bdc845f97cf8b517989699b082718bcade9729403fc115c2d96cb2522

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(14).hasAttribute("id")
})();
                                    

#13 JavaScript::Eval (size: 85, repeated: 1) - SHA256: bbf80da41fd81831849b1aa1c1b0aee9f2617aee513adc8ad12592de41dd8719

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(97).hasAttribute("id")
})();
                                    

#14 JavaScript::Eval (size: 124, repeated: 1) - SHA256: 35ae5dd3a6e7f4ab68739be7d20041239ff5dae0091765ca49fd336a5a8f77a0

                                        (function() {
    return navigator && !!navigator.doNotTrack && "unspecified" !== navigator.doNotTrack || window && !!window.doNotTrack
})();
                                    

#15 JavaScript::Eval (size: 5783, repeated: 1) - SHA256: 04c43cd36dc8f20e680cf9657b6a012f717eaa83cab3cdb4ca96b9e74a4c3807

                                        (function() {
    function R() {
        function G(g) {
            g += "\x3d";
            for (var k = document.cookie.split(";"), f = 0; f < k.length; f++) {
                for (var h = k[f];
                    " " == h.charAt(0);) h = h.substring(1, h.length);
                if (0 == h.indexOf(g)) return h.substring(g.length, h.length)
            }
            return null
        }

        function H(g, k, f) {
            var h = "";
            if (0 < f) {
                h = new Date;
                var q = h.getFullYear();
                f = q + f;
                h.setFullYear(f);
                h = h.toUTCString();
                h = "expires\x3d" + h + "; "
            }
            f = document.domain;
            f = f.split(".");
            f.shift();
            f = "." + f.join(".");
            g = g + "\x3d" + k + "; " + h + " path\x3d/; domain\x3d" + f + ";";
            document.cookie = g
        }

        function I() {
            if (!y) {
                y =
                    G(P);
                if (y) var g = y;
                else {
                    J = !0;
                    g = 1E3 * (new Date).getTime();
                    g = parseInt(g, 10).toString(16);
                    g = K.SHA256(g);
                    for (var k = [], f = 0; f < g.sigBytes; f++) {
                        var h = g.words[f >>> 2] >>> 24 - f % 4 * 8 & 255;
                        k.push((h >>> 4).toString(16));
                        k.push((h & 15).toString(16))
                    }
                    g = k.join("");
                    k = "US";
                    f = document.domain; - 1 < f.indexOf("rackspace.co.uk") ? k = "UK" : -1 < f.indexOf("rackspace.nl") && (k = "NL");
                    g = k + g.substr(0, 32)
                }
                y = g
            }
            return y
        }

        function S() {
            I();
            J && (H(P, I(), 20), J = !1)
        }

        function L() {
            if (!z) {
                z = G(Q);
                if (z) var g = z;
                else M = !0, g = (new Date).toISOString().replace(/-/gi,
                    "").replace(/:/gi, "").replace(/T/gi, "").split(".", 1)[0];
                z = g
            }
            return z
        }

        function T() {
            L();
            M && (H(Q, L(), 0), M = !1)
        }
        var P = "IS_UASrackuid",
            Q = "RackSID",
            y, z, J = !1,
            M = !1,
            K = K || function(g, k) {
                var f = {},
                    h = f.lib = {},
                    q = function() {},
                    r = h.Base = {
                        extend: function(a) {
                            q.prototype = this;
                            var c = new q;
                            a && c.mixIn(a);
                            c.hasOwnProperty("init") || (c.init = function() {
                                c.$super.init.apply(this, arguments)
                            });
                            c.init.prototype = c;
                            c.$super = this;
                            return c
                        },
                        create: function() {
                            var a = this.extend();
                            a.init.apply(a, arguments);
                            return a
                        },
                        init: function() {},
                        mixIn: function(a) {
                            for (var c in a) a.hasOwnProperty(c) &&
                                (this[c] = a[c]);
                            a.hasOwnProperty("toString") && (this.toString = a.toString)
                        },
                        clone: function() {
                            return this.init.prototype.extend(this)
                        }
                    },
                    t = h.WordArray = r.extend({
                        init: function(a, c) {
                            a = this.words = a || [];
                            this.sigBytes = c != k ? c : 4 * a.length
                        },
                        toString: function(a) {
                            return (a || A).stringify(this)
                        },
                        concat: function(a) {
                            var c = this.words,
                                d = a.words,
                                b = this.sigBytes;
                            a = a.sigBytes;
                            this.clamp();
                            if (b % 4)
                                for (var e = 0; e < a; e++) c[b + e >>> 2] |= (d[e >>> 2] >>> 24 - e % 4 * 8 & 255) << 24 - (b + e) % 4 * 8;
                            else if (65535 < d.length)
                                for (e = 0; e < a; e += 4) c[b + e >>> 2] = d[e >>>
                                    2];
                            else c.push.apply(c, d);
                            this.sigBytes += a;
                            return this
                        },
                        clamp: function() {
                            var a = this.words,
                                c = this.sigBytes;
                            a[c >>> 2] &= 4294967295 << 32 - c % 4 * 8;
                            a.length = g.ceil(c / 4)
                        },
                        clone: function() {
                            var a = r.clone.call(this);
                            a.words = this.words.slice(0);
                            return a
                        },
                        random: function(a) {
                            for (var c = [], d = 0; d < a; d += 4) c.push(4294967296 * g.random() | 0);
                            return new t.init(c, a)
                        }
                    }),
                    B = f.enc = {},
                    A = B.Hex = {
                        stringify: function(a) {
                            var c = a.words;
                            a = a.sigBytes;
                            for (var d = [], b = 0; b < a; b++) {
                                var e = c[b >>> 2] >>> 24 - b % 4 * 8 & 255;
                                d.push((e >>> 4).toString(16));
                                d.push((e &
                                    15).toString(16))
                            }
                            return d.join("")
                        },
                        parse: function(a) {
                            for (var c = a.length, d = [], b = 0; b < c; b += 2) d[b >>> 3] |= parseInt(a.substr(b, 2), 16) << 24 - b % 8 * 4;
                            return new t.init(d, c / 2)
                        }
                    },
                    u = B.Latin1 = {
                        stringify: function(a) {
                            var c = a.words;
                            a = a.sigBytes;
                            for (var d = [], b = 0; b < a; b++) d.push(String.fromCharCode(c[b >>> 2] >>> 24 - b % 4 * 8 & 255));
                            return d.join("")
                        },
                        parse: function(a) {
                            for (var c = a.length, d = [], b = 0; b < c; b++) d[b >>> 2] |= (a.charCodeAt(b) & 255) << 24 - b % 4 * 8;
                            return new t.init(d, c)
                        }
                    },
                    w = B.Utf8 = {
                        stringify: function(a) {
                            try {
                                return decodeURIComponent(escape(u.stringify(a)))
                            } catch (c) {
                                throw Error("Malformed UTF-8 data");
                            }
                        },
                        parse: function(a) {
                            return u.parse(unescape(encodeURIComponent(a)))
                        }
                    },
                    D = h.BufferedBlockAlgorithm = r.extend({
                        reset: function() {
                            this._data = new t.init;
                            this._nDataBytes = 0
                        },
                        _append: function(a) {
                            "string" == typeof a && (a = w.parse(a));
                            this._data.concat(a);
                            this._nDataBytes += a.sigBytes
                        },
                        _process: function(a) {
                            var c = this._data,
                                d = c.words,
                                b = c.sigBytes,
                                e = this.blockSize,
                                p = b / (4 * e);
                            p = a ? g.ceil(p) : g.max((p | 0) - this._minBufferSize, 0);
                            a = p * e;
                            b = g.min(4 * a, b);
                            if (a) {
                                for (var m = 0; m < a; m += e) this._doProcessBlock(d, m);
                                m = d.splice(0, a);
                                c.sigBytes -=
                                    b
                            }
                            return new t.init(m, b)
                        },
                        clone: function() {
                            var a = r.clone.call(this);
                            a._data = this._data.clone();
                            return a
                        },
                        _minBufferSize: 0
                    });
                h.Hasher = D.extend({
                    cfg: r.extend(),
                    init: function(a) {
                        this.cfg = this.cfg.extend(a);
                        this.reset()
                    },
                    reset: function() {
                        D.reset.call(this);
                        this._doReset()
                    },
                    update: function(a) {
                        this._append(a);
                        this._process();
                        return this
                    },
                    finalize: function(a) {
                        a && this._append(a);
                        return this._doFinalize()
                    },
                    blockSize: 16,
                    _createHelper: function(a) {
                        return function(c, d) {
                            return (new a.init(d)).finalize(c)
                        }
                    },
                    _createHmacHelper: function(a) {
                        return function(c,
                            d) {
                            return (new C.HMAC.init(a, d)).finalize(c)
                        }
                    }
                });
                var C = f.algo = {};
                return f
            }(Math);
        (function(g) {
            var k = K,
                f = k.lib,
                h = f.WordArray,
                q = f.Hasher;
            f = k.algo;
            for (var r = [], t = [], B = function(c) {
                    return 4294967296 * (c - (c | 0)) | 0
                }, A = 2, u = 0; 64 > u;) {
                a: {
                    var w = A;
                    for (var D = g.sqrt(w), C = 2; C <= D; C++)
                        if (!(w % C)) {
                            w = !1;
                            break a
                        }
                    w = !0
                }
                w && (8 > u && (r[u] = B(g.pow(A, .5))), t[u] = B(g.pow(A, 1 / 3)), u++);A++
            }
            var a = [];
            f = f.SHA256 = q.extend({
                _doReset: function() {
                    this._hash = new h.init(r.slice(0))
                },
                _doProcessBlock: function(c, d) {
                    for (var b = this._hash.words, e = b[0],
                            p = b[1], m = b[2], N = b[3], n = b[4], E = b[5], F = b[6], O = b[7], l = 0; 64 > l; l++) {
                        if (16 > l) a[l] = c[d + l] | 0;
                        else {
                            var v = a[l - 15],
                                x = a[l - 2];
                            a[l] = ((v << 25 | v >>> 7) ^ (v << 14 | v >>> 18) ^ v >>> 3) + a[l - 7] + ((x << 15 | x >>> 17) ^ (x << 13 | x >>> 19) ^ x >>> 10) + a[l - 16]
                        }
                        v = O + ((n << 26 | n >>> 6) ^ (n << 21 | n >>> 11) ^ (n << 7 | n >>> 25)) + (n & E ^ ~n & F) + t[l] + a[l];
                        x = ((e << 30 | e >>> 2) ^ (e << 19 | e >>> 13) ^ (e << 10 | e >>> 22)) + (e & p ^ e & m ^ p & m);
                        O = F;
                        F = E;
                        E = n;
                        n = N + v | 0;
                        N = m;
                        m = p;
                        p = e;
                        e = v + x | 0
                    }
                    b[0] = b[0] + e | 0;
                    b[1] = b[1] + p | 0;
                    b[2] = b[2] + m | 0;
                    b[3] = b[3] + N | 0;
                    b[4] = b[4] + n | 0;
                    b[5] = b[5] + E | 0;
                    b[6] = b[6] + F | 0;
                    b[7] = b[7] + O | 0
                },
                _doFinalize: function() {
                    var c =
                        this._data,
                        d = c.words,
                        b = 8 * this._nDataBytes,
                        e = 8 * c.sigBytes;
                    d[e >>> 5] |= 128 << 24 - e % 32;
                    d[(e + 64 >>> 9 << 4) + 14] = g.floor(b / 4294967296);
                    d[(e + 64 >>> 9 << 4) + 15] = b;
                    c.sigBytes = 4 * d.length;
                    this._process();
                    return this._hash
                },
                clone: function() {
                    var c = q.clone.call(this);
                    c._hash = this._hash.clone();
                    return c
                }
            });
            k.SHA256 = q._createHelper(f);
            k.HmacSHA256 = q._createHmacHelper(f)
        })(Math);
        return {
            readCookie: G,
            setCookie: H,
            getRackUID: I,
            setRackUID: S,
            getRackSID: L,
            setRackSID: T
        }
    }
    window.raxCookieHandler || (window.raxCookieHandler = R());
    return window.raxCookieHandler
})();
                                    

