r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6076
Expires: Mon, 23 Jan 2023 18:23:08 GMT
Date: Mon, 23 Jan 2023 16:41:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Mon, 23 Jan 2023 17:40:18 GMT
Date: Mon, 23 Jan 2023 16:41:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 16:35:02 GMT
content-type: application/json
age: 410
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12724
Expires: Mon, 23 Jan 2023 20:13:56 GMT
Date: Mon, 23 Jan 2023 16:41:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Sg0U4U50RjowJYq8zhZFBC+4NGX9LwshOSL42vKtK0521/P+BVinpfhyqKYkJMhrZ2QuBKtjKdY=
x-amz-request-id: MJW4ECHA57JQ6K7E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 15:47:46 GMT
age: 3246
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9a43045415120fbe717c627d2ae16
000575030d666f4447464702fb5fb7c1080967b8
3fb1c8422e3b3f2dea7af9ca94ed410eadf5e7e8ee271c66a028ca156bc0cca6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FB1C8422E3B3F2DEA7AF9CA94ED410EADF5E7E8EE271C66A028CA156BC0CCA6"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11531
Expires: Mon, 23 Jan 2023 19:54:03 GMT
Date: Mon, 23 Jan 2023 16:41:52 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 16:41:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
proxy.quickmail.com/click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next
54.91.6.89301 Moved Permanently 118 B URL HTTP/1.1 proxy.quickmail.com/click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next
IP 54.91.6.89:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 4d815e3c70b40864bd8e05e66d81bf65
921ecaa5e402de4f492a99930cb6b3656d800bf7
968522318a41dc7d04ca5c6f526d9228a694df1b5e396917102ab5db6a6d828d
Analyzer Verdict Alert fortinet Phishing
GET /click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next HTTP/1.1
Host: proxy.quickmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Location: https://www.gravwell.io/file/gravwell-vs-legacy-siem
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
X-Request-Id: 84ae3762-ab6d-47ac-ac0b-98ea42d149ff
X-Runtime: 0.025126
Server:
Date:
Last-Modified:
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 16:17:30 GMT
age: 1462
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4021
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:53 GMT
Last-Modified: Mon, 23 Jan 2023 15:34:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.166.172.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.172.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ib+7tw73otVjNgj0utnPoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uyxdZxBwkiAFzaS8YcMmYP0MMdM=
use.typekit.net/gel7sic.css
23.36.76.186200 OK 52 kB URL HTTP/2 use.typekit.net/gel7sic.css
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 996fbe4e10a2c1dfc0abb2745b92b078
fa27f7cdefa1d0fbf64f9ace5c92393cacc5b18b
cafb3809ea1d4e4be11c4ab1db2e09f24188de6ede92bdab954e437d988c20e0
GET /gel7sic.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 714
date: Mon, 23 Jan 2023 16:41:53 GMT
X-Firefox-Spdy: h2
p.typekit.net/p.css?s=1&k=gel7sic&ht=tk&f=32117.32119.32120.32121&a=86762299&app=typekit&e=css
23.36.76.186200 OK 418 B URL HTTP/2 p.typekit.net/p.css?s=1&k=gel7sic&ht=tk&f=32117.32119.32120.32121&a=86762299&app=typekit&e=css
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
Hash 96c319b7bd872cf153013bb48a26a86a
d098f33745047e78b75873b6311713e088be2f5e
3e7cd99889418f8a069e1d0e3f1428b8756e2070c067ed1a5bfc472192d663a6
GET /p.css?s=1&k=gel7sic&ht=tk&f=32117.32119.32120.32121&a=86762299&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Mon, 23 Jan 2023 16:41:53 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/af/97dfb1/00000000000000007735b014/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.186200 OK 20 kB URL HTTP/2 use.typekit.net/af/97dfb1/00000000000000007735b014/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 20388, version 1.0\012- data
Hash 664a8f5be311f4107332e7e528fcb171
9bad541804c8b6ce6cead5d5924f85db66e2dd64
2c71c37bce6c7382e88482c6f8543ec284ba2f6392e704bb4a8e598cf62f8835
GET /af/97dfb1/00000000000000007735b014/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 20388
etag: "cb2fec304ab64f5f92f40c483a634849a91fa1d7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:53 GMT
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/main.js
184.31.15.170200 OK 503 B URL HTTP/2 documentcloud.adobe.com/view-sdk/main.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (938)
Hash 6793c4d530ebaa24162ce7aefc274789
