Overview

URL privacymanager.io
IP54.230.111.86
ASNAMAZON-02
Location United States
Report completed2022-09-25 15:21:18 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (54)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-25 04:54:16 UTC 142.250.74.3
mnemonic passive DNS js.driftt.com (30) 5753 2018-06-14 15:30:16 UTC 2022-09-25 11:58:16 UTC 54.230.111.20
mnemonic passive DNS www.clarity.ms (2) 1404 2018-08-22 07:41:57 UTC 2022-09-25 05:11:13 UTC 13.107.219.53
mnemonic passive DNS presence.api.drift.com (1) 5901 2019-04-22 17:02:08 UTC 2022-09-25 12:18:06 UTC 54.173.95.250
mnemonic passive DNS geo.privacymanager.io (2) 1624 2020-06-25 10:23:26 UTC 2022-09-25 10:03:35 UTC 143.204.55.6
mnemonic passive DNS cdn.bizibly.com (1) 10686 2017-01-30 06:15:59 UTC 2022-09-25 10:04:05 UTC 152.195.15.58
mnemonic passive DNS pixel.mathtag.com (2) 1199 2013-01-18 22:11:55 UTC 2022-09-25 05:56:54 UTC 23.38.200.207
mnemonic passive DNS assets-tracking.crazyegg.com (1) 3651 2021-10-27 14:05:49 UTC 2022-09-25 12:47:02 UTC 54.230.111.63
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-25 05:02:41 UTC 23.36.77.32
mnemonic passive DNS px.ads.linkedin.com (2) 522 2017-08-08 16:28:50 UTC 2022-09-25 04:56:27 UTC 13.107.42.14
mnemonic passive DNS analytics.twitter.com (1) 526 2013-04-10 19:53:18 UTC 2022-09-25 05:11:22 UTC 104.244.42.3
mnemonic passive DNS 320-chp-056.mktoresp.com (1) 0 2018-10-01 12:32:10 UTC 2020-02-17 12:24:28 UTC 192.28.147.68 Domain (mktoresp.com) ranked at: 2732
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-25 05:42:52 UTC 143.204.55.35
mnemonic passive DNS c.clarity.ms (2) 803 2021-02-03 23:22:47 UTC 2022-09-25 05:11:13 UTC 20.234.93.27
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-25 11:34:24 UTC 143.204.55.27
mnemonic passive DNS liveramp.com (39) 37594 2016-01-14 21:53:56 UTC 2022-09-25 08:56:03 UTC 35.239.68.42
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-25 07:10:11 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS munchkin.marketo.net (1) 3550 2012-12-17 00:39:54 UTC 2022-09-25 07:45:40 UTC 88.221.99.189
mnemonic passive DNS c.bing.com (1) 247 2012-05-22 10:26:32 UTC 2022-09-25 04:56:27 UTC 13.107.21.200
mnemonic passive DNS b.clarity.ms (3) 3462 2021-07-27 12:49:08 UTC 2022-09-25 08:30:16 UTC 20.75.32.255
mnemonic passive DNS privacymanager.io (1) 1545 2020-07-22 07:25:44 UTC 2022-09-25 08:04:41 UTC 54.230.111.125
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-25 05:07:25 UTC 52.38.146.2
mnemonic passive DNS t.co (1) 569 2012-07-25 19:09:44 UTC 2022-09-25 05:11:22 UTC 104.244.42.197
mnemonic passive DNS rtp-static.marketo.com (3) 17322 2015-02-20 11:08:50 UTC 2022-09-25 07:45:51 UTC 104.85.188.19
mnemonic passive DNS ocsp.sca1b.amazontrust.com (8) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
mnemonic passive DNS api.rlcdn.com (1) 791 2018-09-26 05:12:06 UTC 2022-09-25 06:26:29 UTC 34.120.133.55
mnemonic passive DNS tracking.crazyegg.com (3) 3633 2020-03-10 07:15:05 UTC 2022-09-25 06:54:55 UTC 108.128.203.219
mnemonic passive DNS gdpr.privacymanager.io (1) 14930 2020-08-13 04:24:45 UTC 2022-09-25 09:31:29 UTC 54.230.111.4
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-25 04:51:16 UTC 34.117.237.239
mnemonic passive DNS ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-09-25 07:35:26 UTC 104.18.32.68
mnemonic passive DNS www.linkedin.com (1) 608 2014-04-09 13:16:08 UTC 2022-09-25 05:06:32 UTC 13.107.42.14
mnemonic passive DNS driftt.imgix.net (1) 14024 2017-01-30 10:46:28 UTC 2022-09-25 06:32:57 UTC 151.101.86.208
mnemonic passive DNS ccpa-wrapper.privacymanager.io (1) 53144 2020-04-16 10:10:29 UTC 2022-09-25 14:26:15 UTC 143.204.55.21
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-25 07:10:10 UTC 142.250.74.3
mnemonic passive DNS gdpr-web-dau-prod.privacymanager.io (2) 22129 2020-06-25 10:23:26 UTC 2022-09-25 08:55:48 UTC 54.230.111.68
mnemonic passive DNS sjrtp6.marketo.com (3) 103381 2015-05-27 16:49:51 UTC 2022-09-22 18:49:50 UTC 192.28.146.116
mnemonic passive DNS event.api.drift.com (3) 7238 2016-08-04 07:30:07 UTC 2022-09-25 08:23:54 UTC 34.193.113.164
mnemonic passive DNS bat.bing.com (5) 387 2014-04-08 09:23:16 UTC 2022-09-25 05:03:52 UTC 13.107.21.200
mnemonic passive DNS scout-cdn.salesloft.com (1) 11637 2017-08-09 14:20:55 UTC 2022-09-25 12:27:35 UTC 104.18.223.90
mnemonic passive DNS gdpr-wrapper.privacymanager.io (1) 13767 2020-05-19 09:29:43 UTC 2022-09-25 12:46:58 UTC 143.204.55.38
mnemonic passive DNS flow.api.drift.com (2) 12085 2020-09-10 12:29:30 UTC 2022-09-25 06:32:57 UTC 34.193.113.164
mnemonic passive DNS ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-09-25 08:02:21 UTC 93.184.220.29
mnemonic passive DNS www.bugherd.com (1) 17668 2017-01-30 06:00:54 UTC 2022-09-25 07:24:40 UTC 18.205.222.128
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-25 04:26:31 UTC 34.120.237.76
mnemonic passive DNS scout.salesloft.com (2) 12709 2018-10-03 15:01:38 UTC 2022-09-25 12:27:35 UTC 34.232.159.108
mnemonic passive DNS metrics.api.drift.com (4) 6235 2018-08-07 15:52:06 UTC 2022-09-25 08:47:26 UTC 34.193.113.164
mnemonic passive DNS bootstrap.api.drift.com (2) 6517 2020-08-26 10:26:04 UTC 2022-09-25 12:18:05 UTC 50.16.7.188
mnemonic passive DNS script.crazyegg.com (5) 1992 2015-01-07 19:40:26 UTC 2022-09-25 06:54:55 UTC 104.19.147.8
mnemonic passive DNS dau-prod.launch.liveramp.com (2) 68463 2020-01-24 11:09:08 UTC 2022-09-25 08:55:48 UTC 54.230.111.27
mnemonic passive DNS static.ads-twitter.com (1) 614 2017-01-30 05:00:15 UTC 2022-09-25 05:11:21 UTC 151.101.84.157
mnemonic passive DNS targeting.api.drift.com (4) 6312 2019-05-13 05:35:39 UTC 2022-09-25 06:32:57 UTC 34.193.113.164
mnemonic passive DNS cdn.bizible.com (3) 9090 2013-05-30 09:01:09 UTC 2022-09-25 13:02:00 UTC 152.195.15.58
mnemonic passive DNS pagestates-tracking.crazyegg.com (1) 3647 2020-10-26 19:42:04 UTC 2022-09-25 06:54:55 UTC 54.230.111.46
mnemonic passive DNS ccpa.privacymanager.io (1) 59668 2021-08-31 11:18:27 UTC 2022-09-25 14:26:19 UTC 54.230.111.77


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 54.230.111.86

Date UQ / IDS / BL URL IP
2022-11-14 13:57:17 +0000
0 - 0 - 1 ae.notifymenow.click/index_v2.html 54.230.111.86
2022-11-09 23:13:55 +0000
0 - 0 - 1 ae.notifymenow.click/index_v2.html 54.230.111.86
2022-11-09 17:56:49 +0000
0 - 0 - 1 farmersfridge.com/business 54.230.111.86
2022-11-02 13:11:53 +0000
2 - 0 - 1 ae.notifymenow.click/index_v2.html 54.230.111.86
2022-10-15 16:57:16 +0000
2 - 0 - 1 ae.notifymenow.click/index_v2.html 54.230.111.86

Last 5 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-11-26 22:16:22 +0000
0 - 0 - 2 43.204.191.237/ 43.204.191.237
2022-11-26 22:16:16 +0000
0 - 0 - 2 43.205.226.171/ 43.205.226.171
2022-11-26 22:16:11 +0000
0 - 0 - 2 34.247.129.43/ 34.247.129.43
2022-11-26 22:16:05 +0000
0 - 0 - 2 3.126.157.137/ 3.126.157.137
2022-11-26 22:16:03 +0000
0 - 0 - 2 3.111.122.102/ 3.111.122.102

Last 1 reports on domain: privacymanager.io

Date UQ / IDS / BL URL IP
2022-09-25 15:21:18 +0000
0 - 0 - 0 privacymanager.io 54.230.111.86

No other reports with similar screenshot



JavaScript

Executed Scripts (102)


Executed Evals (1)

#1 JavaScript::Eval (size: 875, repeated: 1) - SHA256: 23ee141fb00172b628671a5cb2a7ff37a6b1a1005a8f671de2361bda6bf45048

                                        (function() {
    return function(f) {
        var g = [{
                name: "EMAIL",
                regex: /[^\/]{4}@(?!liveramp\.com)[^\/]{4}/gi,
                group: ""
            }, {
                name: "SELF-EMAIL",
                regex: /[^\/]{4}@(?=liveramp\.com)[^\/]{4}/gi,
                group: ""
            }, {
                name: "TEL",
                regex: /((tel=)|(telephone=)|(phone=)|(mobile=)|(mob=))[\d\+\s][^&\/\?]+/gi,
                group: ""
            }, {
                name: "NAME",
                regex: /((firstname=)|(lastname=)|(surname=))[^&\/\?]+/gi,
                group: ""
            }, {
                name: "PASSWORD",
                regex: /((password=)|(passwd=)|(pass=))[^&\/\?]+/gi,
                group: ""
            }, {
                name: "ZIP",
                regex: /((postcode=)|(zipcode=)|(zip=))[^&\/\?]+/gi,
                group: ""
            }],
            h = f.get("sendHitTask"),
            a, b, c, d;
        f.set("sendHitTask", function(e) {
            b = e.get("hitPayload").split("\x26");
            for (a = 0; a < b.length; a++) c = b[a].split("\x3d"), d = decodeURIComponent(decodeURIComponent(c[1])), g.forEach(function(a) {
                d = d.replace(a.regex, a.group + "[REDACTED " + a.name + "]")
            }), c[1] = encodeURIComponent(d), b[a] = c.join("\x3d");
            e.set("hitPayload", b.join("\x26"), !0);
            h(e)
        })
    }
})();
                                    