#16 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 9aa17c8311b93724eed1183fa5bed8ac6214ec76511deb9e75893419c819289d

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(28).hasAttribute("id")
})();
                                    

#17 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 0fe5ab66f542ded2e2e6263651c731451bf8cd12a89881a24cbe1b65b4cd7851

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(30).hasAttribute("id")
})();
                                    

#18 JavaScript::Eval (size: 84, repeated: 1) - SHA256: 604cec26bafa9868606d516667064f535782e203e4d6c6da7b20522c48309d87

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(4).hasAttribute("id")
})();
                                    

#19 JavaScript::Eval (size: 85, repeated: 1) - SHA256: cce3cff4e539ca75a8d1106d3623df8ad7aea0d7f76a9d7be2b021eef622d2c7

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(39).hasAttribute("id")
})();
                                    

#20 JavaScript::Eval (size: 85, repeated: 1) - SHA256: deade58191146627b9b37b951ac50ff1c16a8c5654c1a46098d20dd0cc50f710

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(88).hasAttribute("id")
})();
                                    

#21 JavaScript::Eval (size: 85, repeated: 1) - SHA256: b962c58e48a00cce58dc926b17bf1fda273914e14b683a5ce26b527d9ab15ebb

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(82).hasAttribute("id")
})();
                                    

#22 JavaScript::Eval (size: 85, repeated: 1) - SHA256: ec233cb8bc04e95aad21a1b55aeaf593027c2b7b0d4fc70365d5003c7fef5acd

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(16).hasAttribute("id")
})();
                                    

#23 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 94df765f5da36a15b3a62462975c1b02a3e4ba1c8f05cd2f573fec683108cbdd

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(41).hasAttribute("id")
})();
                                    

#24 JavaScript::Eval (size: 85, repeated: 1) - SHA256: e4ca53102a984765e205f002158a64215e93c89d5cec20aa644bf17cd06bcc20

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(51).hasAttribute("id")
})();
                                    

#25 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 13fe78b0ef871a9af1c1e517d91f68cb84d87b69bf3994452af4d4255385c994

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(53).hasAttribute("id")
})();
                                    

#26 JavaScript::Eval (size: 85, repeated: 1) - SHA256: fde6be5a860af601da257a721aae729bbf042dc4c0ad7da258829c4b0a5fb59d

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(55).hasAttribute("id")
})();
                                    

#27 JavaScript::Eval (size: 85, repeated: 1) - SHA256: a7a27e72aa1968b2c1dbf5c22ff1a63fac3968dd22a5887dd77bf88afb048352

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(91).hasAttribute("id")
})();
                                    

#28 JavaScript::Eval (size: 86, repeated: 1) - SHA256: 8fa560c81aebb4d310c6567e704d43ad449b4dbad835403e47b499ba7aceb665

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(103).hasAttribute("id")
})();
                                    

#29 JavaScript::Eval (size: 84, repeated: 1) - SHA256: cade74d898bbeb0b27311470b4837dea704d3200b8ce5333c758f6f27db6e168

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(6).hasAttribute("id")
})();
                                    

#30 JavaScript::Eval (size: 85, repeated: 1) - SHA256: b1bf231683df863da3091b1df3c82dd27a00639c989e80c440044508b0ec2261

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(11).hasAttribute("id")
})();
                                    

#31 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 3384593b230f2203dfd89053eb365e50d8250b5e208bd0976de8719225b30c77

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(25).hasAttribute("id")
})();
                                    

#32 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 89873b8108957d1ae96132d2e0ebeb7fc70ed62a57b386828ddf7e744b1bca52

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(43).hasAttribute("id")
})();
                                    

#33 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 5574f99a28a732dde2de59abf2c2eed1b23ec871b189284e448ccadde982faa6

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(85).hasAttribute("id")
})();
                                    

#34 JavaScript::Eval (size: 86, repeated: 1) - SHA256: c18db09578b4d54358f0bdba942429b2b9369a7c36547ce0abb15f4d393de1ff

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(100).hasAttribute("id")
})();
                                    

#35 JavaScript::Eval (size: 161, repeated: 1) - SHA256: bbe0e089cec935117a76bad06ac0d70c93e97b356fadd19a51f9de5fc6fc8b46

                                        (function() {
    return function() {
        window.dataLayer = window.dataLayer || [];
        window.dataLayer.push({
            event: "ga.pageview",
            ga_clientId: ga.getAll()[0].get("clientId")
        })
    }
})();
                                    

#36 JavaScript::Eval (size: 82, repeated: 1) - SHA256: a045c9645a8463a8eb0ba1b8e9d69683772129a2d65f742dd19b0b7e89d93c8e

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(17) || document.title
})();
                                    

#37 JavaScript::Eval (size: 85, repeated: 1) - SHA256: 8a45ba8cc3f70dd2a07e530c861635372a14cf965da48828191c06be9353dc92

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(49).hasAttribute("id")
})();
                                    

#38 JavaScript::Eval (size: 79, repeated: 1) - SHA256: 2e760303c23a74efda4903dc29f1d42a0abaacee6d3ac886694b8d8bd44af65b

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(59).getRackSID()
})();
                                    

#39 JavaScript::Eval (size: 79, repeated: 1) - SHA256: 1a21d094d417071c35d43a9a25453e7425b291882a9dd96d9bce0249acfcc580

                                        (function() {
    return google_tag_manager["GTM-M8LWJF"].macro(72).getRackUID()
})();
                                    

#40 JavaScript::Eval (size: 331, repeated: 1) - SHA256: 2650db02b9fbeeb9cc77b16002d9ce69996b948852ce7c8f6dd9fc6cf387828d

                                        (function() {
    var a = [];
    "undefined" !== typeof window.gaData[google_tag_manager["GTM-M8LWJF"].macro(74)].experiments && Object.keys(gaData[google_tag_manager["GTM-M8LWJF"].macro(75)].experiments).forEach(function(b) {
        var c = gaData[google_tag_manager["GTM-M8LWJF"].macro(76)].experiments[b];
        a.push([b, c].join(":"))
    });
    return a.join(", ")
})();
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 242, repeated: 1) - SHA256: afd180ff58fea345410abeaca22af880bb258ad0e9c760af274a2a90ecc709cb

                                        < iframe src = "https://4361691.fls.doubleclick.net/activityi;src=4361691;type=PageN-;cat=globa0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=8670032497161.926?"
width = "1"
height = "1"
frameborder = "0"
style = "display:none" > < /iframe>
                                    


HTTP Transactions (139)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: corp-sso.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         20.88.160.31
HTTP/1.1 302 Found
                                        
content-length: 0
location: https://corp-sso.net/
cache-control: no-cache


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - openphish: AT&T Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9909
Expires: Fri, 30 Sep 2022 23:12:58 GMT
Date: Fri, 30 Sep 2022 20:27:49 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 20:16:13 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: O3vD4u7zs39egf5WrzvmkU78gLkMm6CWOsYQxqlKbfMWC65yMFbZyw==
Age: 696