c064ec4747444a84742c985f1bc91905af9f321b
dd53d151beb1db93938959da1c3335bddc994f7e522da2f69fb7a4ef40f042be
GET /view-sdk/main.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 11:14:07 GMT
etag: "436ddde4b7d4a30ec4bbf54252ef0fab"
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 503
date: Mon, 23 Jan 2023 16:41:53 GMT
akamai-grn: 0.a60f1fb8.1674492113.23530be2
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 8.1 kB IP 142.250.74.131:0
Hash 2445019e87453d2b4df2288fdfd43314
35379c25cd229b46f53017c022333db945e007cd
545774a316913625d18527c9a820ead88a555a80f4c30a322204a9b863459e1d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/af/2ab381/00000000000000007735b011/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.186200 OK 20 kB URL HTTP/2 use.typekit.net/af/2ab381/00000000000000007735b011/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 20548, version 1.0\012- data
Hash c2d7e1142a0a889ff7347cbc39605d0a
93a49cc871566dc96c02714208ee84514d05b73e
e2c1b7c6e44ff426bc6cce31a7648e6eedff7e76c70d0e1b5171dcb4f44caf4d
GET /af/2ab381/00000000000000007735b011/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 20548
etag: "25bc7a4ea6675dddcd78a233524f54db30f06c5d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:53 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.35200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.35:0
Hash 53838c3b64dc1592284e350d54dc1f5c
b14e4ddb80424d14ea73ad6993da1cb3baf38bb9
611149a858daa3c710149b1957270714af6792d6d25a65a099acdcf81c310027
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 04:29:06 GMT
expires: Wed, 17 Jan 2024 04:29:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
age: 562368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDKInterface.js
184.31.15.170200 OK 34 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDKInterface.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash de672d7c411f89cfabdca9ecf2318b6b
59f38c9c3e919ed28a9bbe0366424dcda265018c
2f07cc7d43511199d2cae4024121fe40f9cd00466fa03a9af699bfb3da33eb99
GET /view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDKInterface.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:38 GMT
etag: "e2fc2f90882c11f516ba8fb2babe6fcd"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 34413
date: Mon, 23 Jan 2023 16:41:54 GMT
akamai-grn: 0.a60f1fb8.1674492114.23530cad
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash aed5663b228e788fd436798f50414d96
1c043254848d1107978dee4f5d757a0f9fee3521
3245bfd7d948f3579f650c45c149bc00ef11d97a8f50e59c84956f6321c0fb6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:54 GMT
Last-Modified: Mon, 23 Jan 2023 15:45:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
js.hs-banner.com/3422725.js
104.18.33.171200 OK 34 kB URL HTTP/2 js.hs-banner.com/3422725.js
IP 104.18.33.171:0
File type ASCII text, with very long lines (60033)
Hash 88a1eb895216afa8581a37ffd1bea304
fba2281d2ed59578b91c9e352e474904cdf3cf07
fafddf10c504218e3a4817375b0d2e705f3f81ec0743af9d9f42ec4d8a52b479
GET /3422725.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:54 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: AeLXWAeyuOkcqcppCskS06IV1tgjUXkac6ZOJeYRD1dhUnRIvbaptZ8WQi5Ce4V93vQHVnf6SEg=
x-amz-request-id: 89STEBPG870K9Y7G
last-modified: Tue, 25 Oct 2022 20:12:25 GMT
etag: W/"3ed6eb6b3520076ef23c3a7dbee035d2"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: gpdgdVmDarkC4tefWhtZ8gNJKDZRYEhn
access-control-allow-origin: https://www.gravwell.io
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Mon, 23 Jan 2023 16:46:41 GMT
cf-cache-status: HIT
age: 13
server: cloudflare
cf-ray: 78e1fac16d53b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b6a7b076a30a5406b12344e01ba2d7ea
17e8497f4041b0c7e6fe4a13cfc5fe634c622fc5
5c82bf44b7ea0d2399d52df26b0ebc574cea4c4ff5d34423d07a1fc20e2e3587
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/dc-app-launcher.js
184.31.15.170200 OK 16 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/dc-app-launcher.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (57186), with no line terminators
Hash d5e8b0068000e6fe3497fa9a6658de1f
139370efce38632ead2f83734af1e68bc1d6448a
cb6ae499895314adde786b3111e886aa38fcfb18f373c7ea480e10fa94feb4ed
GET /view-sdk/2.35.2_3.1.3-3ac6701a/dc-app-launcher.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:38 GMT
etag: "32d3d483a41ceb54b8bcab2ebb6c9830"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 16534
date: Mon, 23 Jan 2023 16:41:54 GMT