Executed Writes (0)



HTTP Transactions (186)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: privacymanager.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         54.230.111.125
HTTP/1.1 301 Moved Permanently
                                        
Content-Length: 0
Connection: keep-alive
Date: Sat, 24 Sep 2022 20:56:45 GMT
Location: http://liveramp.com/
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ROKWY_3eNgLQJub0uS1Rxyb2XGXlUNNAhilvqP04Azl_j7flGCl9dQ==
Age: 66262

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6946
Expires: Sun, 25 Sep 2022 17:16:53 GMT
Date: Sun, 25 Sep 2022 15:21:07 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 15:15:01 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vhCJ8sn85JzDWHzdFRxqYvZv0k8rzakUy_PRnm4BVGEHln5o2ZPC5w==
Age: 366


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NXUoW3DQXybol-lYDH_cFIy1Ws5keqGd68p04el3-IrXIyl6Y2BUiw==
age: 38753
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:07 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         35.239.68.42
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Sun, 25 Sep 2022 15:21:07 GMT
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://liveramp.com/
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 15:04:17 GMT
Expires: Sun, 25 Sep 2022 15:16:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bIVkPxDK232HtFkVG4LP1p5c08mIDeM-EjQQsCcuPo031rz9LX5YVQ==
Age: 1010


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5061
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:07 GMT
Last-Modified: Sun, 25 Sep 2022 13:56:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N7pItDolkKDjxht/gW8eyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.38.146.2
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PCuNCv5KYxf/0cxfRViKlLV6FXM=

                                        
                                            GET /wp-content/plugins/tablepress/css/default.min.css?ver=1.14 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Wed, 16 Feb 2022 01:27:04 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"620c52e8-13e4"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5092), with no line terminators
Size:   2631
Md5:    595eb9a105d4408cd6a31d9a7b7f5eef
Sha1:   89ac649efe469230a5e6f5cf07b83df334e49dc9
Sha256: 5feee90e89fe28fb5d6bf8684bb1aeab8ce95ccdaf86e3a1776678a2a4e6e8be
                                        
                                            GET /wp-content/uploads/2021/11/flag-australia.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 3009
last-modified: Wed, 16 Feb 2022 19:45:28 GMT
etag: "620d5458-bc1"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x75, components 3\012- data
Size:   3009
Md5:    5394356a190f124b4d6a4f7798bf7f7f
Sha1:   c1277a5640dde0535a88e764842809587cd73481
Sha256: 76a399c79df605e2e927a0d1b70b088347c7c5342fc78d56d4223bd6b2282313
                                        
                                            GET /wp-content/uploads/2021/11/flag-china.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 1061
last-modified: Wed, 16 Feb 2022 19:45:28 GMT
etag: "620d5458-425"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x75, components 3\012- data
Size:   1061
Md5:    39f9531ca5d466bde01571f714fb8713
Sha1:   e1fc8621ec6577ef7e9681c221c359d8fa3a1ea5
Sha256: b62d8a15034a07ce1561bd99beb12b00f1d55056fe9a646dda28bc4d6f9605f8
                                        
                                            GET /wp-content/uploads/2021/11/flag-germany.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 918
last-modified: Wed, 16 Feb 2022 19:45:28 GMT
etag: "620d5458-396"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x75, components 3\012- data
Size:   918
Md5:    4404143653077d3cc7c145442d4e03d8
Sha1:   58c8fc100838e04111fe1e9448b99f80d53ab996
Sha256: d1a409617254a7ad0bba483cfc8e5f07dbcea9d47b0b91198cab0c7cdf1e337a
                                        
                                            GET /wp-content/uploads/2021/11/flag-spain.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 1882
last-modified: Wed, 16 Feb 2022 19:45:26 GMT
etag: "620d5456-75a"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x75, components 3\012- data
Size:   1882
Md5:    d23741edc907000d9d206ecd1c23f8ae
Sha1:   7b36952a3be4f1382fc22741c6f2a368a67279e7
Sha256: bf6ba79ba09b1be4bcbc07e7658c039a3a7ec46000e4637b5ad9b44322f83bce
                                        
                                            GET /wp-content/uploads/2021/11/flag-france.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 885
last-modified: Wed, 16 Feb 2022 19:45:26 GMT
etag: "620d5456-375"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 100x75, components 3\012- data
Size:   885
Md5:    2ec31ddc5851e6292fadd42bd49e102b
Sha1:   88b01441204f98b6ae2caf7c3c514dc09f927320
Sha256: 614c010cf084fa6200c96b9cab8366177288f8c06c4338d112a310010ae599f9
                                        
                                            GET /wp-content/uploads/2021/11/flag-italy.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 1001
last-modified: Wed, 16 Feb 2022 19:45:26 GMT
etag: "620d5456-3e9"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x75, components 3\012- data
Size:   1001
Md5:    521a86e536407a67bfbe494cc55f4274
Sha1:   27f82e3a86c2d0a5137712520edbcfac48ef1251
Sha256: 80f73b0f74feeb4761a53bc68669f94a13938dd179dc874016ad829608c572d6
                                        
                                            GET /wp-content/uploads/2021/11/flag-japan.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 1266
last-modified: Wed, 16 Feb 2022 19:45:23 GMT
etag: "620d5453-4f2"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x75, components 3\012- data
Size:   1266
Md5:    48dfd6e7ed3591ceab0e9419f55b8349
Sha1:   fd15cf35b4078b7ed929ebefb3387ca06058d94f
Sha256: 2cdaa6a6bfc45c7308125fa5b5f2d2a8661f9325a70e82cc9e25d67eda7bc3d5
                                        
                                            GET /wp-content/uploads/2021/11/flag-united-kingdom.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 2164
last-modified: Wed, 16 Feb 2022 19:45:23 GMT
etag: "620d5453-874"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x75, components 3\012- data
Size:   2164
Md5:    cb83ddf17570b14e11ade9cfbbeb95d1
Sha1:   fcda49824bbee9a12a65fd97765e01e77f692389
Sha256: cade871536f9d93553acb25da15967688387c68c409cd1ab1643e9c7a0a840fe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sidebarv2.js?apikey=eflcre7dc7a6ny015hd1nw HTTP/1.1 
Host: www.bugherd.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         18.205.222.128
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: Cowboy
Connection: close
Date: Sun, 25 Sep 2022 15:21:08 GMT
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Vary: Accept-Encoding
Content-Encoding: gzip
Etag: W/"4e639d94325f20ecdd27c80557451208"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: b011cccb-bb01-42aa-b376-d8d024b47967
X-Runtime: 0.010840
Strict-Transport-Security: max-age=0; includeSubDomains
Via: 1.1 vegur


--- Additional Info ---
Magic:  data
Size:   86442
Md5:    601e541f8c836231155d2334d428050f
Sha1:   40bafda371473ab6c1c2481964a07554004ecbae
Sha256: fd74587db6c5346c342202fe7c7137f2bc83d7ee190c8d6730593e1d76549b97
                                        
                                            GET /wp-content/uploads/2022/02/220131_MO_LiveRamp_0205_Couch_Quintin_01547.jpg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 295988
last-modified: Thu, 17 Feb 2022 04:44:27 GMT
etag: "620dd2ab-48434"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=4584, bps=218, compression=none, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D850, orientation=upper-left, width=6880], baseline, precision 8, 2100x1384, components 3\012- data
Size:   295988
Md5:    d9f783c0a911899f539b8689bf34f6a6
Sha1:   e39813014f523f9906b2cca71878aa347fd4870f
Sha256: 9483842f84c2b71f2791d52f2575ca46e6b8fd3a57cd9f3ca39f28f941e0456a
                                        
                                            GET /wp-content/themes/liveramp/assets/fonts/LiveRampSans-Regular.woff2 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://liveramp.com/wp-content/themes/liveramp/assets/css/app.css?ver=c2ea4a4bdb
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 55976
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
etag: "620c552b-daa8"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 55976, version 10.0\012- data
Size:   55976
Md5:    b5af9eaf3a2320819597709c0e2232b4
Sha1:   1c2ccce9caa8797ff1c675db52bf078c49efeea4
Sha256: c3f92c23c329164d71e736fea267729d4945250d94d5d4871c645f5be5ec9b54
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/liveramp/assets/fonts/LiveRampSans-Bold.woff2 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://liveramp.com/wp-content/themes/liveramp/assets/css/app.css?ver=c2ea4a4bdb
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 56236
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
etag: "620c552b-dbac"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 56236, version 10.0\012- data
Size:   56236
Md5:    450867121770c07ca320945df3902123
Sha1:   73dff2ced05fd60af55dde6c2f7c141eaac253f7
Sha256: 4fd68b36cc3a9c3e3bacbcc38689e8adb7fd92dbdbdbb17138042081a3ce2601
                                        
                                            GET /wp-content/themes/liveramp/assets/fonts/LiveRampSans-Medium.woff2 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://liveramp.com/wp-content/themes/liveramp/assets/css/app.css?ver=c2ea4a4bdb
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 56344
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
etag: "620c552b-dc18"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 56344, version 10.0\012- data
Size:   56344
Md5:    f96ffeae210263df2d88bcdc790c7980
Sha1:   e1e4189433a61824f5ea8eed6cba8ec56222a973
Sha256: fb67a1b44f86abd0171a4ff1878b14fca6c90bf499ab683e5f01d202e4ebb79c
                                        
                                            GET /wp-content/themes/liveramp/assets/img/social_media/facebook.svg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/wp-content/themes/liveramp/assets/css/app.css?ver=c2ea4a4bdb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"620c552b-224"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (444)
Size:   340
Md5:    0d146712f843ef45aa513e3468604a29
Sha1:   8b560c754edaf11910aee2ec30372a25b8ab19a4
Sha256: ee3a806aee7e786d72026a31db394ad16714ac00914a08fb1f4ee7b7bed996c0
                                        