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E4CAB1657F3E7A3C2D219A7802955629F414AC772EA4576C30AA7A71533A10C7"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6519
Expires: Fri, 30 Sep 2022 22:16:28 GMT
Date: Fri, 30 Sep 2022 20:27:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: wDvN0fBQz6QQamf4F6q/2OylGAa/ChwZcrPYkOSQ4igWHFCMMAC0nkMcN5qOXz3Fecft2o0EvTc3YuqJxykcow==
x-amz-request-id: 4HKEFKD05BT1DTBW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 30 Sep 2022 19:48:44 GMT
age: 2345
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 30 Sep 2022 20:27:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 19:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 20:08:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TuHrIMXMOYN2mC-r8ErVkJuRgUB80cb911WXHHOCd8kkybWmWt6fWA==
Age: 3497


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0239DF0B63F9B6BA7FC3011103427C0977C53A929B9524E924510BFAF50AE5A7"
Last-Modified: Wed, 28 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Sat, 01 Oct 2022 02:27:18 GMT
Date: Fri, 30 Sep 2022 20:27:50 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: corp-sso.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         20.88.160.31
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
server: Apache
cache-control: max-age=31536000, public
link: <https://752f77aa107738c25d93-f083e9a6295a3f0714fa019ffdca65c3.ssl.cf1.rackcdn.com>; rel="preconnect", <https://www.googletagmanager.com>; rel="preconnect", <https://consent.truste.com>; rel="preconnect", <https://rax.my.salesforce.com>; rel="preconnect", <https://c.la3-c1-ia2.salesforceliveagent.com>; rel="preconnect", <https://www.google-analytics.com>; rel="preconnect", <https://www.rackspace.com/node/22215>; rel="canonical", <https://www.rackspace.com/node/22215>; rel="shortlink", <https://www.rackspace.com/node/22215>; rel="revision"
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
content-security-policy: frame-ancestors *; report-uri https://www.rackspace.com/report-uri/enforce
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 30 Sep 2022 19:18:16 GMT
etag: "1664565496"
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 30 Sep 2022 20:27:50 GMT
content-length: 21537


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (604)
Size:   21537
Md5:    28abab2e4ac47ee2fa3ff632c7903ad3
Sha1:   cf802240246574a10db66f3346dfe99747724623
Sha256: 836415be0a4e2531c340ea8cb24fb8d3e886938425a2ceaf79190aac72acb47e

Alerts:
  Blocklists:
    - openphish: AT&T Inc.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4741
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:50 GMT
Last-Modified: Fri, 30 Sep 2022 19:08:49 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /scripttemplates/otSDKStub.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 20:27:50 GMT
content-length: 7151
content-encoding: gzip
content-md5: zvDmpz9S9y5z1XhncmOZ/w==
last-modified: Thu, 29 Sep 2022 19:01:06 GMT
etag: 0x8DAA24CF6D1EF15
x-ms-request-id: abb92e84-701e-0130-4637-d4c499000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 9884
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb397fd30b4f9-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21747)
Size:   7151
Md5:    cef0e6a73f52f72e73d57867726399ff
Sha1:   2611e0920611a653446508e5f3de017900cc49f2
Sha256: 97cc12a095136523b16da09953e6f3e405b658978cb37cbc3d3ccb9f94faf0a6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3147
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:50 GMT
Last-Modified: Fri, 30 Sep 2022 19:35:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3147
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:50 GMT
Last-Modified: Fri, 30 Sep 2022 19:35:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /sites/default/files/css/css_GDJQtHWAwvIuyXnKNbLpaMGBtv7F2VThBzeruJ4kVvM.css HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: text/css
                                        
expires: Wed, 22 Mar 2023 18:59:46 GMT
last-modified: Mon, 14 Mar 2022 23:02:04 GMT
etag: "1847-5da35ab40e8e8"
cache-control: max-age=31536000
content-length: 6215
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-encoding
accept-ranges: bytes
content-encoding: gzip
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (14254)
Size:   6215
Md5:    6faa37ab51601fa7df3269317f0e6285
Sha1:   7fa0d238d191f292473b42d47e6bbdfb5876d4a2
Sha256: 6c9bd7f1457a462488a3cba618f54adbf0ead90d720c79ea885a8d1f3517a2d0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5248
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:50 GMT
Last-Modified: Fri, 30 Sep 2022 19:00:22 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2175
Cache-Control: max-age=102463
Date: Fri, 30 Sep 2022 20:27:50 GMT
Etag: "63363606-1d7"
Expires: Sun, 02 Oct 2022 00:55:33 GMT
Last-Modified: Fri, 30 Sep 2022 00:19:18 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /sites/default/files/2022-06/cameo-play-btn.png HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 20860
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 16 Jun 2022 19:22:58 GMT
etag: "517c-5e19590c105b8"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 16 Jun 2023 19:28:58 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 220 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size:   20860
Md5:    5d1599a9b856eeb7a88ac224f819a2f6
Sha1:   44dbfe553df125c22272ff24ce13bbd0d6ef9630
Sha256: 2be20d50d77505afe55b824a365d886c4ff8f7ebcba0c463573ef06eb385c6ea
                                        
                                            GET /sites/default/files/js/js_Ba58mI6TOXgKEzBgb3JbXDqfkgn4VPTEDXV7rKnUXlA.js HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: text/javascript
                                        
content-length: 84434
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-encoding
last-modified: Wed, 11 May 2022 18:57:59 GMT
etag: "149d2-5dec1051efe88"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Thu, 11 May 2023 19:16:39 GMT
content-encoding: gzip
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   84434
Md5:    20d65d65358aa751d8cacac9e940b742
Sha1:   e3768384854f9f170caeed4b6386ade5ebbad65a
Sha256: 94b571deb9092c219e8da68ceb9caa8cb0742bd75035f3110dac9674739e9e1e
                                        
                                            GET /cdn.cookielaw.org/consent/57b791a9-a472-4345-a9a8-bbb0b026a72f/OtAutoBlock.js HTTP/1.1 
Host: corp-sso.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://corp-sso.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         20.88.160.31
HTTP/1.1 404 Not Found
content-type: text/html; charset=UTF-8
                                        
server: Apache
cache-control: must-revalidate, no-cache, private
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
content-security-policy: frame-ancestors *; report-uri https://www.rackspace.com/report-uri/enforce
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4148
date: Fri, 30 Sep 2022 20:27:50 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   4148
Md5:    9da515266b4c40b2d29a91c55f38328e
Sha1:   7975fd82f9783236042276908940491aadb52a77
Sha256: 27d60a5ed4a00da26bf63ba4c8c8f41322ec467592f25113bc6073ea0cc5e131

Alerts:
  Blocklists:
    - openphish: AT&T Inc.
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ICFWmvo2BvJ7+VEGmyAyQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.107.141
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mYCExuXg2q5ZlLEotlkACTEAtrY=

                                        
                                            GET /sites/default/files/2022-07/5in5%20thumbnail%20image.png HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 37540
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 19 Jul 2022 21:17:09 GMT
etag: "92a4-5e42f01e551b8"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Wed, 19 Jul 2023 21:36:07 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 598 x 336, 8-bit/color RGBA, non-interlaced\012- data
Size:   37540
Md5:    c6f174bf8518b8f91d701cedb91e402b
Sha1:   d953b008a15dd090ac1b033b5bdfdc1182b89975
Sha256: 22b8d6feb4881d583ff3b7cb84f4262f33461b54f010ddf2b96ee227f87ed6dc
                                        
                                            GET /themes/custom/hansel/images/blue-slant.svg HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rackspace.com/sites/default/files/css/css_R9mztCIzVU3i7kShHwTiUqEqZtus8suIzshHcG8dWFI.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "1dc-5d8a43cf4fc9a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 26 Mar 2023 14:15:44 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 350
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   350
Md5:    3c298ec138c30cc59c3d2e6720f83cbf
Sha1:   f82787050eb8472eb3e507cc0f8505d637760ac8
Sha256: 77f12d591fd6187bb63f0815008b4c77d184b79453b43f794dbdaaefbde864dc
                                        
                                            GET /themes/custom/hansel/images/backgrounds/gradient-horizontal-split.svg HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rackspace.com/sites/default/files/css/css_R9mztCIzVU3i7kShHwTiUqEqZtus8suIzshHcG8dWFI.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "36b-5d8a43cf4fc9a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 26 Mar 2023 14:15:44 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 498
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   498
Md5:    9c7612db6c754512e582478ea9fc2102
Sha1:   29688a32fd858f964691ff09af715dd1d6f261ba
Sha256: 2fb62616241d8bcdbb79bf944863eaaa992fe0f3eebb7f79820591c87f93e719
                                        
                                            GET /themes/custom/hansel/images/backgrounds/polygons_background.svg HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rackspace.com/sites/default/files/css/css_R9mztCIzVU3i7kShHwTiUqEqZtus8suIzshHcG8dWFI.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "49d1-5d8a43cf4fc9a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 26 Mar 2023 14:15:44 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3642
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (18897), with no line terminators
Size:   3642
Md5:    83b7f52fa3b4051a22d65657f4d4f512
Sha1:   27f853f0ac6a912a2fa3c550bdef4d720ccd46e4
Sha256: 7c0d2820adbb6f82c4be74e541f2dc74bf547c8318245146817fd91dc34ce9f5
                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-regular.woff2 HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
                                        
expires: Wed, 22 Mar 2023 19:06:50 GMT
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "382c-5d8a43cf4dd5a"
cache-control: max-age=31536000
content-length: 14380
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data
Size:   14380
Md5:    33543c5cc5d88f5695dd08c87d280dfd
Sha1:   600db9374e47e4f73a59ccc0a99bcc42f4a3e02a
Sha256: 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
                                        