akamai-grn: 0.a60f1fb8.1674492114.23530e74
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/linearizationTrialToken.js
184.31.15.170200 OK 1.2 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/linearizationTrialToken.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2901), with no line terminators
Hash 023398e1416ca3a57291bbd4fd1437e8
3e773f5aa312ce155bce66b23a5ee4734827d469
39b5edaee04490fd0ef77e4a7a8dfde942f36223fe6afa20c7cc5abc4e6d2e6a
GET /view-sdk/2.35.2_3.1.3-3ac6701a/linearizationTrialToken.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:38 GMT
etag: "eed8cdc4ec109e42fa23e0b12a678571"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 1205
date: Mon, 23 Jan 2023 16:41:54 GMT
akamai-grn: 0.a60f1fb8.1674492114.23530e80
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-core/2.35.2/dc-mobx.js
184.31.15.170200 OK 24 kB URL HTTP/2 documentcloud.adobe.com/dc-core/2.35.2/dc-mobx.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65471)
Hash 4b2b5b67e81940905d7ca55366fee468
bb913e5fe97b6ee9435e1e4244012e6669f0f6d0
1f3b31df94ad7a39d8b87e480ea05d00212986f1e85a04878d80504bf5d8c17c
GET /dc-core/2.35.2/dc-mobx.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 19:46:08 GMT
etag: "023c88dd93088a44e2b2dc482c55beec"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 24451
date: Mon, 23 Jan 2023 16:41:54 GMT
akamai-grn: 0.a60f1fb8.1674492114.23530e68
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDK.js
184.31.15.170200 OK 44 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDK.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (35798), with NEL line terminators
Hash ea573911b60b89ef47a9bc0522fb3004
54ef33f11989c7944386185c07ec5d6478cb86d8
d9f99f07a27c343d3ef4ad97785279b07e7e92511b16234f0df6d088f95ec0cc
GET /view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDK.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:37 GMT
etag: "c24f1acbd3ff2557e9a74b8a3930dbce"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 44254
date: Mon, 23 Jan 2023 16:41:54 GMT
akamai-grn: 0.a60f1fb8.1674492114.23530e79
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-core/2.35.2/dc-extras.js
184.31.15.170200 OK 78 kB URL HTTP/2 documentcloud.adobe.com/dc-core/2.35.2/dc-extras.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65467)
Hash 791cd2f77a139617e0efc0c1a6193182
c80b43489b5c87ee2278346557d1952cc4eab19e
aaf2b65d4e77a0efadf8867869f7ed52144a2c4965a4c6a409c27e7823bade1e
GET /dc-core/2.35.2/dc-extras.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 19:46:08 GMT
etag: "aaaa7772f9ede7c609544bd34e42ac14"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Mon, 23 Jan 2023 16:41:54 GMT
content-length: 77468
akamai-grn: 0.a60f1fb8.1674492114.23530e71
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2f125555299d5947d5479d08c6479100
db2d45bb5afe80631e3a1c6a2c0e84e26bfeaf3e
88b254264deb24c647edecc94608c2633d2296a74cfa9015b484ff0f97ca334e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3869
Cache-Control: max-age=94315
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:54 GMT
Etag: "63cd7720-116"
Expires: Tue, 24 Jan 2023 18:53:49 GMT
Last-Modified: Sun, 22 Jan 2023 17:49:20 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/AdobeDCViewApp.js
184.31.15.170200 OK 157 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/AdobeDCViewApp.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65464)
Size 157 kB (156961 bytes)
Hash 7c32e0fd6b6ddce26d89b178af9e2766
3afb3234ae965d990a9b1d82acfbfb3114f4668e
82b0b3b9ed3bda05894f9f052b19a364e1b6cbd86a7a36935c41ccb69b1c5f3d
GET /view-sdk/2.35.2_3.1.3-3ac6701a/AdobeDCViewApp.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:37 GMT
etag: "052ba6105ddfb12e5a979094d849cc16"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Mon, 23 Jan 2023 16:41:54 GMT
content-length: 156961
akamai-grn: 0.a60f1fb8.1674492114.235310f3
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
js.hs-scripts.com/3422725.js
104.17.212.204200 OK 913 B URL HTTP/2 js.hs-scripts.com/3422725.js
IP 104.17.212.204:0
File type ASCII text, with very long lines (1344), with no line terminators
Hash ca99dfdb18660eeefb035c49b255785f
573a33c41b617ecf35bbbe8abc30bb033d321580
79c51b0a3b9d74648ee1e527f982d9c14291f982a2d71e822d23f90d6ecf58af
GET /3422725.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:54 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.gravwell.io
access-control-max-age: 3600
cache-control: public, max-age=60