                                            OPTIONS / HTTP/1.1 
Host: geo.privacymanager.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://liveramp.com/
Origin: https://liveramp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.6
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 0
date: Sun, 25 Sep 2022 15:21:08 GMT
x-amzn-requestid: 94e37ad1-82ef-407b-a1e8-ea309b794823
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: ZBa7xErODoEF3GA=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront), 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1, OSL50-C1
x-amz-cf-id: qNQAiZBHwwqcjhRtyL-2U2RKk5VxLBHg4vXMSdjVQ92zvpmv01zB3g==
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: geo.privacymanager.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Content-Type: application/json
Origin: https://liveramp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         143.204.55.6
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 30
date: Sun, 25 Sep 2022 01:22:42 GMT
x-amzn-requestid: f935cfac-dc85-47e1-a11e-54e65bfb3e12
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: Y_gHaEYPDoEFU4Q=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-trace-id: Root=1-632fad62-338d4bf371bffcf26a022eca;Sampled=0
via: 1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront), 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, OSL50-C1
x-amz-cf-id: UXPSjh-8HL2W5VQg1Y6_6Scv4tv4TXWU4vrWFBwh8V699cc6sjcWJw==
age: 50306
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   30
Md5:    c33fb7727ce1f2c66f8d6c6cedbb12b1
Sha1:   7273ce7651fd12a64db27321ad456dfc054d4d19
Sha256: 21b196f5566f8ec52ccd845bab462d53d96c014ed7a45e45f8a0d5551b8afdf7
                                        
                                            GET /wp-content/uploads/2022/02/Icon-Product-Distribution-B.svg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/wp-content/themes/liveramp/assets/css/modules/value-props.css?ver=3a5737266e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Mon, 21 Feb 2022 19:07:00 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6213e2d4-41a"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1050), with no line terminators
Size:   400
Md5:    d230191f947d6fa8f1bf37ca14bcec1a
Sha1:   05d77d0ae6e89af1adeb34562683068664926b4e
Sha256: 8f2951e1caf80b6d679bb4ba983c3f8970bb09593e3c6bc3c56c598822b570f8
                                        
                                            GET /wp-content/themes/liveramp/assets/img/social_media/twitter.svg HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/wp-content/themes/liveramp/assets/css/app.css?ver=c2ea4a4bdb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"620c552b-571"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1289)
Size:   10580
Md5:    242d9e61c9591040055467e22c4a2ce0
Sha1:   424b27c086458d3dc448e3b4fec2b0a238b74840
Sha256: efb1b89d868fa8ffb03164e819bb06825f349a82adc38632daa86ea0b04ac34f
                                        
                                            GET /scripts/bizible.js HTTP/1.1 
Host: cdn.bizible.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         152.195.15.58
HTTP/2 200 OK
content-type: application/x-javascript
                                        
content-encoding: gzip
accept-ranges: bytes
age: 65115
cache-control: max-age=86400
date: Sun, 25 Sep 2022 15:21:08 GMT
etag: "968a98dbeced81:0"
last-modified: Thu, 22 Sep 2022 20:04:42 GMT
server: ECS (ska/F711)
vary: Accept-Encoding
x-cache: HIT
content-length: 32316
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (576)
Size:   32316
Md5:    a3fa512f35c5dedebdd33edb97d1e2b6
Sha1:   a2061cb4cfe56365a9ecd30c63fac3ab59cd222c
Sha256: b2ab3796710809febe44ae38fa94f9ae2ba97275be1d8389f3ee517df291b741
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:08 GMT
Last-Modified: Sun, 25 Sep 2022 13:38:00 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2X_uCcwcRKGVDt3UIyK49Bw8sfEyOIEiVa3_-eBF7Enn1x2svz-FLQ==
Age: 6189

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:08 GMT
Last-Modified: Sun, 25 Sep 2022 13:48:15 GMT
Server: ECS (nyb/1D2F)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RqonWJgyaLYIHMnUiu1ekhJer8O6Ual5bE0pHyNFVSTmfKOZYZl51w==
Age: 5573

                                        
                                            GET /m/ipv?_biz_r=&_biz_h=-1777624096&_biz_u=5629ddcc278b45738b6f3fd3a8d89bcf&_biz_s=317d7e&_biz_l=https%3A%2F%2Fliveramp.com%2F&_biz_t=1664119267478&_biz_i=LiveRamp%20%7C%20Data%20Enablement%20Platform&_biz_n=0&rnd=596121&cdn_o=a&_biz_z=1664119267480 HTTP/1.1 
Host: cdn.bizible.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         152.195.15.58
HTTP/2 200 OK
content-type: Image/GIF
                                        
accept-ranges: bytes
age: 74390
cache-control: no-cache, no-store
date: Sun, 25 Sep 2022 15:21:08 GMT
expires: -1
last-modified: Sat, 24 Sep 2022 18:41:18 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: ECS (ska/F706)
set-cookie: _BUID=5629ddcc278b45738b6f3fd3a8d89bcf; domain=.bizible.com; path=/; max-age=31536000; SameSite=None; Secure
x-cache: HIT
content-length: 43
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    6d22e4f2d2057c6e8d6fab098e76e80f
Sha1:   b80b11203d97fe01c5597ca3be70406ea48f5709
Sha256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
                                        
                                            GET /u?_biz_u=5629ddcc278b45738b6f3fd3a8d89bcf&_biz_s=317d7e&_biz_l=https%3A%2F%2Fliveramp.com%2F&_biz_t=1664119267486&_biz_i=LiveRamp%20%7C%20Data%20Enablement%20Platform&rnd=217688&cdn_o=a&_biz_z=1664119267486 HTTP/1.1 
Host: cdn.bizibly.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         152.195.15.58
HTTP/2 200 OK
content-type: Image/GIF
                                        
accept-ranges: bytes
age: 49600
cache-control: no-cache, no-store
date: Sun, 25 Sep 2022 15:21:08 GMT
expires: -1
last-modified: Sun, 25 Sep 2022 01:34:29 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: ECS (ska/F70E)
set-cookie: _BUID=3fff610b557210ff41d9e68a0a64b439; domain=.bizibly.com; path=/; max-age=31536000; SameSite=None; Secure
x-cache: HIT
content-length: 43
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    6d22e4f2d2057c6e8d6fab098e76e80f
Sha1:   b80b11203d97fe01c5597ca3be70406ea48f5709
Sha256: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
                                        
                                            GET /event/js?mt_id=1529995&mt_adid=243436&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP/1.1 
Host: pixel.mathtag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.207
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Content-Length: 1493
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master iad-pixel-x13 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 25 Sep 2022 15:21:07 GMT
Date: Sun, 25 Sep 2022 15:21:09 GMT
Connection: keep-alive
Set-Cookie: uuid=6f686330-71e5-4b00-8a7f-7ea9311bbe41; domain=.mathtag.com; path=/; expires=Mon, 23-Oct-2023 15:21:09 GMT; SameSite=None; Secure


--- Additional Info ---
Magic:  ASCII text
Size:   1493
Md5:    50d91440af1a74dfd2edab2dd4ca28a3
Sha1:   d352698571deed9254c8a27f0ad5058d54156eaa
Sha256: 42844725131ef56a63f5365c3a22dd0bebf7e45085987d324b12f1fd354054cb
                                        
                                            GET /wp-content/themes/liveramp/assets/img/favicon/favicon-16x16.png HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Cookie: gdpr-auditId=7bde576524094929a5dc360c5f24edbf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
content-length: 366
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
etag: "620c552b-16e"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   366
Md5:    06a819686c40d3ab7e5b8708eba57350
Sha1:   783ad607787c240ac755d1d06d7301169fe857c2
Sha256: ed562f1840f431a6d99c60ff5608133ec5fb40a2c87b931461e2e6d2b4292dc9
                                        
                                            OPTIONS /kinesis/streams/tcf-web-daily-active-users-prod/records HTTP/1.1 
Host: gdpr-web-dau-prod.privacymanager.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://liveramp.com/
Origin: https://liveramp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.68
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 0
date: Sun, 25 Sep 2022 15:21:09 GMT
x-amzn-requestid: 54d05082-02be-4826-aba7-cdf75c799803
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: ZBa70F9AjoEFlSg=
access-control-allow-methods: GET,OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y62N9Ujh-yA7avDUP4O4hDutq37-8isIM35MaryPAxEyImeVBa-JYQ==
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4496
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 15:21:09 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4496
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 15:21:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6307cf78-7c68-41f1-9dfd-ba063eeb3f4b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5172
x-amzn-requestid: d366d3e0-71d7-404c-a93b-3267852824ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_T5F5PoAMFqWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f78e5-52362b5f0dc1ee8951eebc07;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ean91lOEJLzLQFKy3gBuqD_G-BVw3SMuED20W6ixdkKYvVcMatdGJA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:23 GMT
age: 63706
etag: "a881666627e1077859ed1941cee576caf600d798"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5172
Md5:    d7bd3afd3069904500c28e9bb16587e8
Sha1:   a881666627e1077859ed1941cee576caf600d798
Sha256: 78a7b0a2127c583aba569abace503cff376cde67d5faa9a346c1494d91e8f3cf
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4496
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 15:21:09 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F860e3a33-2946-4ad5-9687-6cc6953b920d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5179
x-amzn-requestid: 57451c31-0b96-4aa5-ae63-54f949ab3d68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQlGrRIAMFklA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2736-0bd483e47d880a837c7316ce;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEBChdfqreTTNtWpSQfl4Eqsjj--P1EoJsFESumBcVJHdFNGSpN7gQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:49:17 GMT
age: 63112
etag: "a7a6043178f05f547a08808ea8b34a6703154b42"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5179
Md5:    b4a034f8a3f2e69e852a69075d20b0e3
Sha1:   a7a6043178f05f547a08808ea8b34a6703154b42
Sha256: 8f1a045214d7049cb9f9a1ab2c55b6753907741b7cbfcb2e02f916f95a56ddcc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f6ca22e-ec7b-41a4-aef7-7cf4a871bbdb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12087
x-amzn-requestid: 2779f1ce-50e8-4bdc-b8c2-6f87976a9daf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4WAYErZoAMFYrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd068-1f1831806dffda454e532ac8;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:15:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wsZ5UX2rbxGMECRjV6NR4fTFrfj-jK94RDMZn0_SKU-DDYKHl8JgMw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 08:14:56 GMT
age: 25573
etag: "96185aa90e560a4bd9462cef2e280561ee557413"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12087
Md5:    0b722574c0e6f63a78a19eff0f100ae4
Sha1:   96185aa90e560a4bd9462cef2e280561ee557413
Sha256: c5b1012f1fca39d949f4b70e69b94bc6e03521d93ab8c38bb30d2c9c43bac633
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LryqVGSkKbiNOwcqXMULY9FXbOuZBBenjgGPDME3NZLZOdp5divXmw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:29 GMT
age: 62320
etag: "358e74de395352a9529ff1c17856daf8900888c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6199
Md5:    714af732a9aa1db2b13ffb62810fd532
Sha1:   358e74de395352a9529ff1c17856daf8900888c5
Sha256: 1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:19 GMT
age: 63830
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size:   12826
Md5:    b3a72e81317074689a71dac7059e4b6a
Sha1:   b6d56333d7f1ea7ddc8838d84de498ff913c5464
Sha256: e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
                                        