                                            GET /consent/57b791a9-a472-4345-a9a8-bbb0b026a72f/57b791a9-a472-4345-a9a8-bbb0b026a72f.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Fri, 30 Sep 2022 20:27:50 GMT
content-length: 1618
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: Vj2kK7WOWj+hZKMnbFk4hw==
last-modified: Mon, 09 May 2022 19:11:01 GMT
etag: 0x8DA31EFA81C03B7
x-ms-request-id: 80726710-f01e-0121-1b4e-d3f382000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
expires: Sat, 01 Oct 2022 00:27:50 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb3996f73b52d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (4411), with no line terminators
Size:   1618
Md5:    563da42bb58e5a3fa164a3276c593887
Sha1:   24718804a73c56057ceff71e8d310aba994c802f
Sha256: ab75f6bcb838ca28586bb6f0e2eff19d0927ba9271022e95b42c8a311b54b821
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-700.woff2 HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
                                        
content-length: 15056
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "3ad0-5d8a43cf4dd5a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Thu, 06 Apr 2023 09:52:24 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Size:   15056
Md5:    0edb76284a7a0f8db4665b560ee2b48f
Sha1:   02496387a5f7bf7b79df52c7b76ece4ebc7a0710
Sha256: 74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
                                        
                                            GET /themes/custom/hansel/images/backgrounds/wall-background.jpg HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rackspace.com/sites/default/files/css/css_R9mztCIzVU3i7kShHwTiUqEqZtus8suIzshHcG8dWFI.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "533e3-5d8a43cf4fc9a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Wed, 22 Mar 2023 19:20:35 GMT
content-length: 340963
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1440, components 1\012- data
Size:   340963
Md5:    c25bcd0e848e600d1f3e715bdf73a07c
Sha1:   94af674858fbc4da6c5c4550c2e02bbab332aabb
Sha256: e94f26cae8a416e01c3914e3e40e982cfd1f44f522ae2f2c5c970458a2a6c79a
                                        
                                            GET /themes/custom/hansel/fonts/fontello/font/rswebfonts.woff2 HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
                                        
content-length: 62996
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "f614-5d8a43cf4cdba"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 07 Apr 2023 04:46:07 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 62996, version 1.0\012- data
Size:   62996
Md5:    21f57c621f9933c251dc8ff7eb135605
Sha1:   7e727ba1ecb7fe7d5fb89badfde25b4986edb749
Sha256: f4eeb8aa6e191de3a54475f28b14f84279e8a24ae48b8267c1beae5eee66afea
                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-600.woff2 HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
                                        
content-length: 14880
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "3a20-5d8a43cf4cdba"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Thu, 06 Apr 2023 09:52:25 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 14880, version 1.0\012- data
Size:   14880
Md5:    819af3d3abdc9f135d49b80a91e2ff4c
Sha1:   0fd9f29faa386a9c8de328f799d2698948ed3d25
Sha256: 1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
                                        
                                            GET /themes/custom/hansel/images/rs-logo-2021B.svg HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 22 Mar 2023 18:59:46 GMT
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "1ba0-5d8a43cf50c3a"
cache-control: max-age=31536000
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2981
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (7072), with no line terminators
Size:   2981
Md5:    992f3f2de2bc2ba68ff855ef0630e4f4
Sha1:   96c2a50f7f067d99289c5707c5ffb888d76940c1
Sha256: 2114cda1954603a8afb1a8b28cf137137f30b24e8fddb4b016dc77258397646c
                                        
                                            GET /themes/custom/hansel/images/search-icon.svg HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 22 Mar 2023 18:59:46 GMT
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "3ba-5d8a43cf50c3a"
cache-control: max-age=31536000
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 491
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size:   491
Md5:    3b3d379386712fe677ac1e905106f5b3
Sha1:   c0cd85811d5c2f18b4f105dc28fdacdc691c7406
Sha256: 3649e51d8c71a0f66dfa7e68a34998d11fe9a630e7dae39e47e174dcac83dc03
                                        
                                            GET /sites/default/files/2020-11/US-EMEA.png HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/png
                                        
expires: Wed, 22 Mar 2023 18:59:46 GMT
last-modified: Fri, 06 Nov 2020 20:53:24 GMT
etag: "336a3-5b376674ea750"
cache-control: max-age=31536000
content-length: 210595
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 519 x 414, 8-bit/color RGBA, non-interlaced\012- data
Size:   210595
Md5:    15a270baeeb1ec2f7208c1db4de71bae
Sha1:   4708f7ba98f8dcbdfb9ae4fd93a91c9ba34b0928
Sha256: 1faa5284190197713dee98f8c404f6b96845751fba816db6047d25acd02741f3
                                        
                                            GET /sites/default/files/styles/rxt_banner_1600/public/2022-03/Rackspace-Image-Landing-Page-Data-Freedom-TSK-6356-1920x920.jpg?itok=n4QbmnMO HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 283154
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Mar 2022 17:38:06 GMT
etag: "45212-5d93fbe8be318"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Tue, 19 Sep 2023 13:02:07 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 1600x920, components 3\012- data
Size:   283154
Md5:    580a8ab19291c3957208f63707fe6345
Sha1:   826401bbfc66a3a722c245f7f7de0fe46e6a09ba
Sha256: 7072c4d1208790a3dddc8f2cf166617c3e5a697c04151259ba7e155ea6871be0
                                        
                                            GET /gtm.js?id=GTM-M8LWJF HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 20:27:50 GMT
expires: Fri, 30 Sep 2022 20:27:50 GMT
cache-control: private, max-age=900
last-modified: Fri, 30 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106471
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (36934)
Size:   106471
Md5:    7f125dd052a30a363ce9e4f69fea4c5f
Sha1:   74a8e358b39a04a1b37b19b75893977c1285afa1
Sha256: bc150b53e6cef6058f9756d9e21804832f1058ab8c5024774466d7996308d6c6
                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-regular.woff HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-woff
                                        
content-length: 18100
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "46b4-5e779db14f18a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Wed, 20 Sep 2023 13:40:09 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18100, version 1.1\012- data
Size:   18100
Md5:    de0869e324680c99efa1250515b4b41c
Sha1:   8033a128504f11145ea791e481e3cf79dcd290e2
Sha256: 81f0ec27796225ea29f9f1c7b74f083edcd7bc97a09d5fc4e8d03c0134e62445
                                        
                                            GET /themes/custom/hansel/fonts/fontello/font/rswebfonts.woff HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-woff
                                        
content-length: 77292
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "12dec-5e779db14e1ea"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Tue, 19 Sep 2023 00:25:31 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 77292, version 1.0\012- data
Size:   77292
Md5:    f8202823c1501544315cc14de789f8b4
Sha1:   43f6b142bbde6c7a4d3cf36330f21a5d6e85b478
Sha256: 81b8eb925685e9b48e173bb1302f324c41d4759c7c6b29f528a89b0cff5234aa
                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-700.woff HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-woff
                                        
content-length: 18900
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "49d4-5e779db14f18a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 18 Sep 2023 22:09:57 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18900, version 1.1\012- data
Size:   18900
Md5:    1f85e92d8ff443980bc0f83ad7b23b60
Sha1:   ee8642c4fae325bb460ec29c0c2c9ad8a4c7817d
Sha256: ea20e5db3ba915c503173fae268445fc2745fc9a5dce2f58d47f5a355e1cdb18
                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-600.woff HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-woff
                                        
content-length: 18696
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "4908-5e779db14f18a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 18 Sep 2023 22:09:59 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 18696, version 1.1\012- data
Size:   18696
Md5:    449d681cd6006390e1bee3c3a660430b
Sha1:   2a9777afc07bf0bb4bb48f233ed7c4bcbdb60760
Sha256: 57c79375b1419ee1d984f443cda77c04b9b38c0be5330b2d41d65103115ffd72
                                        
                                            GET /libraries/lazysizes/lazysizes.min.js HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/javascript
                                        
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 23 Feb 2022 00:07:36 GMT
etag: "1ed3-5d8a440cc0171"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Wed, 22 Mar 2023 19:06:50 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 3495
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7863)
Size:   3495
Md5:    c59acbf42f96a05e25fa72ff81dce8d7
Sha1:   b1aef427dfe0a6931718be32efe9f5157aca8025
Sha256: fa425d9e0773aa4e213db1acccf656fbece0200e44ff4985246b45832fe1189c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-regular.ttf HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-sfnt
                                        
content-length: 27088
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "69d0-5e779db14f18a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Tue, 19 Sep 2023 00:25:31 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegular1.10;1ASC;OpenSans-R\012- data
Size:   27088
Md5:    049a929c5d81988b3ae6d2f985ca7aa5
Sha1:   1116611d79f1b71936b8987bc1ca3d6de5e99f14
Sha256: 5669ca033ab68625c0cae6bcf1abb2722c02ea43a0d65323b2f7b023c7afa35e
                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-700.ttf HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-sfnt
                                        
content-length: 28848
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "70b0-5e779db14f18a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 18 Sep 2023 22:42:18 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansBold1.10;1ASC;OpenSans-Bold\012- data
Size:   28848
Md5:    e5111caba5b811a73d995786db3c61ea
Sha1:   c07bbf95dbb752e9944662b47cd22e52bbb979f6
Sha256: d7f8be99aee46445efcc7c49145388deca59f0dfd183ed4b3892ca111c2b401a
                                        