cf-bgj: minify
cf-polished: origSize=1452
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 0cda9013-234f-4665-8582-50b5a03ea85a
x-trace: 2B585AD671AC152A5E236F66A40B7DBC891FB56C44000000000000000000
last-modified: Mon, 23 Jan 2023 16:41:39 GMT
cf-cache-status: HIT
age: 15
expires: Mon, 23 Jan 2023 16:42:54 GMT
server: cloudflare
cf-ray: 78e1fac43a950b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/rendition.js
184.31.15.170200 OK 38 kB URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/rendition.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65469)
Hash 79e34b51e1bb8ede7c280483fa223734
4d1f8833e5d37cc1510096b3914a11c3056a3a22
8c6f2bbfa478c3f1ecb1b6336d45d6cc900a2b5c753facd057e64c98ecca9249
GET /dc-rendition-provider/2.35.0_4.177.0/rendition.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:15 GMT
etag: "78b4745209e5d942a806072a312fd5bc"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 38392
date: Mon, 23 Jan 2023 16:41:54 GMT
akamai-grn: 0.a60f1fb8.1674492114.23531120
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dcpreviewdropin/2.35.2_1.1780.0/bootstrap.js
184.31.15.170200 OK 1.1 MB URL HTTP/2 documentcloud.adobe.com/dcpreviewdropin/2.35.2_1.1780.0/bootstrap.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65469)
Size 1.1 MB (1091520 bytes)
Hash 82aadd67b86b5de61d4ed59547f43a5e
f445ae3d30f2d10b2729455e330473d6018decf1
bfe622d75fa23ada797af87d2bbb604f0b314c6a736b12e044699904922c5402
GET /dcpreviewdropin/2.35.2_1.1780.0/bootstrap.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 09 Dec 2022 14:11:27 GMT
etag: "73c909524d234f9b9280bc2eb673ac72"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Mon, 23 Jan 2023 16:41:54 GMT
content-length: 1091520
akamai-grn: 0.a60f1fb8.1674492114.2353111d
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
54.230.111.123200 OK 55 kB URL HTTP/2 www.clickcease.com/monitor/stat.js
IP 54.230.111.123:0
Hash ed28ba346b47a4bc36f95015917c92b4
58fc0018af81488dda1fba1602a8de20ec291932
e5489a3b02fc559e5471ea7f5b43b78a9ee69d8c38e1e06491e3c67f8868562b
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Mon, 23 Jan 2023 16:41:46 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pq8kvgoTxxaHK-Cmx68yr1QU1MHy7HBiIknH9n3eF8wDpByi0XpRRA==
age: 10
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3SoP46ER0JjOaLh363bQ9QW4ZIW19_rbgeQ7Ey8W-zgyGMMLSLccA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 04:46:41 GMT
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
age: 42913
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 68035
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 78706be8a7a18f82e92247d446931ef2
f1a9721e32fbcd453b5c05353ad8c91998831fde
42c97a076a0c0b76559e3fa0e79421adb592fbf2753237834abee15fff5571a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1587
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:54 GMT
Last-Modified: Mon, 23 Jan 2023 16:15:27 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: df7df0ae-d70e-4b80-9483-2ecd5c8ee4a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqvPEXMoAMF5Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57fa-04193e0514c1c1e85d9d023b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fznabMNG3n9Uo4L1jrrewtL_hJnQv8oR2qggeZtruvOLVzpUpcs7Tw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 03:21:12 GMT
age: 48042
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6
4c6d22bdc48d7011e2c875ee18876da6a8401669
23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3AcMGeNoAMFs7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yxOiDecizhIzCJoYi-ps_EhYJkKfIagTqM0ybgsgvdVRAgjdsSTRTQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:44:17 GMT
age: 68257
etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c664f89307d9f2cc8170ca0816708ef9
cc010d66fe22fce8e82f9bbc78fc3b836120ff0b
c77d9cae0c4132f2695322b8c33fa875a341948ffb6c3023ddb1d3ef41c9ae23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0a4afa9-05c4-4ab9-b9eb-17970c04dbbb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3814
x-amzn-requestid: 48468720-0305-4f17-862b-f2f854fdfe41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKq8mEPnIAMFzXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdbeb6-470a030661c749ae0fa14c31;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 22:54:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9hQjtfheswJHTaBL6yZ9UoowbsfqvbNqzUb9EOzaAppGv-fHat8O1A==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 23:09:20 GMT