                                            GET /sync/iframe?mt_uuid=6f686330-71e5-4b00-8a7f-7ea9311bbe41&no_iframe=1&mt_adid=243436&source=mathtag HTTP/1.1 
Host: pixel.mathtag.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         23.38.200.207
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Length: 713
Access-Control-Allow-Origin: *
Server: MT3 4505 5b23575 master iad-pixel-x31 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 25 Sep 2022 15:21:08 GMT
Date: Sun, 25 Sep 2022 15:21:09 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text
Size:   713
Md5:    f853f2ecf3f2d763c4057f4ff5c3e4e8
Sha1:   0f9ca6de16aa4261f1202443311462a81717dd85
Sha256: 8040be8c28a19b0f78481f2da17e7220e75adde27eb9713ff626652a066f92da
                                        
                                            POST /kinesis/streams/tcf-web-daily-active-users-prod/records HTTP/1.1 
Host: gdpr-web-dau-prod.privacymanager.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Content-Type: application/json
Origin: https://liveramp.com
Content-Length: 514
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.68
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 110
date: Sun, 25 Sep 2022 15:21:09 GMT
x-amzn-requestid: c1324964-770e-4b02-9e25-69dacdf199d1
access-control-allow-origin: *
x-amz-apigw-id: ZBa71Ex4DoEFT6Q=
x-amzn-trace-id: Root=1-633071e5-60d300ad285f3e461841ce86
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dVtTlbctgHdL377h-_miyiXpe1zcN58evBqoSjAP0Q7ptqE5ebnSTg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   110
Md5:    5657b57d3c44a6e7824afa84c8e3b6df
Sha1:   3a2716613eeee6c8e770866425a1bc549a36b9b6
Sha256: 582eef242d25cc92fc8861fe5ff7ecedbe6c9a2739ca1904f29fe3421e546981
                                        
                                            GET /xdc.js?_biz_u=5629ddcc278b45738b6f3fd3a8d89bcf&_biz_h=-1777624096&cdn_o=a&jsVer=4.22.08.11 HTTP/1.1 
Host: cdn.bizible.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Cookie: _BUID=5629ddcc278b45738b6f3fd3a8d89bcf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         152.195.15.58
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
content-encoding: gzip
cache-control: private, must-revalidate, max-age=21600
date: Sun, 25 Sep 2022 15:21:08 GMT
etag: CD1EC412
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: ECS (ska/F717)
set-cookie: ARRAffinity=618c750d6a2e0f4e76635b82a6fc9574c23aaa9861061c0ceaf46f1dff9a51db;Path=/;HttpOnly;Secure;Domain=acct.bizible.com ARRAffinitySameSite=618c750d6a2e0f4e76635b82a6fc9574c23aaa9861061c0ceaf46f1dff9a51db;Path=/;HttpOnly;SameSite=None;Secure;Domain=acct.bizible.com
vary: Accept-Encoding
content-length: 219
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   219
Md5:    d4b89bb4176aaf499bda51c3fe84c446
Sha1:   6450eaab81aa1d56bd2b028871fa9511b64cae56
Sha256: 255ea7453ef2947c68d3e927dbff5dd16d36dd521b9f71d1a7878743109455f0
                                        
                                            GET /r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDY2N30.6Z1y04bgBA64qLdBAFqy2LBEHbnlO694mU9EbUy5Htc HTTP/1.1 
Host: scout.salesloft.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.232.159.108
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:09 GMT
content-length: 41
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://liveramp.com
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: bc1a1f2a82c324a40a3db9899b330d9b
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   41
Md5:    c9857ea2f242bf3f15e43b5c2668a5b1
Sha1:   ede8e375f70ebc3908af61dca3921ef59195f86d
Sha256: e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
                                        
                                            OPTIONS /kinesis/streams/daily-active-users-prod/records HTTP/1.1 
Host: dau-prod.launch.liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://liveramp.com/
Origin: https://liveramp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

                                         
                                         54.230.111.27
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 0
date: Sun, 25 Sep 2022 15:21:09 GMT
x-amzn-requestid: b584bd15-0c84-43c4-b437-74a00c5702d6
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: ZBa72FS_oAMF__Q=
access-control-allow-methods: GET,OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O82tPncTNkw_73Wi8NqFGYpgDZavlMJWjqRyLBeviotQOukYPtdFhA==
X-Firefox-Spdy: h2

                                        
                                            GET /i HTTP/1.1 
Host: scout.salesloft.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.232.159.108
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:09 GMT
content-length: 48
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://liveramp.com
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
x-request-id: 842ba5aa9839eb90de23901d6562130f
set-cookie: site_identity=25b3ffe5-705d-4f37-9878-1999c9c241df; path=/; expires=Mon, 25 Sep 2023 15:21:09 GMT; max-age=31536000; HttpOnly
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   48
Md5:    6dabea527c7da7051badea1756fabd17
Sha1:   a80b1ade02723a21da310d46f3a5e3644cd8165b
Sha256: 00cd3553a147d0f8886e12b3ec708ba31588383db31fa35aa25b457383fc1e7a
                                        
                                            GET /core/assets/js/22.fd21eb42.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sun, 03 Jul 2022 23:15:05 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:56 GMT
etag: W/"cbf1bca421271b2567e00a478296192b"
x-amz-server-side-encryption: AES256
x-amz-version-id: rhriNS8WygjGEv2GTbSa16tsLJlBsIO5
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EUsnSSdP5_g9EKAJSZPTRkHyT944rn3zlkXF37L2Q5hw4O3mJuyqNg==
age: 7229164
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   105468
Md5:    ae6101404f7f26adf00e05d267ad8364
Sha1:   5aac11cceb9309643bc3eb142cc04b41fba99bc2
Sha256: ad4866809d5aef511f627c55f340d7455205f55acbe9da60bd1f1b52b8f11412
                                        
                                            GET /core/assets/js/20.8c21ea18.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 09 Jun 2022 19:59:49 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:13 GMT
etag: W/"6d77a76055d81227033363af2f18caf8"
x-amz-server-side-encryption: AES256
x-amz-version-id: GCkJ4tZ_JW3xcmjJsO05feXt7md0igxo
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z7zrdbd1cW2E1lganzbqR37sWDvS9CpSDKhTI10Wis4lrUnxCVRo3g==
age: 9314480
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   22695
Md5:    c44aeea470bfbdbdb0ef92911883dd37
Sha1:   2b03e2425ef47ee2ba517c6711e316834cf5c1ec
Sha256: 985a6353f12a3e295cb41ad296442210387f758869bc967289b9d345212993d0
                                        
                                            GET /core/assets/js/17.44329454.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 20 Sep 2022 21:47:42 GMT
server: nginx
last-modified: Tue, 20 Sep 2022 21:20:31 GMT
etag: W/"115a1629ab87f8c730eda6264bb2b3f6"
x-amz-server-side-encryption: AES256
x-amz-version-id: BzKarWHj3m8azuX6EJSG7FALoWPUE7yl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -rmruBYxtylD4b1w_zH90DLFb9ABKQbDMlFJNCFMj9KknSnEH_G64w==
age: 408807
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   20252
Md5:    4c19e257c12f80557930d4ce8bf59755
Sha1:   98b86739576e6a43a67aea270e2e1949db51bdc7
Sha256: f057f3c227edcb3490b2b218061d84918ab91020aa1ee2a7b72f9b952da9b59e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6282
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:09 GMT
Last-Modified: Sun, 25 Sep 2022 13:36:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /core/assets/js/28.190877b8.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 07 Sep 2022 14:05:25 GMT
server: nginx
last-modified: Tue, 06 Sep 2022 19:38:19 GMT
etag: W/"94c7e7cb2f40e10abeee8e28c0f68eb7"
x-amz-server-side-encryption: AES256
x-amz-version-id: G0DP4jvUaKtIbfyIxWqyC1CIhSHB9xO6
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _Gjkjf-Z-LtUJNcM7uCbEXho4r1sYRc6ElFmymcrfsCTaLcjFbBflg==
age: 1559744
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20814)
Size:   8017
Md5:    16afe85dcff8832512bc2e020d0a7ee0
Sha1:   0f5e9289b4782bc0cca7d6263b929d285655847f
Sha256: 6b78d353afbcd072515c5ee6904b0f3d683a7ae764ed13e4e32b5c733e95dd54
                                        
                                            GET /uwt.js HTTP/1.1 
Host: static.ads-twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.84.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Sun, 25 Sep 2022 15:21:09 GMT
x-served-by: cache-iad-kiad7000137-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57443), with no line terminators
Size:   15317
Md5:    1e9c4d503a9e162d8b549dc3d9c040e2
Sha1:   1fa99d7d7e878cdd45567af4b0c3c65542036c1d
Sha256: f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
                                        
                                            GET /core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
last-modified: Thu, 22 Sep 2022 21:23:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: pDTzSLgoWAw.imstlHYYIVPoik8i6c9c
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sun, 25 Sep 2022 15:21:09 GMT
cache-control: no-cache
etag: W/"46b940124f2b9c4038105037563f97cc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zJMJ7unzVuGIPWJrexCfJbf-LYvegXKCl9OCSAbnlKCVdvj0_gJhXA==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (50157)
Size:   17441
Md5:    83d769ca8bf46a130539d9cdf6707a4c
Sha1:   9e4e89cf29d04c71d975a208404ddecdd4e200f2
Sha256: 72b0718edc651a6544a17b4adf94e42d20c0b0a2bfae3227a19e3f2a5b2f39b0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5CzA52-o7GYViSJ4lna7ptv9dycJCUL-NLWOk-iCW-ZxDU_FQH_OoQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:51:18 GMT
age: 62991
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   31661
Md5:    c2d7cffd7d43f1e1495cc50b6c210b61
Sha1:   e595bb172e2a0b2aa2f5f5fd2adff4958c8d9a39
Sha256: 96cbc05cf3f2e12c2233268ce433c8461a31a3230f91e89da7e8b856e0c55d53
                                        
                                            GET /core/assets/js/24.6d713bc9.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 20 Sep 2022 21:47:42 GMT
server: nginx
last-modified: Tue, 20 Sep 2022 21:20:32 GMT
etag: W/"b0ce2074e6898eaf63dee45cca7a4495"
x-amz-server-side-encryption: AES256
x-amz-version-id: W4JDNYUe3eE3lAvIjNLJmclNe1SUheZf
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s3lgEWeflDRw4Se9h42_RvH4lgbfSeDN0TgThjupp0KLvY3PDuXCCw==
age: 408807
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   24163
Md5:    e18156c6f863145ffb1ddd548352a713
Sha1:   4df4c5b25bdaa74376284cef1845c97b9119a90a
Sha256: 6dffdbe2b57490bac7de703aafb19773083a9ef6b4072684b3d60ec5cd6eadbf
                                        