                                            GET /themes/custom/hansel/fonts/fontello/font/rswebfonts.ttf HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-sfnt
                                        
content-length: 132352
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "20500-5e779db14e1ea"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 18 Sep 2023 22:42:18 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 11 tables, 1st "GSUB", 18 names, Macintosh, Copyright (C) 2021 by original authors @ fontello.comrswebfontsRegularrswebfontsrswebfontsVersio\012- data
Size:   132352
Md5:    57a6d8a539888a84b4e7f44b390c9726
Sha1:   a96cb52b42b9ac32637d21987de67344afe656e9
Sha256: a07d81afb8f58c4a7332c92b52da7e832b82ef5494eb6fd58090b5dfd2d01b9c
                                        
                                            GET /themes/custom/hansel/fonts/open-sans/open-sans-v18-latin-600.ttf HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://www.rackspace.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/font-sfnt
                                        
content-length: 28100
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 30 Aug 2022 18:50:36 GMT
etag: "6dc4-5e779db14e1ea"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Mon, 18 Sep 2023 22:42:18 GMT
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Digitized data copyright \251 2011, Google Corporation.Open Sans SemiBoldRegular1.10;1ASC;OpenSa\012- data
Size:   28100
Md5:    8f7128145a3c2b83923552a328df7cdc
Sha1:   ba7725a9de61b3a33273bfec3d5acf98aeba13f1
Sha256: 23fea0a987694a487d5e053345c610b6c2b0cee5943e6c54dffa8c4d3b8c2a27
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6190
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:51 GMT
Last-Modified: Fri, 30 Sep 2022 18:44:41 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3977
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:51 GMT
Last-Modified: Fri, 30 Sep 2022 19:21:34 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4279
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:51 GMT
Last-Modified: Fri, 30 Sep 2022 19:16:32 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /geo HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 64
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   64
Md5:    56524f9e6ddb13828dcd4e3d96470555
Sha1:   f5bb942cb6e963cd7e23942dd7eb92632c39e518
Sha256: 23f73aef65f710867c85d99033b36738dd1bdc8cdbb9707d85ab7b5bd8bb8664
                                        
                                            OPTIONS /bannersdk/v1/domaingroupcheck HTTP/1.1 
Host: cookies-data.onetrust.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: domainid,location,url
Referer: https://corp-sso.net/
Origin: https://corp-sso.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.32.192
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-headers: domainId, url, location, Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods: GET, HEAD, OPTIONS
vary: Accept-Encoding
server: cloudflare
cf-ray: 752fb39c0937fac0-OSL
X-Firefox-Spdy: h2

                                        
                                            GET /cookieconsentpub/v1/geo/location HTTP/1.1 
Host: geolocation.onetrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.41.98
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 752fb39beac61c02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65282)
Size:   84820
Md5:    242e53a6d40bf3099ac4d4998120e10f
Sha1:   0f301c5dc19d817e34c9e7b7117a9add1f89451e
Sha256: 03a8d3afa280807f1b015ef5504ec258f90133790234e06affde7128a014f878
                                        
                                            GET /optimize.js?id=GTM-MLW4G8J HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 20:27:51 GMT
expires: Fri, 30 Sep 2022 20:27:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45177
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2617)
Size:   45177
Md5:    6bfa7dee0826465cd3a8447a8ec925c0
Sha1:   4eb4d1d17da4662c4dc4ca0323c2f51d69ac26d9
Sha256: 9ca5e12d9dbfab5fe9a8680b7b4d2e2b53c791e3c7efa21fe4c4577521bc445a
                                        
                                            GET /ads/pixel.js HTTP/1.1 
Host: www.redditstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 30 Sep 2022 20:27:51 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25224)
Size:   7722
Md5:    95212d33cfff78ad59f5af5b20c48c53
Sha1:   9b99a4091a6eb716bc68f1428e3c86eca068b25b
Sha256: bd69f250efa08cb2c0a06c35d91fda762779820d87779019c25211f4559ebb1d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /activityi;src=4361691;type=PageN-;cat=Remar-;ord=1;num=1390640284534;gtm=2wg9s0;auiddc=222414372.1664569668;u1=www%3Ahome;u11=https%3A%2F%2Fcorp-sso.net%2F;u12=corp-sso.net;~oref=https%3A%2F%2Fcorp-sso.net%2F? HTTP/1.1 
Host: 4361691.fls.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.70
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 379
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:42:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (513), with no line terminators
Size:   379
Md5:    c936b093525166ed233392c98ed96045
Sha1:   342c6b6c5f4751ea863aaab996453bb4e2077459
Sha256: 128108d1c72e6ccfb7bacd34ddf9f5516df8b52844275658bc5aa9448635a3dd
                                        
                                            GET /scripttemplates/6.34.0/otTCF.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 15011
content-encoding: gzip
content-md5: IPJurqOx+TrXS9c/3t+LWw==
last-modified: Tue, 17 May 2022 16:31:34 GMT
etag: 0x8DA3822B4DAB47A
x-ms-request-id: 9cd2b37c-201e-00eb-5d19-6a261a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 9438
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39ceba6b4f9-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   15011
Md5:    20f26eaea3b1f93ad74bd73fdedf8b5b
Sha1:   3c23b555bc6ef8c4af8c0e8323d438b1540ed559
Sha256: 63598f763eed4394da2965daa36b8be78693c34c7a9742eb0a0892798a6ac704
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /vendorlist/iab2Data.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 52031
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: oJ2h8P0gOulzGm2CtwrOvA==
last-modified: Fri, 30 Sep 2022 19:09:30 GMT
etag: 0x8DAA3174D7D761B
x-ms-request-id: 5d878e98-201e-016c-3a0b-d53560000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39cdb3ab52d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Size:   52031
Md5:    a09da1f0fd203ae9731a6d82b70acebc
Sha1:   44009881c7a4be00d6d3c20cbc3bfe3e7354cde6
Sha256: 526ca8bd049e3c2fae9dd5c4bade3ba84e0dac7836d31961dcf5b8fc8e5e35c6
                                        
                                            GET /consent/57b791a9-a472-4345-a9a8-bbb0b026a72f/80c410c0-30c5-425b-a801-46404a254958/en.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 18186
cache-control: public, max-age=14400
content-encoding: gzip
content-md5: m0q3ANAZkdvWRsWDvvUvmw==
last-modified: Mon, 09 May 2022 19:11:04 GMT
etag: 0x8DA31EFAA28C40C
x-ms-request-id: 9a795df5-501e-0127-565d-d304fa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: REVALIDATED
expires: Sat, 01 Oct 2022 00:27:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39cdb38b52d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65516), with no line terminators
Size:   18186
Md5:    9b4ab700d01991dbd646c583bef52f9b
Sha1:   29e38c3109509bdf12f64bff3bac89e32636d233
Sha256: 155559e1cf5abc6f90060d3424b21b874abb64b465fb577d2af024bd0408802e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6370
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:51 GMT
Last-Modified: Fri, 30 Sep 2022 18:41:41 GMT
Server: ECS (amb/6B9D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ddm/fls/i/src=4361691;type=PageN-;cat=Remar-;ord=1;num=1390640284534;gtm=2wg9s0;auiddc=222414372.1664569668;u1=www%3Ahome;u11=https%3A%2F%2Fcorp-sso.net%2F;u12=corp-sso.net;~oref=https%3A%2F%2Fcorp-sso.net%2F HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4361691.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.162
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (512), with no line terminators
Size:   378
Md5:    0d34f87ccc26f6658a5884e6ba4300fd
Sha1:   912c55b189afc87b850a7cb6992e040878c3a273
Sha256: 15410f51b16387c9b68b0119426b1637aaed9109d1c190931817adeb52483900
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scripttemplates/6.34.0/assets/otFlat.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 2959
content-encoding: gzip
content-md5: e9t+XAucPzqMmpjFA11lKw==
last-modified: Tue, 17 May 2022 16:31:25 GMT
etag: 0x8DA3822AFD03491
x-ms-request-id: 7827d670-201e-0145-5b4e-d34322000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39e1c3cb52d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (10856)
Size:   2959
Md5:    7bdb7e5c0b9c3f3a8c9a98c5035d652b
Sha1:   c2f6b7579febf28fa02ae41b7844e29ba3a345b8
Sha256: 06b868bd86cff733dec09b4645655144dcf2c3e93944ad2bc28104523a3c82e6
                                        
                                            GET /scripttemplates/6.34.0/assets/v2/otPcCenter.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 12384
content-encoding: gzip
content-md5: NS4/Ql3sVfXAVIyb20II4w==
last-modified: Tue, 17 May 2022 16:31:27 GMT
etag: 0x8DA3822B13BA01A
x-ms-request-id: b566375b-301e-00ff-494e-d3e57e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39e2c49b52d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (42028)
Size:   12384
Md5:    352e3f425dec55f5c0548c9bdb4208e3
Sha1:   7b4d12cb3b55c634331ec489957a6d127cff20fc
Sha256: baa68767f11c3c5af9600732665fc9e9b1cfee29eb38f3b78df5b56ac59e1dea
                                        
                                            GET /scripttemplates/6.34.0/assets/otCookieSettingsButton.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 1780
content-encoding: gzip
content-md5: i+uvjjZQ5wEBgLSseorNJg==
last-modified: Tue, 17 May 2022 16:31:27 GMT
etag: 0x8DA3822B0F18204
x-ms-request-id: a4e4242a-901e-015c-744e-d36f4a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39e2c4db52d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3126)
Size:   1780
Md5:    8bebaf8e3650e7010180b4ac7a8acd26
Sha1:   06c66b819158f0c53cc3230d5fb894c9990b18a8
Sha256: a9f95cf16553c240f46335ab32fafb00737d6ff4d9926b7db482c2b7215d8446
                                        
                                            GET /sync/ HTTP/1.1 
Host: api3488.d41.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         35.153.151.203
HTTP/1.1 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://corp-sso.net
Cache-control: no-store
Date: Fri, 30 Sep 2022 20:27:51 GMT
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Connection: keep-alive

                                        
                                            POST /lc?step=1&dp=/&ul=en&plid=86029862.36996077&sr=1280x1024&vp=1268x939&c=Light&dnt=0&gtm=1&s=200&l1=0&l2=0&l3=0&np=undefined HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/gif
                                        
server: awselb/2.0
content-length: 7
access-control-allow-origin: www.rackspace.com
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a,\012- data
Size:   7
Md5:    1f2d8b41aba487921856cacd6c0d52e8
Sha1:   6b0bd0238861923bd2e9ee98ff1f8412521d7c9c
Sha256: f82624464e9e95dfae29e0e54c360aff84dda3c419fc8c3bd10ef668bbe7df9e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ddm/fls/i/src=4361691;type=PageN-;cat=Remar-;ord=1;num=1390640284534;gtm=2wg9s0;auiddc=222414372.1664569668;u1=www%3Ahome;u11=https%3A%2F%2Fcorp-sso.net%2F;u12=corp-sso.net;~oref=https%3A%2F%2Fcorp-sso.net%2F HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.98
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://4361691.fls.doubleclick.net/ddm/fls/r/src=4361691;type=PageN-;cat=Remar-;ord=1;num=1390640284534;gtm=2wg9s0;auiddc=222414372.1664569668;u1=www%3Ahome;u11=https%3A%2F%2Fcorp-sso.net%2F;u12=corp-sso.net;~oref=https%3A%2F%2Fcorp-sso.net%2F
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /logos/static/poweredBy_ot_logo.svg HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-md5: LpuayL42jB78xRllx0vkOw==
last-modified: Thu, 29 Sep 2022 19:01:15 GMT
x-ms-request-id: b23e84c9-a01e-00b5-1737-d4d519000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 9884
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39ecdf7b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   77577
Md5:    0db9cad8721db09e539ad7990987b5a0
Sha1:   3f25e6d02f3817d4a0f7022b07b96eab601190a0
Sha256: c9f596611e0de36a34b6730552bbda14d282558ad69c49ac45f453bd622e9441
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api?req=api3488&form=json HTTP/1.1 
Host: api3488.d41.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         35.153.151.203
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://corp-sso.net
Cache-control: no-store
Date: Fri, 30 Sep 2022 20:27:51 GMT
Expect-CT: max-age=30, report-uri="https://a54b4ab95d40a8b116fae47033b75682.report-uri.com/r/d/ct/reportOnly"
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 44
Connection: keep-alive


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   44
Md5:    73c9fd85c7b84e60c4b76fb69c899909
Sha1:   9603e2ef406297ab323073f801d7b57cddee7f09
Sha256: dbab4e063d603516e132adf2c298cb16782a431e99fcbc14ca665aed0f841842
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 20:27:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 20:27:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 20:27:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Fri, 30 Sep 2022 21:34:17 GMT
Date: Fri, 30 Sep 2022 20:27:51 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:15 GMT
age: 81756
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10380
Md5:    139a144f8cb04ac8aae65f4bad1473e7
Sha1:   265840b2d2fc6eb764cc6409b05deee8d77a19c2
Sha256: 6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 06:34:26 GMT
age: 50005
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8059
Md5:    d21d2bdcedbd619a80017054076319f9
Sha1:   86dd3bf133e9eddf8852f39e1ee695ee599ac886
Sha256: fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dyDhatfeYzzSQpRY7JpOIu3VhjlI8IOWcKCLCBWYaxJ1CYgCxqdQjA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:49:47 GMT
age: 81484
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14073
Md5:    11594ce7500d8776bfd5162b17f87d72
Sha1:   72603efba82d649ce5a7a0ca45dc830c0d9ef012
Sha256: 511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6722
x-amzn-requestid: 6aca2e04-02b4-4e42-8bba-9bbe2ace1ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPeLrGq1oAMFuAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633610b0-65b0664d0233107029ef0157;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DClqs8vTlqibRwXU8dIkkFCUxigTLduturaxCfuvsMtDm-4VXjx2mg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:12:16 GMT
age: 80135
etag: "3248ca3a8b88efd5be8499898fce957d096cf211"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6722
Md5:    5b8d0a19bc0a56bb40a975c5c71af05a
Sha1:   3248ca3a8b88efd5be8499898fce957d096cf211
Sha256: da44d6dd845dc400b0b76f19c67e5a79d9359ce24fe5e4490477f195b23203b4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9789cead-4e6c-4a12-9b45-25d0efd38fc9.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16011
x-amzn-requestid: d58dfdcd-383a-45ac-8ae2-2b97f016b6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdbjFy1IAMF84A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f7c-1ca9707a5e5087fd769d9ab6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QKHN1asEv6w1mTLxsmn7Oj5AZTsPcg0H8zv5_qQ1BYptjL254kCZdA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:20:36 GMT
age: 79635
etag: "78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16011
Md5:    1389b1d624b44706c7a6f6b7eb769241
Sha1:   78b798f2cfa7db13a6b5ca2ca2783bece5e77d5d
Sha256: c3c2526b98be06fc7e793e1150bacde2a7bd718e29a851a6e6992e8d84333790
                                        
                                            GET /sites/default/files/css/css_R9mztCIzVU3i7kShHwTiUqEqZtus8suIzshHcG8dWFI.css HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 41775
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-encoding
last-modified: Mon, 05 Sep 2022 18:16:41 GMT
etag: "a32f-5e7f214dd0bf0"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Tue, 05 Sep 2023 18:17:47 GMT
content-encoding: gzip
date: Fri, 30 Sep 2022 20:27:50 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5754
Md5:    da2bb5dc3c41d9956752c2e7a72c6eb6
Sha1:   d9c7b0dea148896017492aad6c02ca6fadf17ebb
Sha256: 28b08565a224d8bd81e3cbb65f2e70a9025d67af5e4cff9cbd673aa416de8aa7
                                        
                                            GET /sites/default/files/2020-12/apple-touch-icon-precomposed.png HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/png
                                        
expires: Wed, 22 Mar 2023 19:00:57 GMT
last-modified: Tue, 08 Dec 2020 19:53:17 GMT
etag: "1c50-5b5f94b45e7f0"
cache-control: max-age=31536000
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 7248
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced\012- data
Size:   7248
Md5:    2f5f59fe3113c8565cd2bcacede1e938
Sha1:   c02c2c793c737bd266eb360de6eff446ca7affcd
Sha256: 72f7463e041ddaa4dca4889bc06a178b2a817764d323a25629aa9de6ef097513
                                        
                                            GET /themes/custom/hansel/favicon.ico HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
                                        
expires: Wed, 22 Mar 2023 18:59:57 GMT
last-modified: Wed, 23 Feb 2022 00:06:32 GMT
etag: "30e-5d8a43cf49edb"
cache-control: max-age=31536000
server: Apache
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 782
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   782
Md5:    683c42cfc5276291257e2c1ed5d669bf
Sha1:   548471d3dd2687784a816ef445b2464cc22de012
Sha256: 63440a8fca600cf5710c2dc163c88d6b1ba2314b88929b18864dc38f3028b698
                                        
                                            GET /li.lms-analytics/insight.min.js HTTP/1.1 
Host: snap.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.76.210
HTTP/2 200 OK
content-type: application/x-javascript;charset=utf-8
                                        
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=13750
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7751)
Size:   3063
Md5:    57efbbeb3e1d23c82b677511c67c8b0e
Sha1:   f927ba115ef4be362694c22850ddbdd1c1b054d1
Sha256: 873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 30 Sep 2022 18:41:09 GMT
expires: Fri, 30 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 6402
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   19826
Md5:    cae538dcce82598fbe43c0bf443e62dd
Sha1:   cc68ac6be9c5e0087a0000e5735b83270ace30f5
Sha256: 954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5735
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:51 GMT
Last-Modified: Fri, 30 Sep 2022 18:52:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /uwt.js HTTP/1.1 
Host: static.ads-twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Fri, 30 Sep 2022 20:27:51 GMT
x-served-by: cache-iad-kjyo7100169-IAD, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57443), with no line terminators
Size:   15317
Md5:    1e9c4d503a9e162d8b549dc3d9c040e2
Sha1:   1fa99d7d7e878cdd45567af4b0c3c65542036c1d
Sha256: f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Sep 2022 20:27:51 GMT
expires: Fri, 30 Sep 2022 20:27:51 GMT
cache-control: private, max-age=3600
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1654)
Size:   15187
Md5:    8766c5a801f08afceca9b66ff9097e6a
Sha1:   ce7640d1d166eddeb9d40be642ec34652f790713
Sha256: f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
                                        
                                            GET /ddm/adj/N32702.197812NSO.CODESRV/B20408797.207615088;sz=1x2;ord=1190654410? HTTP/1.1 
Host: ad.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.198
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 13342
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:42:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (29166), with CRLF, LF line terminators
Size:   13342
Md5:    a62b9f1f27d46158eb619cee654684e6
Sha1:   83bbf668342dffd44206261b74af3ab9fa0ad8d5
Sha256: dce140f896009937bd9bc170e922338132633982b8acc1bf8c887c7e8976961b
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11367
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=163AA77D009468CE1F59B55201C3698A; domain=.bing.com; expires=Wed, 25-Oct-2023 20:27:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 81C6BFF5A9F040A0AB7709FEDD3A3F79 Ref B: OSL30EDGE0319 Ref C: 2022-09-30T20:27:51Z
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11367
Md5:    293ae3e0fc8b0d5c143fdf9d8490228d
Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9
Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
                                        