                                            GET /core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1664119266467 HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
last-modified: Thu, 22 Sep 2022 21:23:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: pDTzSLgoWAw.imstlHYYIVPoik8i6c9c
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sun, 25 Sep 2022 15:21:09 GMT
cache-control: no-cache
etag: W/"46b940124f2b9c4038105037563f97cc"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SWoxE3SsHrMjMhcfIIt1MbwGOff8w5kF1bT75Fk7jKzQy88Ha8X87w==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (41940)
Size:   38339
Md5:    91d31b56bde26ebe863cb976360405f2
Sha1:   37e76c8cb477a9b126f1d32ea7a4b480bcc6211a
Sha256: 33e7a7a33665dde0c73281640fa4cc4e4b025649e4f2f1a7433678a3415bfa12
                                        
                                            GET /core/assets/js/48.36272856.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 07 Sep 2022 14:05:25 GMT
server: nginx
last-modified: Tue, 06 Sep 2022 19:38:20 GMT
etag: W/"11fc6ce0a6034588f5e23638e2b6c3f2"
x-amz-server-side-encryption: AES256
x-amz-version-id: k8.uxYl53iC1oeWvq0NE3PJ03yVM0lns
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JmwfGsALsCuRPkZECgJO9Kfj9Jh1gmJeLxXFxTHbs02A84yl2wRMlg==
age: 1559744
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   85206
Md5:    5066fc4c82b0251d85266450f9a46dcd
Sha1:   ed50024f5b93433ef69b9f48cd7b25ea796f9cbb
Sha256: ffb16707ce3de1e3a3ff368dc17b7370db18da61bf532fa3a18ddd403a1e7438
                                        
                                            GET /core/assets/js/9.e5d69206.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 22 Sep 2022 21:23:14 GMT
server: nginx
last-modified: Thu, 22 Sep 2022 21:13:28 GMT
etag: W/"588c00f65c99a5e447f8eca05220daa3"
x-amz-server-side-encryption: AES256
x-amz-version-id: vK5Oc0HHY3SXib6zdjaZ0EhEfcA4apzf
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LLZADfmXALMaxe7A7UzxHfTowOxUmlS5BM7TyLEpGhyT6E5YS9mBCQ==
age: 237475
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25642
Md5:    dc5a2a63a385a4e70c0944050a80d4dc
Sha1:   0836fd189f806700dcd371293b94c9c901d01e5d
Sha256: d5d4d1aaeceade9697130a9cebfd7149f6c5922757f363fe714d0b8ec0b76cce
                                        
                                            GET /core/assets/css/19.c695453b.chunk.css HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 365
date: Sun, 03 Jul 2022 23:15:07 GMT
server: nginx
last-modified: Fri, 01 Jul 2022 20:20:53 GMT
etag: "06b2963b029c0824382815165bfea73e"
x-amz-server-side-encryption: AES256
x-amz-version-id: _GKDVm7cwHRbprAEZ8WoHMzXEQGGTOt2
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JD6SZQvxp87Wsnlhjcn54J-GngSk9fVIsn2TU79gcr0fhMVuNQUAkw==
age: 7229162
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (365), with no line terminators
Size:   365
Md5:    06b2963b029c0824382815165bfea73e
Sha1:   de23fb128e2589cf384603cfbb7f6b7bef969b05
Sha256: ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
                                        
                                            POST /kinesis/streams/daily-active-users-prod/records HTTP/1.1 
Host: dau-prod.launch.liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Content-Type: application/json
Origin: https://liveramp.com
Content-Length: 379
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

                                         
                                         54.230.111.27
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 110
date: Sun, 25 Sep 2022 15:21:09 GMT
x-amzn-requestid: b5aef7e7-7de4-41ce-9e91-a0d265653ed4
access-control-allow-origin: *
x-amz-apigw-id: ZBa75GrlIAMF55A=
x-amzn-trace-id: Root=1-633071e5-6a24d2fb2d5da3173aa935f5
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f1T_yYb7EgkNJ57KBptexsf7eV3SeNBynwoeJO2zeQ6X4zI-mbpBzw==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   110
Md5:    99c62e83736793d25f1e9833cdb5bedb
Sha1:   a80e2e076d84173c101e499c11ef786749d7792b
Sha256: a59e8f6fe9165723f0bc5724d9b8e2f9509496e8a13c31f5082c8e04b15d809f
                                        
                                            POST /g/collect?v=2&tid=G-JY5CK6C64V&gtm=2oe9l0&_p=1496225140&cid=698962588.1664119268&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664119267&sct=1&seg=0&dl=https%3A%2F%2Fliveramp.com%2F&dt=LiveRamp%20%7C%20Data%20Enablement%20Platform&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://liveramp.com
date: Sun, 25 Sep 2022 15:21:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /162/munchkin.js HTTP/1.1 
Host: munchkin.marketo.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         88.221.99.189
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Tue, 03 Jan 2023 15:21:09 GMT
Date: Sun, 25 Sep 2022 15:21:09 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"


--- Additional Info ---
Magic:  ASCII text, with very long lines (606)
Size:   4677
Md5:    3e9baed982956735f6e0a0e756d97ed9
Sha1:   9223be6a494a10959101a7942419df7b05b84d73
Sha256: 930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:09 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 01:42:53 GMT
Expires: Sun, 02 Oct 2022 01:42:52 GMT
Etag: "7c88fc09f8d1e0a4fe2c4ae4ea14440c33d15cb4"
Cache-Control: max-age=555102,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7504bf7a7a76b512-OSL

                                        
                                            GET /api/identity/idl?pid=1343 HTTP/1.1 
Host: api.rlcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Origin: https://liveramp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.133.55
HTTP/2 451 Unavailable For Legal Reasons
                                        
date: Sun, 25 Sep 2022 15:21:09 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /pages/data-scripts/0080/5597/site/liveramp.com.json?t=1 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 25 Sep 2022 15:21:09 GMT
content-length: 1907
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Fri, 23 Sep 2022 13:59:53 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504bf7bec6a1c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (8629), with no line terminators
Size:   1907
Md5:    08d975ba1c10dbe1358b68b78491a594
Sha1:   fba839628bfad64b0c27033139889e1f44a44f48
Sha256: c82e5519ce2253226d6a3e7b93580e052c90721811cc4df7e3988cb064a90d05
                                        
                                            GET /core/assets/js/27.c027de57.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 20 Sep 2022 21:47:42 GMT
server: nginx
last-modified: Tue, 20 Sep 2022 21:20:32 GMT
etag: W/"95bfb1423cbba7940f8fdc86ec6829d8"
x-amz-server-side-encryption: AES256
x-amz-version-id: VKGOnzJZN41xphGwdiRmAoqXXVv2Zipn
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 52y7yjbe4mFCd7dV99iiIgOI0S3vwqx03nalbCvrCVy4v_oLkjP4bg==
age: 408807
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13820)
Size:   24784
Md5:    899076ee298bafe3e3a50cb040dfb1d3
Sha1:   c078f94c87d995ff6c6031fe720ca8f48ac4bbb4
Sha256: 30e1832f1752d4b0339341ec8c056f0957be7354cd04070eb28ce5fd20d0cfc0
                                        
                                            GET /core/assets/js/37.9da17c94.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Thu, 09 Jun 2022 19:59:50 GMT
server: nginx
last-modified: Thu, 09 Jun 2022 14:58:14 GMT
etag: W/"e5c98ad7a7e70a1957477e33db39149c"
x-amz-server-side-encryption: AES256
x-amz-version-id: .1KvOWwhKDvJVSWzg49IMEkznsWNUcpl
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DolGNEJge0gjg8Ui-EFuzI2jG-IqQG0aHNNlGobniupx3P8UBSBCFA==
age: 9314479
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (53697)
Size:   46029
Md5:    4cc7aeb6b4f85c09d653a43fb866644f
Sha1:   e621cfad1f1cb330781dfd193aa02212330deadb
Sha256: a1c0d6ea9e55f9aa35318374da1798e9fb5b81155c9b6b7f4aa630fb820c2b09
                                        
                                            GET /action/0?ti=5441579&Ver=2&mid=f6766a59-941c-4a1d-8445-192c08bddc18&sid=ae0455003ce511ed93e90d31d1d87b4b&vid=ae045a403ce511edb14251f63e34750e&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=LiveRamp%20%7C%20Data%20Enablement%20Platform&p=https%3A%2F%2Fliveramp.com%2F&r=&lt=1941&evt=pageLoad&sv=1&rn=218979 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0D93EBC12D6F62EB09D0F9EB2C9A6344; domain=.bing.com; expires=Fri, 20-Oct-2023 15:21:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C1A003D06564EFBBDD15E9A31982C7B Ref B: OSL30EDGE0522 Ref C: 2022-09-25T15:21:09Z
date: Sun, 25 Sep 2022 15:21:09 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /core/assets/js/32.7eda110a.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1664119266467
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 21 Sep 2022 13:41:58 GMT
server: nginx
last-modified: Wed, 21 Sep 2022 13:23:54 GMT
etag: W/"eeddb065f27c76dc4eec2ca704676575"
x-amz-server-side-encryption: AES256
x-amz-version-id: PqnnqeM3ABKBremcCQzpUC4jjzW1BOjY
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PAsbKs0rPLwTJceGBr9tD1VeZyZOD7spQuZyjYU2twgpwfdC0We2kA==
age: 351550
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4783
Md5:    ff7aaf13d0ef99ea2d7e00b680bc311e
Sha1:   973520e6b9675a46db0127f2ad57c5e3284b64d5
Sha256: ac905987516f8208fe47c5d2284303c669e51503555d156e50c65d1cbaf8ee2e
                                        