                                            POST /g/collect?v=2&tid=G-P5J3XFCZLB&gtm=2oe9s0&_p=720253332&cid=1739622230.1664569668&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664569667&sct=1&seg=0&dl=https%3A%2F%2Fcorp-sso.net%2F&dt=Rackspace%20Technology%20%7C%20Multicloud%20Solutions%20Provider&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container=GTM-M8LWJF HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://corp-sso.net
date: Fri, 30 Sep 2022 20:27:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.16
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Vl4D58EjRgFnDUHPNDaDUA24Zcfl2+qz2RIJEg++VYUj6nz27mxyYSVFPHbwWq9iqJuQfzVJ9oNSEGUKcdxWzw==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 20:27:51 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26840
Md5:    e1327a02d76346c7e23d114e4e508b30
Sha1:   195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
Sha256: 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3957
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:51 GMT
Last-Modified: Fri, 30 Sep 2022 19:21:54 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /rp.gif?ts=1664569667891&id=t2_1zhq5dok&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=3e2dee8c-efd1-4156-afcc-a7879bef7589&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=1024&v=rdt_02c59ad6 HTTP/1.1 
Host: alb.reddit.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.140
HTTP/2 200 OK
content-type: image/gif
                                        
server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Fri, 30 Sep 2022 20:27:52 GMT
via: 1.1 varnish
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5776
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:52 GMT
Last-Modified: Fri, 30 Sep 2022 18:51:36 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /collect?v=2&fmt=js&pid=7408&time=1664569668569&url=https%3A%2F%2Fcorp-sso.net%2F HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7408%26time%3D1664569668569%26url%3Dhttps%253A%252F%252Fcorp-sso.net%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJxv_9Za4Ak7AAAAYOQFYFKPnopNy2eRHapVnm227CT78IhJNJYcx7af3LeW34xPauaYCzPfyEv5Q; Max-Age=2592000; Expires=Sun, 30 Oct 2022 20:27:52 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure AnalyticsSyncHistory=AQLrDFuheLoGqgAAAYOQFYFK05Z3GsWx3RrCf3Cw4ADHpzX6SG1Kc-Jod4ppwXiuFA5Qkz7NysRNuq_5OCETMw; Max-Age=2592000; Expires=Sun, 30 Oct 2022 20:27:52 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&95f661ef-9d2b-4bf9-8ef5-eca7ca093beb"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 30-Sep-2023 20:27:52 GMT; SameSite=None lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2395:u=1:x=1:i=1664569672:t=1664656072:v=2:sig=AQHKWoUldgBkhywZHnJXn1G5BYqA_mhr"; Expires=Sat, 01 Oct 2022 20:27:52 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXp6tQA6N1N9BFfN7e3Pw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CF506ED9F62544DE9E1DB808322698F1 Ref B: OSL30EDGE0218 Ref C: 2022-09-30T20:27:51Z
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.20
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JyfFI02r725FFXR015buz1GRa5p56AE6xI5G0H9erMnpnqYrnZpcWQ==
age: 2027445
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Size:   1044
Md5:    f6a9ca04b0687ea3c0d98e8430c8c77b
Sha1:   35503b2deb23091a9a9c6c68d4020dbdf879588e
Sha256: 8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=6da19d6f-bec3-40c2-8edb-62340dd2d3b1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b2315db9-ebd1-44cd-abd1-66cf659a8d97&tw_document_href=https%3A%2F%2Fcorp-sso.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nut41&type=javascript&version=2.3.27 HTTP/1.1 
Host: t.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.244.42.197
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=cf3da369-773c-4091-baef-3c8d3348c1e9; Max-Age=63072000; Expires=Sun, 29 Sep 2024 20:27:52 GMT; Path=/; Domain=t.co; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: a54f2ca680f70482
strict-transport-security: max-age=0
x-response-time: 113
x-connection-hash: 02a38b55b908ec1ad34cb0e65d7036ee9066f97159196e517c284c83aa76bd57
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            GET /modules.61e17720cf639c3e96a7.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.46
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 66156
date: Fri, 30 Sep 2022 07:19:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "ca82760cd662a268a9b556ae44a96740"
last-modified: Fri, 30 Sep 2022 07:18:43 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oWl86jLEvtdvfFXwttBOc1AlpCpn-sk88iy6wN0ums1GrsPG9a8-eA==
age: 47326
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   66156
Md5:    ca82760cd662a268a9b556ae44a96740
Sha1:   7d7e28b6029ab3449f2183a73b8f0dbb93dd9386
Sha256: 0e98f16bb4945f08b2f0e9be3108864e2f2db7ed792bc9049404cac6038d75d3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6344
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:52 GMT
Last-Modified: Fri, 30 Sep 2022 18:42:08 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /pagead/viewthroughconversion/1032404458/?random=1664569668667&cv=9&fst=1664569668667&num=1&label=TWz4CLDW3wMQ6vuk7AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fcorp-sso.net%2F&tiba=Rackspace%20Technology%20%7C%20Multicloud%20Solutions%20Provider&auid=222414372.1664569668&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.226
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1091
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:42:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2347), with no line terminators
Size:   1091
Md5:    e0e71dc6b7fc984d5d98f11e66c93f1c
Sha1:   ec2a1c799075b2501ef469345db58b206750dc1f
Sha256: 3c4051568fadaa9054375a30faa0e580541daf161cfd22affcb6d052eb3c6a31
                                        
                                            GET /pagead/js/r20220928/r20110914/elements/html/omrhp.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.34
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 3181
x-xss-protection: 0
date: Fri, 30 Sep 2022 20:24:59 GMT
expires: Fri, 14 Oct 2022 20:24:59 GMT
cache-control: public, max-age=1209600
etag: 10699485926258732851
age: 173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2812)
Size:   3181
Md5:    4d25fcd5db1b3e587056df29eceda987
Sha1:   f39f02656e6d83d8c5d56d9a2dc7dd503c8dfb08
Sha256: c1ea615501bde8bb26af7731ca7118379c587f2f799c13d7b76b11434b502ffc
                                        
                                            GET /p/action/5563149.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: private,max-age=60
content-length: 666
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=301B46A2A2436C27303B548DA3146D42; domain=.bing.com; expires=Wed, 25-Oct-2023 20:27:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AD4C49BE36914CA481819D43C23319B4 Ref B: OSL30EDGE0319 Ref C: 2022-09-30T20:27:52Z
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   666
Md5:    742e1b325fbf7ca532aa4c7250497e26
Sha1:   6ba6990fdc38094b62f078d05378c3fdeecc9906
Sha256: 4db5cdf86578aca83d84cf5fb4856fac62cc5e02b6a783384c01416dc81f96c5
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-35639070-1&cid=1739622230.1664569668&jid=1821472502&gjid=1628843736&_gid=89653185.1664569669&_u=YADAAEAAQAAAAC~&z=2029623114 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.165.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://corp-sso.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 30 Sep 2022 20:27:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /pcs/view?xai=AKAOjstX3ErfAhinPpru_iAC9MX3qpZ1DAqMaKBK9ysgLBW2oFKGkHzG0tZWBtY0dA_zPDyE_SGneGSy4-NJ9EfSasq-9LpbgmqI4_Srnb434dmpce5KRNiLfofvcpMxnx7ajkkhdsHFsyiI&sig=Cg0ArKJSzNxI3cqvol5eEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20220928.13557&adurl= HTTP/1.1 
Host: googleads4.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.162
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
x-content-type-options: nosniff
date: Fri, 30 Sep 2022 20:27:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:42:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Sep 2022 20:27:52 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /pagead/viewthroughconversion/981481402/?random=1664569668665&cv=9&fst=1664569668665&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fcorp-sso.net%2F&tiba=Rackspace%20Technology%20%7C%20Multicloud%20Solutions%20Provider&auid=222414372.1664569668&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.226
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1036
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 20:42:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2252), with no line terminators
Size:   1036
Md5:    0a86e1dc4f8f52685794a6cb8d1a4710
Sha1:   bd44e8c8e7f78303b2b7ad05d2eed614fc275fa8
Sha256: a056a6d9ab248b692f1c11dc294ddffff618f7dbdd96cdb29d067a0e4c7fdb14
                                        
                                            GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1 
Host: www.googletagservices.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.130
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 44530
date: Fri, 30 Sep 2022 20:27:52 GMT
expires: Fri, 30 Sep 2022 20:27:52 GMT
cache-control: private, max-age=3000
etag: "1664365478704152"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3498)
Size:   44530
Md5:    edcdf3320c234b0155d06ea7eb3f5356
Sha1:   59ac0953e852dfcb01ae8477b7e56ae1668db2f9
Sha256: 4e5b88ef6f251dbd13697bb6284ec35b1a2ecfbe28d49a78b3cf8633bc277765
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   86354
Md5:    ce871b92f0c72656b7836aeb46cf2e7c
Sha1:   fb4aaf60ed890eefd2cc29116bdf7a8d430b4152
Sha256: 0e15590ae545ee4e24727688996f549bb684b36923e2a6c5ee9888f914ce990f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 20:27:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=6da19d6f-bec3-40c2-8edb-62340dd2d3b1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b2315db9-ebd1-44cd-abd1-66cf659a8d97&tw_document_href=https%3A%2F%2Fcorp-sso.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nut41&type=javascript&version=2.3.27 HTTP/1.1 
Host: analytics.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.244.42.195
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Fri, 30 Sep 2022 20:27:52 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_oZpgCxZRa20ESJr9RKgSrQ=="; Max-Age=63072000; Expires=Sun, 29 Sep 2024 20:27:52 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: eb98f9aa5574a7d5
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: 2b4fcc4370f1cc774295bfcf90953ca2dfe70a15f5480ad6c7b90f7d83c6b0ba
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            GET /pagead/1p-user-list/1032404458/?random=1664569668667&cv=9&fst=1664568000000&num=1&label=TWz4CLDW3wMQ6vuk7AM&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fcorp-sso.net%2F&tiba=Rackspace%20Technology%20%7C%20Multicloud%20Solutions%20Provider&async=1&fmt=3&is_vtc=1&random=3441893862&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7408%26time%3D1664569668569%26url%3Dhttps%253A%252F%252Fcorp-sso.net%252F%26liSync%3Dtrue HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://corp-sso.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7408&time=1664569668569&url=https%3A%2F%2Fcorp-sso.net%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None bcookie="v=2&11a4297a-2ac6-4a74-8fc2-627eb85f5d84"; Domain=.linkedin.com; Expires=Sat, 30-Sep-2023 20:27:52 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20220930202752668379b9-25dc-4ae5-8afb-91d66380823dAQHIPjCybWZAShicGEq74h4UF1tRgxen"; Domain=.www.linkedin.com; Expires=Sat, 30-Sep-2023 20:27:52 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2NjQ1Njk2NzI7MjswMjHruQ8kAUGWMnopSQpx0d5sd3s928q7Jt1Bj01Rm4cDDw==; Domain=.linkedin.com; Expires=Wed, 29 Mar 2023 20:27:52 GMT; Path=/; Secure; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2354:u=1:x=1:i=1664569672:t=1664656072:v=2:sig=AQGN0cARzNToWfUD1NpgznYfEyoxWxCb"; Expires=Sat, 01 Oct 2022 20:27:52 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXp6tQFMCwqXDn/WT9vsQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BC470735927B438D867DA02D31954F5A Ref B: OSL30EDGE0218 Ref C: 2022-09-30T20:27:52Z
date: Fri, 30 Sep 2022 20:27:51 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /pagead/1p-user-list/981481402/?random=1664569668665&cv=9&fst=1664568000000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9s0&sendb=1&frm=0&url=https%3A%2F%2Fcorp-sso.net%2F&tiba=Rackspace%20Technology%20%7C%20Multicloud%20Solutions%20Provider&async=1&fmt=3&is_vtc=1&random=44368075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-35639070-1&cid=1739622230.1664569668&jid=1821472502&_u=YADAAEAAQAAAAC~&z=732211747 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 20:27:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /tr/?id=188555558207202&ev=PageView&dl=https%3A%2F%2Fcorp-sso.net%2F&rl=&if=false&ts=1664569669181&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664569669180.20283222&it=1664569668770&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.221.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 30 Sep 2022 20:27:52 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 20:27:52 GMT
Last-Modified: Fri, 30 Sep 2022 19:33:07 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m0-jF3FXoM6tVDAICbZSfijVq_R6KJUVMPUy4kLJ-G7-e8ir3fNp-Q==
Age: 3285

                                        
                                            GET /collect?v=2&fmt=js&pid=7408&time=1664569668569&url=https%3A%2F%2Fcorp-sso.net%2F&liSync=true HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://corp-sso.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&5f9d58c7-abf7-4f05-81d2-694a3e8c754f"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 30-Sep-2023 20:27:52 GMT; SameSite=None lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2395:u=1:x=1:i=1664569672:t=1664656072:v=2:sig=AQHKWoUldgBkhywZHnJXn1G5BYqA_mhr"; Expires=Sat, 01 Oct 2022 20:27:52 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXp6tQJAvuNvPs65+tJug==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0819D176764245A09F35C60848963D54 Ref B: OSL30EDGE0218 Ref C: 2022-09-30T20:27:52Z
date: Fri, 30 Sep 2022 20:27:52 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /eus2/s/0.6.42/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.246.53
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
cache-control: public,max-age=86400
content-length: 23382
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d4495324d7d4"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0SFE3YwAAAACgFT7jH1LHSZMGfzx/yQkbU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 30 Sep 2022 20:27:52 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (54141)
Size:   23382
Md5:    f016daac053b80575e11e20b6644142b
Sha1:   bc23277b8eae567b77c3dfc3f03b91fb054feda7
Sha256: ee91529c076bf5e87a26b3c045e0b6e63326e6aa871dafea1c1509f73454123d
                                        
                                            GET /c.gif HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.234.93.27
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=90CCF456312B4CF092F734BE5B3CD9F4&RedC=c.clarity.ms&MXFR=0D7F1D7EFDA662552F940F51F9A66CB4
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=0D7F1D7EFDA662552F940F51F9A66CB4; domain=.clarity.ms; expires=Wed, 25-Oct-2023 20:27:52 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Fri, 30 Sep 2022 20:27:52 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=90CCF456312B4CF092F734BE5B3CD9F4&RedC=c.clarity.ms&MXFR=0D7F1D7EFDA662552F940F51F9A66CB4 HTTP/1.1 
Host: c.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://corp-sso.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=90CCF456312B4CF092F734BE5B3CD9F4&MUID=03A74AC9BE7764EE27D858E6BF20656F
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=03A74AC9BE7764EE27D858E6BF20656F; domain=c.bing.com; expires=Wed, 25-Oct-2023 20:27:52 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93E77461FB124F2A822DBBD29CA2F1CC Ref B: OSL30EDGE0319 Ref C: 2022-09-30T20:27:52Z
date: Fri, 30 Sep 2022 20:27:52 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=90CCF456312B4CF092F734BE5B3CD9F4&MUID=03A74AC9BE7764EE27D858E6BF20656F HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://corp-sso.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.234.93.27
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Fri, 30-Sep-2022 20:37:52 GMT; path=/; SameSite=None; Secure;
date: Fri, 30 Sep 2022 20:27:52 GMT
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    32023bb33cfb2a1990a4ef2d85b6ac16
Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1620
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://corp-sso.net
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 30 Sep 2022 20:27:52 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 295702
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://corp-sso.net
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Fri, 30 Sep 2022 20:27:52 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /lc?step=2&dp=/&ul=en&plid=86029862.36996077&sr=1280x1024&vp=1268x939&ga=1&db=0&chat=0&taModal=0 HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: image/gif
                                        
server: awselb/2.0
content-length: 7
access-control-allow-origin: www.rackspace.com
date: Fri, 30 Sep 2022 20:27:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a,\012- data
Size:   7
Md5:    1f2d8b41aba487921856cacd6c0d52e8
Sha1:   6b0bd0238861923bd2e9ee98ff1f8412521d7c9c
Sha256: f82624464e9e95dfae29e0e54c360aff84dda3c419fc8c3bd10ef668bbe7df9e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d906d66-cd90-4963-827e-8d0564c0f787.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5106
x-amzn-requestid: a906507c-8820-489c-9978-7d0fd026c862
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPd5PE0MIAMF3DA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6336103a-49eb3879088f17bc01d177c7;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: op_2CSOAx9-hqXvj1nOyitq0UXqIyItmquWjMkmMdKWnwoTIA_SA6A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:45:26 GMT
age: 81752
etag: "3481dce8ab711111fc8863d88bee1a887cfd43ac"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5106
Md5:    13a12db696bc2bf6a6ea2f48f4c1428e
Sha1:   3481dce8ab711111fc8863d88bee1a887cfd43ac
Sha256: 6dae6c9e5de4146e1f528a36a1795225c9731385f13927fc001fb3f9842fe8f1
                                        
                                            GET /c/hotjar-1945764.js?sv=7 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.8
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Fri, 30 Sep 2022 20:27:42 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/9e3127b687de9d87814a0d530debe53d
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ajmtL3-uAEvfS3CjITR9wlAL66V_buAb885tgmLyeMDsHN8WKT7w1g==
age: 9
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /scripttemplates/6.34.0/assets/otCommonStyles.css HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.16.149.64
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 30 Sep 2022 20:27:51 GMT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
last-modified: Tue, 17 May 2022 16:31:39 GMT
x-ms-request-id: da3480cc-a01e-00f1-014e-d30975000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 752fb39e2c50b52d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/thought-leadership?_format=json&version=1664539515 HTTP/1.1 
Host: www.rackspace.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         92.122.65.139
HTTP/2 200 OK
content-type: application/json
                                        
server: Apache
cache-control: max-age=31536000, public
x-ua-compatible: IE=edge
content-language: en
x-content-type-options: nosniff
permissions-policy: interest-cohort=()
expires: Sun, 19 Nov 1978 05:00:00 GMT
content-security-policy: frame-ancestors *; report-uri https://www.rackspace.com/report-uri/enforce
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 30 Sep 2022 19:18:25 GMT
etag: "1664565505"
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /tag/uet/5563149 HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://corp-sso.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.246.53
HTTP/2 200 OK
content-type: application/x-javascript
                                        
cache-control: no-cache, no-store
expires: -1
set-cookie: CLID=2da743831bf04ee8808df4b0923a162d.20220930.20230930; expires=Sat, 30 Sep 2023 20:27:52 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
x-cache: CONFIG_NOCACHE
x-azure-ref: 0SFE3YwAAAACNzwZqOzD/TpoubxlF8v9aU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Fri, 30 Sep 2022 20:27:51 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /api/v2/client/sites/1945764/visit-data?sv=7 HTTP/1.1 
Host: in.hotjar.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 129
Origin: https://corp-sso.net
Connection: keep-alive
Referer: https://corp-sso.net/