                                            GET /collect?v=2&fmt=js&pid=644394%2C644778%2C647010&time=1664119268218&url=https%3A%2F%2Fliveramp.com%2F HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D644394%252C644778%252C647010%26time%3D1664119268218%26url%3Dhttps%253A%252F%252Fliveramp.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQI-Q44l2oy0EgAAAYN1POnEMg1jsIpxLTTQb2F85ZlnoV52tdAjzj2omrzOGGnpkcAve2PT8EQU9w; Max-Age=2592000; Expires=Tue, 25 Oct 2022 15:21:09 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure AnalyticsSyncHistory=AQJGgY3HhS7OTAAAAYN1POnEvUVRYzdPtaX_sO9hWPU9uX5YI2mthmm0e221i_3UQ9V6ViE4RFBv-mAyjysmxQ; Max-Age=2592000; Expires=Tue, 25 Oct 2022 15:21:09 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&e896598e-30ea-4a67-84a5-46040393264f"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 25-Sep-2023 15:21:09 GMT; SameSite=None lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2392:u=1:x=1:i=1664119269:t=1664205669:v=2:sig=AQE59a2Vt5fK-pW3tbYTujyVe1Fppgmj"; Expires=Mon, 26 Sep 2022 15:21:09 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpgfXxAshOCH9U3SRP6A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 51E3A8470EA548EDBBCF5E77213049EA Ref B: OSL30EDGE0414 Ref C: 2022-09-25T15:21:09Z
date: Sun, 25 Sep 2022 15:21:09 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /p/action/5441579.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: private,max-age=60
content-length: 666
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=10A87DA063F565DB3BB56F8A62006433; domain=.bing.com; expires=Fri, 20-Oct-2023 15:21:09 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84B937F080654313AE5E5AA86559F569 Ref B: OSL30EDGE0522 Ref C: 2022-09-25T15:21:09Z
date: Sun, 25 Sep 2022 15:21:09 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   666
Md5:    efef3ca9dcbf56aafb5041c3ab15c6a7
Sha1:   5c31c404996d10f89a2280a11782c2db5a2d56df
Sha256: a76fb669a1984e372d2a46eaf394e7f0185fd0c0358979edb21fd36f5cf48e0e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /core/assets/css/32.a3318c5e.chunk.css HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1664119266467
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 21 Sep 2022 13:41:58 GMT
server: nginx
last-modified: Wed, 21 Sep 2022 13:23:51 GMT
etag: W/"b06e02b360914b25e58305b1b9b954dc"
x-amz-server-side-encryption: AES256
x-amz-version-id: Tq0yzJUum5RyM1Vf648gx8d4gVPONjH2
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dyMPl24VgA_aM2UdVOIIUiZWMndLztQnz7R6QUfcjLA-H_lA78UUiQ==
age: 351550
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2319
Md5:    8f03963d65b8d156c04f667cb1487949
Sha1:   020db8a9a4db9e8d283c39d95e4086871db95dbf
Sha256: fd5b516d5577392b5334f0b793788c0db72d814dbc1a4e224f9798de7725b127
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:09 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 01:42:53 GMT
Expires: Sun, 02 Oct 2022 01:42:52 GMT
Etag: "7c88fc09f8d1e0a4fe2c4ae4ea14440c33d15cb4"
Cache-Control: max-age=555102,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7504bf7c2d39b512-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=09651712-b5e3-442b-ae28-8982ff23e91b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c76f978d-0848-4892-a270-4a5e88625518&tw_document_href=https%3A%2F%2Fliveramp.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcb1&type=javascript&version=2.3.27 HTTP/1.1 
Host: t.co
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.244.42.197
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:09 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=bd360b9c-858d-471d-a7bb-147c441e5a4d; Max-Age=63072000; Expires=Tue, 24 Sep 2024 15:21:09 GMT; Path=/; Domain=t.co; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 3ce55118201c2300
strict-transport-security: max-age=0
x-response-time: 105
x-connection-hash: fc0fd79fa45088151fa9f07abc9bafbef16d4a714c6d19d362902cec8ab28df1
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            GET /rtp/libs/jquery-ui-insightera-custom-1.9.6.css HTTP/1.1 
Host: rtp-static.marketo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.85.188.19
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 15:21:10 GMT
Content-Length: 3752
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (23001), with no line terminators
Size:   3752
Md5:    7408cd56b86047300d2a92af8e47e8f1
Sha1:   26e77ccab476523b6084c950a4c026bb01ff1ba3
Sha256: 026d2b9b9fc3feb6bc7a97bcae08fc402e313c5b425248ba85669231210d206a
                                        
                                            GET /pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
content-length: 30751
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Sat, 17 Sep 2022 06:58:49 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 180248
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504bf7ddc520b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25693)
Size:   30751
Md5:    3bfbf5e7fda7d79e892702bfb2ac06bb
Sha1:   152307731fd2f7756b4717e3008966eb6ed86d34
Sha256: 12fcbae9e8c2be14406a7838f5a9ed457d86dd7a86f08a8cc8a9ad7cb45aed49
                                        
                                            GET /wp-content/themes/liveramp/assets/css/app.css?ver=c2ea4a4bdb HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:07 GMT
last-modified: Tue, 31 May 2022 18:46:58 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"629662a2-2847e"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   21017
Md5:    25013dc99f2f48ad7882d4f5aef14b53
Sha1:   29b0f470ec37a3f55310f3743aa27a5e4e258a84
Sha256: 62dd02d1c9ab43ff54d67338f0f835de145d309a63e326681a490ee7f6970736
                                        
                                            GET /action/0?ti=25041328&Ver=2&mid=7625e60a-db2e-4998-977f-6e01920abdb3&sid=ae0455003ce511ed93e90d31d1d87b4b&vid=ae045a403ce511edb14251f63e34750e&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=LiveRamp%20%7C%20Data%20Enablement%20Platform&p=https%3A%2F%2Fliveramp.com%2F&r=&lt=1941&evt=pageLoad&sv=1&rn=846453 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3501275B3E82643C371435713F77655E; domain=.bing.com; expires=Fri, 20-Oct-2023 15:21:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0166EEF36EB44ED298BF150CF5706F8A Ref B: OSL30EDGE0522 Ref C: 2022-09-25T15:21:10Z
date: Sun, 25 Sep 2022 15:21:10 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /action/0?ti=17000338&Ver=2&mid=667d9ec5-1675-46b2-915a-9358c8f5bdf0&sid=ae0455003ce511ed93e90d31d1d87b4b&vid=ae045a403ce511edb14251f63e34750e&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=LiveRamp%20%7C%20Data%20Enablement%20Platform&p=https%3A%2F%2Fliveramp.com%2F&r=&lt=1941&evt=pageLoad&sv=1&rn=98939 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=084034EA35CA6EDA2FBD26C0343F6FDE; domain=.bing.com; expires=Fri, 20-Oct-2023 15:21:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F880B0CEB7804A469E74AC34D1D6C9A8 Ref B: OSL30EDGE0522 Ref C: 2022-09-25T15:21:10Z
date: Sun, 25 Sep 2022 15:21:10 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /rtp/libs/jquery/1.8.3/jquery.min.js HTTP/1.1 
Host: rtp-static.marketo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.85.188.19
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 15:21:10 GMT
Content-Length: 33467
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (65483)
Size:   33467
Md5:    0602d7452d578dd451366d8da927dbee
Sha1:   11bd23667efe969075595fcd5fc8f19712a8a07f
Sha256: 9b6af5e420fa08bb32afec97448f69491beb629eba561f13860852d9ed23691a
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"62551487-48b9"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   10415
Md5:    557072f7017607e92bb9f453e277170f
Sha1:   c3a55942c2938496af58df3e11a6f002c1b7107c
Sha256: f9c3ea1fcc4ca6fed6bd2a8bd8343e4e8488c0f4bb26bef0ece224b8e05da8c6
                                        
                                            GET /wp-content/themes/liveramp/assets/css/modules/value-props.css?ver=3a5737266e HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Wed, 16 Feb 2022 20:56:08 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"620d64e8-15c1"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5524)
Size:   1123
Md5:    f3822bfe9a953c7d320fde845ccab619
Sha1:   703a0741ad00af3eeb87074924398d79bfcc3034
Sha256: 9335d85bd740ce5b10b1513d9eee86c404af7e48c33e504143102fed2b43ecea
                                        
                                            GET /wp-content/themes/liveramp/assets/css/modules/slider.css?ver=9ec8b55b31 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Mon, 21 Feb 2022 18:36:11 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"6213db9b-27c0"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10136)
Size:   1701
Md5:    b4d94c3bf75f6f971a9636a693feeb6e
Sha1:   b517ff16af088572481841197dc2d8eb0dbee89f
Sha256: aaca799e234e20b4c26384f1b0e973b87ce4f0caf7c6665f95cde3f5c87bc645
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pages/data-scripts/0080/5597/sampling/liveramp.com.json?t=462255 HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
content-length: 64
access-control-expose-headers: CE-Version
ce-version: 11.4.10
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Fri, 23 Sep 2022 13:59:53 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504bf7e4f141c16-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   64
Md5:    00fc7f08b520342caf622b26b89af2b6
Sha1:   59064cc29ba0b9fada0cdfe3ca009322197f9c02
Sha256: daeeede00512a9f192a91a0da7bf8bd208b96e3618ef5171c29c8bb185b1cf9e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /p/action/25041328.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
cache-control: private,max-age=60
content-length: 666
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=09EB679002456F3E15CA75BA03B06E71; domain=.bing.com; expires=Fri, 20-Oct-2023 15:21:10 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9DE732E14FA4D83818884D7AC922078 Ref B: OSL30EDGE0522 Ref C: 2022-09-25T15:21:10Z
date: Sun, 25 Sep 2022 15:21:10 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   666
Md5:    6fdbb0acf82890ab0f16c073d199ec86
Sha1:   fbea0132a9a495fd6dc9746856a8af9ffc12fd32
Sha256: b45b55a722ff1da83b654372ac834b6d0c929c3fb63fd9307d0eac5bec1e9bc2
                                        
                                            GET /rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js HTTP/1.1 
Host: rtp-static.marketo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.85.188.19
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Accept-Ranges: bytes
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 25 Sep 2022 15:21:10 GMT
Content-Length: 35484
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   35484
Md5:    d43b426b4905cced4cdf2c503cc87d1f
Sha1:   151b2fdc12911d57f634e2a685d4b805b3014c36
Sha256: a6c357e69bda61e9e178442dfc64ac2d97ea2a640a6611c34e6e42639125d313
                                        
                                            GET /core/assets/css/1.2744e555.chunk.css HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core/chat?region=US&driftEnableLog=false&pageLoadStartTime=1664119266467
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 22 Sep 2022 21:23:14 GMT
server: nginx
last-modified: Thu, 22 Sep 2022 21:13:24 GMT
etag: W/"faf2e5ac2f9cf40f3d49e4c4f468e306"
x-amz-server-side-encryption: AES256
x-amz-version-id: h6NxhuFNLOMjRNKgXauNxPDXvquTMVXm
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kRVVXfhXKyf25YKdBE7GhRrnpndfAuHLpmLWXdyAbsv_6dI7jE6eDA==
age: 237475
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43684), with no line terminators
Size:   6553
Md5:    fb4806621cd46e4e5334535ca7c6300c
Sha1:   6cadf9c337d7c412d92e012dc1e093fa78cbe75d
Sha256: 9da4f94c81e0b7d86110bdac49c055841003562254a8b80ae2ed438cecc3057d
                                        
                                            GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D644394%252C644778%252C647010%26time%3D1664119268218%26url%3Dhttps%253A%252F%252Fliveramp.com%252F%26liSync%3Dtrue HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 302 Found
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=644394%2C644778%2C647010&time=1664119268218&url=https%3A%2F%2Fliveramp.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None bcookie="v=2&98971c2e-2410-4be8-884d-f2a9e435d11c"; Domain=.linkedin.com; Expires=Mon, 25-Sep-2023 15:21:10 GMT; Path=/; Secure; SameSite=None bscookie="v=1&2022092515211045ec8e19-f637-4671-8707-bfac2159b881AQEoALg_hAtIpZwKOE6oGnkiIK-bIs_c"; Domain=.www.linkedin.com; Expires=Mon, 25-Sep-2023 15:21:10 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2NjQxMTkyNzA7MjswMjF4ffQ+oPiWG8JF20bKvyEeihy98rsBDggadlUPMhl3WA==; Domain=.linkedin.com; Expires=Fri, 24 Mar 2023 15:21:10 GMT; Path=/; Secure; SameSite=None lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2395:u=1:x=1:i=1664119270:t=1664205670:v=2:sig=AQGHPdYYLXrWPdZO5PuGW4d_HCj54HPZ"; Expires=Mon, 26 Sep 2022 15:21:10 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpgfX2caiomyAploPETw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CAAE9DE4A8F344C5A612074874B74E21 Ref B: OSL30EDGE0414 Ref C: 2022-09-25T15:21:10Z
date: Sun, 25 Sep 2022 15:21:10 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /healthcheck HTTP/1.1 
Host: pagestates-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.46
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Thu, 14 Jul 2022 06:23:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YgVUVivBcuNk6RxEcWo2A487-AYYylquQkD8RU3G98ve1YEOsQ9vPg==
age: 6339468
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            GET /healthcheck HTTP/1.1 
Host: assets-tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.63
HTTP/2 200 OK
content-type: application/json
                                        
content-length: 19
date: Mon, 22 Aug 2022 11:33:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eYX9IHPF_lRnROUQhGOI8h3BgKTVgUsRqjDJfxR31Eiv2coS_bZi5g==
age: 2951275
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   19
Md5:    d06f04fccf68d0b228a5923187ce1afd
Sha1:   5de9df9fdd66a91eed06e31981553d4ab9ccf490
Sha256: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 13:44:35 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fCF5YEiVyOFf_ws7mrQfoiHDct9TA8NnjF1QGhJvXeZCEUaqM5gxJw==
Age: 5795

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 14:00:33 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nhD4v4EVkcIMOWRo-guq1-CelcZHmHU7Yfd3E0wZxoxuz5-FD8Firg==
Age: 4837

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 15:14:47 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VRRhzJRKO9pcj4A1vmtCrqfZM5Cwi02i-A1uevi3UimVy_ojsh15uw==
Age: 383

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 14:30:21 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jrgNfUSYVqYMfnrXrgADX7WdMe_mo0mPOob5MV4Z5VfsqYKdT0mkEQ==
Age: 3049

                                        
                                            GET /i/adsct?bci=3&eci=2&event_id=09651712-b5e3-442b-ae28-8982ff23e91b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c76f978d-0848-4892-a270-4a5e88625518&tw_document_href=https%3A%2F%2Fliveramp.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcb1&type=javascript&version=2.3.27 HTTP/1.1 
Host: analytics.twitter.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.244.42.3
HTTP/2 200 OK
content-type: image/gif;charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_WFFKdfB5thBZDLwvqAbuTA=="; Max-Age=63072000; Expires=Tue, 24 Sep 2024 15:21:10 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: cfbcd8616b10a2dd
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 09b17f2e99fd15a0327e243c7e839512cb8001ae7b9d29818b743e8381860dab
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    377d257f2d2e294916143c069141c1c5
Sha1:   b7cae69682cf31dd670b65088db8395acda6ed3e
Sha256: ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
                                        
                                            OPTIONS /monitoring/metrics/widget/init/v2 HTTP/1.1 
Host: metrics.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.193.113.164
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift41a2a6749ec979dd64b381b3482
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   13
Md5:    1424eb76249899d757e4d168341a50dc
Sha1:   42101e71440abd46c8112a96d4d5c0dd445120ce
Sha256: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
                                        
                                            GET /wp-content/themes/liveramp/assets/css/modules/hero.css?ver=baa84a6503 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"620c552b-a74"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2638)
Size:   2206
Md5:    0fb1c23333e8f627c3a06ce2a26e24a2
Sha1:   a2c3f9b0e668b395b2122d88d6f04047a28a9b92
Sha256: 1224164b99b15afa9c8c781bc47782a871e5d863ec0369eb62d487bfd8ba3e74
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4220
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 14:10:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /core/assets/js/0.0b2ebd4a.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Sep 2022 00:41:02 GMT
server: nginx
last-modified: Thu, 01 Sep 2022 13:18:43 GMT
etag: W/"c5efcdc9e465604f32cf24af10fd6c13"
x-amz-server-side-encryption: AES256
x-amz-version-id: E.Le1HHD6dXp1z9JLSdA8U2RMDD.dyV2
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n8yUyVLp4a4O9wMYDZpldxYbouxP6QlhXR20AUcR4nVAufQgMXCJBg==
age: 1694407
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2642
Md5:    eeb25a697345d101714c97814b27e9c0
Sha1:   15a998ef966a33734d9372ca53414cf750852479
Sha256: 565ba3bea1598815061d40882c7c13bb2a56ff4b9dedcce24047c0646cf21c9b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 14:23:17 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mTxuqT1jT18BYR4o61Wf933yk5xDUdorcgMDwedIL3Ys5xGqBgB36Q==
Age: 3474

                                        
                                            GET /wp-content/themes/liveramp/assets/css/modules/cta.css?ver=9e4b96db4c HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Wed, 16 Feb 2022 01:36:43 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"620c552b-4b0"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1163)
Size:   458
Md5:    da605b03cc28a8682605eca51147cd92
Sha1:   19e4cce2a6f800f7f96c4427c8f15d62aee6167f
Sha256: 2256f60febc92e110f87b50540943e6d5ec1f755ac0bcb46188b11b4792a1985
                                        
                                            POST /monitoring/metrics/widget/init/v2 HTTP/1.1 
Host: metrics.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization:
Content-Length: 138
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.193.113.164
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
requestid: 96cdb2ee21b89a82
vary: Accept-Encoding
content-length: 25
x-envoy-upstream-service-time: 15
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   25
Md5:    61228f8f544358e9ea1f463f01b5853c
Sha1:   582766f30c82dc2df6938c8e16455fa5e329afb1
Sha256: f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
                                        
                                            GET /clock?t=1664119268830 HTTP/1.1 
Host: tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         108.128.203.219
HTTP/2 200 OK
content-type: text/plain
                                        
server: awselb/2.0
date: Sun, 25 Sep 2022 15:21:10 GMT
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   26
Md5:    68f8fa41b781d7fd16085a562c0882c8
Sha1:   34b3d8e16be39e19fb962debde543ec0143b1242
Sha256: 1350d288ea66df0b7a2c143817453e90323e8acf0b2fb88489cbf626f51f2ffb
                                        
                                            POST /widget_bootstrap/ping HTTP/1.1 
Host: bootstrap.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 60
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.16.7.188
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
requestid: 55e63700b3c2a3d4
vary: Accept-Encoding
content-length: 196
x-envoy-upstream-service-time: 2
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   196
Md5:    29d7a31420e60b6d6b004f3fa88c9df2
Sha1:   9a4d213e3b86b91c89b5383af10dcb51e6cc1b6d
Sha256: 16bba4e5481ea0a56af37d6a9891830b5f802e8903c65d6380f0e8da626a5017
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3046
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 14:30:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5401
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:10 GMT
Last-Modified: Sun, 25 Sep 2022 13:51:09 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /webevents/visitWebPage?_mchNc=1664119268346&_mchCn=&_mchId=320-CHP-056&_mchTk=_mch-liveramp.com-1664119268346-33919&_mchHo=liveramp.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp= HTTP/1.1 
Host: 320-chp-056.mktoresp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         192.28.147.68
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: nginx/1.20.1
Date: Sun, 25 Sep 2022 15:21:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: 5e581016-2fe6-48db-913b-864ee5016944
Content-Encoding: gzip
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   28
Md5:    9dafc521bd59955b4986f0fc3777f77a
Sha1:   5a572b4730d4a2bce2fa35597a0993c649f26c74
Sha256: e4e90a7b8bacdfe395361149a9fd42f9192b68bdf1497e4454d0ab4c4917f746
                                        
                                            GET /pages/versioned/trackingpagestate-scripts/c9183ffb160c786379d112f3195e48ec.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
content-length: 22319
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Wed, 21 Sep 2022 14:00:09 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 180158
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504bf8269ee0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65345)
Size:   22319
Md5:    fd8dc2c26bedf693ced5a6eaf55bd1a4
Sha1:   a310f72d2908ceb316e9b4b253930037108eb660
Sha256: 7a9bd55634ca1d875657e8f7b95fa1a9ac6176fa539a48815b19409f4f9fe181
                                        
                                            GET / HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:07 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://liveramp.com/wp-json/>; rel="https://api.w.org/", <https://liveramp.com/wp-json/wp/v2/pages/1037298>; rel="alternate"; type="application/json", <https://liveramp.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 7
x-cache-group: normal
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Size:   24899
Md5:    311d4bd2abf2a54b97fe85041c893886
Sha1:   84ac2900fd0124ea2490838a00bfb5da8efd64b9
Sha256: 958f2026be9fa9ea7364fb66cb812db66ec85bbd39d992b068fcc9a04af76824
                                        
                                            GET /wp-content/themes/liveramp/assets/css/modules/logos-grid.css?ver=5de343a8a6 HTTP/1.1 
Host: liveramp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         35.239.68.42
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 25 Sep 2022 15:21:08 GMT
last-modified: Tue, 31 May 2022 18:46:58 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"629662a2-10b0"
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4228)
Size:   825
Md5:    e3c0314d736a591c4e85495fcb14409e
Sha1:   0927527812eb348254c072955f47a01d5f18872d
Sha256: b45122bfc77b025c5c7c07f60a507e4b902ffe188f6e5b10bb0e0593c86314e6
                                        
                                            GET /eus2/s/0.6.41/clarity.js HTTP/1.1 
Host: www.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.219.53
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
cache-control: public,max-age=86400
content-length: 23509
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8ccdebe9ad570"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 05nEwYwAAAAC2tNqkHYAnS6elg79D5TaXT1NMMjMxMDUwMjAzMDE5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Sun, 25 Sep 2022 15:21:10 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (54809)
Size:   23509
Md5:    1a7d206cf77e52160f7d49ab1c167fe5
Sha1:   08d824c483c1a2428bdc4e583d61a5ca8d1afb74
Sha256: 5404eb1ed3f4542d873f4e0610572ad480353446ea8e6f7e2bb76034cf051652
                                        
                                            GET /c.gif HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         20.234.93.27
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=2BBB063275284FF1A1D30D43028AB8DE&RedC=c.clarity.ms&MXFR=2FC6D3D883A3664434B7C1F287A3680E
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure; MUID=2FC6D3D883A3664434B7C1F287A3680E; domain=.clarity.ms; expires=Fri, 20-Oct-2023 15:21:10 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 25 Sep 2022 15:21:10 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /collect?v=2&fmt=js&pid=644394%2C644778%2C647010&time=1664119268218&url=https%3A%2F%2Fliveramp.com%2F&liSync=true HTTP/1.1 
Host: px.ads.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/javascript
                                        
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure bcookie="v=2&e04ffb14-3da2-4d7d-8dd9-b820ea0abfb9"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 25-Sep-2023 15:21:10 GMT; SameSite=None lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2349:u=1:x=1:i=1664119270:t=1664205670:v=2:sig=AQFibmiDWHKboqQB2oo9-jPXNMH1JX1S"; Expires=Mon, 26 Sep 2022 15:21:10 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXpgfYBMzHYSKj0VZpXOw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9FCEBD795E5141C9AF27118ED9545FA5 Ref B: OSL30EDGE0414 Ref C: 2022-09-25T15:21:10Z
date: Sun, 25 Sep 2022 15:21:10 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /gw1/rtp/api/v1_1/visitor?sid=liveramp-1664119268409-b9fa4afb&aid=liveramp&1664119268817 HTTP/1.1 
Host: sjrtp6.marketo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.28.146.116
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Sun, 25 Sep 2022 15:21:11 GMT
Server: Jetty(9.4.45.v20220203)
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Sun Sep 25 10:21:11 CDT 2022
Pragma: No-cache
Access-Control-Allow-Origin: https://liveramp.com
Vary: Origin
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63113904
Connection: close
Transfer-Encoding: chunked
Set-Cookie: BIGipServersjrtp6_https=!vTiBuD2Kmk6GxNRpnpR6MbX4rz1EA0FTadcyQL4WsW868pi9prlvQTV8n61Jb3XIKDaUP+oxzSO/NUg=; expires=Sun, 25-Sep-2022 15:56:11 GMT; path=/; Httponly; Secure


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   194
Md5:    98f820b18e03f642807e0f3f990487d0
Sha1:   7b80beb877311f9433d6f2f6073b6f5e7d7fac8e
Sha256: 23b854a3553cdb99f2c559438a1333717e96819a29c4bda495ab36b17620d6c9
                                        
                                            GET /gw1/ga/sgm?sid=liveramp-1664119268409-b9fa4afb&1664119268818 HTTP/1.1 
Host: sjrtp6.marketo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         192.28.146.116
HTTP/1.1 200 OK
Content-Type: text/json;charset=utf-8
                                        
Date: Sun, 25 Sep 2022 15:21:11 GMT
Server: Jetty(9.4.45.v20220203)
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Content-Length: 48
Strict-Transport-Security: max-age=63113904
Connection: close
Set-Cookie: BIGipServersjrtp6_https=!nXpiq/5IrxVyZVBpnpR6MbX4rz1EA2+E5hvroN50soo/89CAfeaDsU+0a7+iYrNhb+5rxm3OZApipmI=; expires=Sun, 25-Sep-2022 15:56:11 GMT; path=/; Httponly; Secure


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   48
Md5:    ee782b1213a79574b604aee632794efc
Sha1:   e9212ae5228a57b389a6f023389024a94d2aa0ec
Sha256: 25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
                                        
                                            GET /pages/versioned/tracking-scripts/b725c2752c30a1cdcf28121af80c4a1d.js HTTP/1.1 
Host: script.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.19.147.8
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sun, 25 Sep 2022 15:21:11 GMT
content-length: 28581
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Wed, 21 Sep 2022 13:59:50 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 180237
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7504bf851ced0b3d-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65343)
Size:   28581
Md5:    bf8dbb9a92017f191fad4942cd54ab6a
Sha1:   b11532627a7b085cbad8db30bd7fcfa69bdcac6b
Sha256: 2d77097c3d35dab725b9c721a36cbc0a3742c6a43c98e8836e1e90a86e47bc73
                                        
                                            GET /c.gif?CtsSyncId=2BBB063275284FF1A1D30D43028AB8DE&RedC=c.clarity.ms&MXFR=2FC6D3D883A3664434B7C1F287A3680E HTTP/1.1 
Host: c.bing.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.107.21.200
HTTP/2 302 Found
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=2BBB063275284FF1A1D30D43028AB8DE&MUID=343F429606C46CBC07D450BC07316D32
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=343F429606C46CBC07D450BC07316D32; domain=c.bing.com; expires=Fri, 20-Oct-2023 15:21:11 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D0F58460BF0D427792AB806E8E5E353A Ref B: OSL30EDGE0522 Ref C: 2022-09-25T15:21:11Z
date: Sun, 25 Sep 2022 15:21:11 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1851
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://liveramp.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 15:21:11 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /c.gif?CtsSyncId=2BBB063275284FF1A1D30D43028AB8DE&MUID=343F429606C46CBC07D450BC07316D32 HTTP/1.1 
Host: c.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://liveramp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         20.234.93.27
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 25-Sep-2022 15:31:11 GMT; path=/; SameSite=None; Secure;
date: Sun, 25 Sep 2022 15:21:11 GMT
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    32023bb33cfb2a1990a4ef2d85b6ac16
Sha1:   23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
Sha256: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 25 Sep 2022 15:21:11 GMT
Last-Modified: Sun, 25 Sep 2022 13:59:54 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2Gd8fQaCxhYYJDfmO1U1VV0rL47Yy-bTuaqH64ZWmLUk1HvC2-wYfw==
Age: 4877

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-23899090-1&cid=698962588.1664119268&jid=2103386575&_u=YCDAgAABQAAAAE~&z=1029017970 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 15:21:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 25 Sep 2022 15:21:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /collect HTTP/1.1 
Host: b.clarity.ms
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 141646
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         20.75.32.255
HTTP/2 204 No Content
                                        
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://liveramp.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 25 Sep 2022 15:21:11 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /widget_bootstrap HTTP/1.1 
Host: bootstrap.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 681
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         50.16.7.188
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:10 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
requestid: 58d5f1bc680862b2
vary: Accept-Encoding
content-encoding: gzip
x-envoy-upstream-service-time: 389
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26059), with no line terminators
Size:   7894
Md5:    3db8b3cc9396b1130d7d2b2b117b2b8d
Sha1:   12889c284ff1daa8b167741286b9ea0bd2f87ded
Sha256: 737b419856737ae437411257b7fef0f40c154451ead6d8fd638cceadbff6f8f7
                                        
                                            GET /gw1/msg?a=2&sid=liveramp-1664119268409-b9fa4afb&aid=liveramp&ma=id%3A320-CHP-056%26token%3A_mch-liveramp.com-1664119268346-33919&viewedTypes=&0.684842050784119&rts=1664119269401 HTTP/1.1 
Host: sjrtp6.marketo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.28.146.116
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=utf-8
                                        
Date: Sun, 25 Sep 2022 15:21:11 GMT
Server: Jetty(9.4.45.v20220203)
Cache-Control: no-cache
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Connection: close
Set-Cookie: BIGipServersjrtp6_https=!6Z7Hmpj+AKAHIKxpnpR6MbX4rz1EAyfeMucH9qJzhq6/dswkBL9kAnQjfnIJlr4zsDXHvMc8jOx9gKU=; expires=Sun, 25-Sep-2022 15:56:11 GMT; path=/; Httponly; Secure

                                        
                                            POST /v11?u=805597&st=377378&s=5081336 HTTP/1.1 
Host: tracking.crazyegg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 790
Origin: https://liveramp.com
Connection: keep-alive
Referer: https://liveramp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.128.203.219
HTTP/2 201 Created
content-type: text/plain
                                        
server: awselb/2.0
date: Sun, 25 Sep 2022 15:21:12 GMT
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /track HTTP/1.1 
Host: event.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.193.113.164
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 25 Sep 2022 15:21:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift299bdf04b66a1daf3a8182ac665
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   13
Md5:    1424eb76249899d757e4d168341a50dc
Sha1:   42101e71440abd46c8112a96d4d5c0dd445120ce
Sha256: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
                                        
                                            OPTIONS /targeting/evaluate_with_log HTTP/1.1 
Host: targeting.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.193.113.164
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 25 Sep 2022 15:21:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: drift51564c1442292fe78f58a35a9b1
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   13
Md5:    1424eb76249899d757e4d168341a50dc
Sha1:   42101e71440abd46c8112a96d4d5c0dd445120ce
Sha256: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
                                        
                                            OPTIONS /identify HTTP/1.1 
Host: event.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://js.driftt.com/
Origin: https://js.driftt.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.193.113.164
HTTP/2 200 OK
content-type: text/plain
                                        
date: Sun, 25 Sep 2022 15:21:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftce88e8c40b6af5aaf2a3fc92dc0
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   13
Md5:    1424eb76249899d757e4d168341a50dc
Sha1:   42101e71440abd46c8112a96d4d5c0dd445120ce
Sha256: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
                                        
                                            GET /core/assets/js/53.583306fb.chunk.js HTTP/1.1 
Host: js.driftt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.driftt.com/core?embedId=zzu47dtvu5sr&region=US&forceShow=false&skipCampaigns=false&sessionId=c27ba2f4-4f3a-4a3a-a626-25b584dd0af2&sessionStarted=1664119267.676&campaignRefreshToken=5f259da7-636f-420a-9e79-fd84a24392cf&hideController=false&pageLoadStartTime=1664119266467&mode=CHAT&driftEnableLog=false&secureIframe=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         54.230.111.20
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 07 Sep 2022 14:05:27 GMT
server: nginx
last-modified: Tue, 06 Sep 2022 19:38:20 GMT
etag: W/"a9de78010e6b0fa088457c00bd596fbc"
x-amz-server-side-encryption: AES256
x-amz-version-id: K8tgCc1oz8nV2fBxfcsQ0qqo033lXEJW
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pKCb8LvPyDKPsNQkCTZIiuozNwOxcTW0gRqu00G1T3az1ioEMyfLag==
age: 1559745
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6828
Md5:    33bcf3e518310c03f8ca49f07a749dd4
Sha1:   83a1dc7c50b17ee7821ea63abe17f80b55e4cb22
Sha256: 588b7d2a52ee17a2ecfd81344d3bfaa8acd5f4466849f1167f7e5d9e05696557
                                        
                                            POST /targeting/evaluate_with_log HTTP/1.1 
Host: targeting.api.drift.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNTc0NTczMjA0OCIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjExNjc0MjIiLCJleHAiOjE2OTU2NTUyNzEsImlhdCI6MTY2NDExOTI3MX0.EWrrXfjFFELuxkJ_LPnaZxxppHxnU3abW3t561SfUAlV5m1YjrHSSgkGunyboNUiSK5RYW3786slyKYhAPmeMA
Content-Length: 2412
Origin: https://js.driftt.com
Connection: keep-alive
Referer: https://js.driftt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.193.113.164
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
date: Sun, 25 Sep 2022 15:21:12 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
requestid: e9ab7b70f382d241
vary: Accept-Encoding
content-encoding: gzip
content-length: 849
x-envoy-upstream-service-time: 2
server: istio-envoy
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2328), with no line terminators
Size:   849
Md5:    10aa5ef96fbed1d8caf702794dbb93d5
Sha1:   f0153c95e134ec03cd756b1cf935100589068a63
Sha256: 29fd0a326225940afe4a1bcb58e9d38dfc7d12fc86c86f92ae102d75d4337484