etag: "cc010d66fe22fce8e82f9bbc78fc3b836120ff0b"
content-type: image/jpeg
age: 63154
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b48f53e84a3ec564b35cf6b0754d09bb
dc7ad580f90e8af4349f409fb0302a79c672ff99
37d8f9a37eed22705123275ac7a36ff34bcdea1b2faaa7108a7112afe5a8201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4f85f34-177a-42e1-8337-e98ac6995842.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6068
x-amzn-requestid: 8962c77a-e852-426f-b37a-024546e0a2ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VKG_zoAMFgZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-368af491496d024a0142b0e4;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rhyrw60LqcuRIbzLGyOkz8CWDaZpM_mCRkHDKmYilms5Ce-PhEP5NQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 16:04:00 GMT
age: 2274
etag: "dc7ad580f90e8af4349f409fb0302a79c672ff99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dc-api.adobe.io/system/csp?source=viewsdkprod
34.197.224.31204 No Content 130 B URL HTTP/1.1 dc-api.adobe.io/system/csp?source=viewsdkprod
IP 34.197.224.31:0
Hash 0212ebf53fca65a5a70b96c11ea1695d
7d09b67864f11fc172740a0187334a6222ee9be5
45a48ed9c2886b4c80a6e25b801d7d168171e4078249da4132fcf1daf1063839
POST /system/csp?source=viewsdkprod HTTP/1.1
Host: dc-api.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2288
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Mon, 23 Jan 2023 16:41:54 GMT
Connection: keep-alive
x-request-id: BpVGbowhjlkpOZvNf5kT9DrTVgSc3vjb
x-server: adobe.loggingserver.2.1.8f11f2f488445442f2a91594f38aa1881ded6633
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: noindex, nofollow
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH
Access-Control-Max-Age: 1800
Strict-Transport-Security: max-age= 3153600; includeSubdomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2f125555299d5947d5479d08c6479100
db2d45bb5afe80631e3a1c6a2c0e84e26bfeaf3e
88b254264deb24c647edecc94608c2633d2296a74cfa9015b484ff0f97ca334e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3870
Cache-Control: max-age=94315
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Etag: "63cd7720-116"
Expires: Tue, 24 Jan 2023 18:53:50 GMT
Last-Modified: Sun, 22 Jan 2023 17:49:20 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 29bf073c8896ac59fddf1d0ed564f71d
39d3202113830220710400775a45daf7be20ddac
f30a4d3985e67d4f87810ad988a3f149ce1be635bddf32049f520fa19cc432e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3000
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Last-Modified: Mon, 23 Jan 2023 15:51:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.57200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.57:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=33399
date: Mon, 23 Jan 2023 16:41:55 GMT
content-length: 4777
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 23 Jan 2023 16:41:55 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FE81D2793C7C480BBDC3F247C0E80414 Ref B: OSL30EDGE0120 Ref C: 2023-01-23T16:41:55Z
date: Mon, 23 Jan 2023 16:41:55 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/765524202/?random=1674492113101&cv=11&fst=1674492113101&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&auid=907197603.1674492100&rfmt=3&fmt=4
142.250.74.66200 OK 877 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/765524202/?random=1674492113101&cv=11&fst=1674492113101&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&auid=907197603.1674492100&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (1853), with no line terminators
Hash a5125af5a93b683a98bb5b74f0b12928
fb2866c4139ea54366a261326dfb83e9a8911592
ba486f2cdbf3c7115789755687a1833a563c8648bdd37c682b299658bacc8885
GET /pagead/viewthroughconversion/765524202/?random=1674492113101&cv=11&fst=1674492113101&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&auid=907197603.1674492100&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 16:41:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 877
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 23-Jan-2023 16:56:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
143.204.55.40200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48015)
Hash e45ceb77c1a47254136f1ef733de65df
7cc640ca25ac5232038a02fbaf6d2677871ebaf0
25e950716f031b1000c0fc674457836b68ad60912f265f7efc190f6a93a71a2d
GET /modules.ea0a6d6a741d5de8308e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68675
date: Fri, 20 Jan 2023 11:10:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e45ceb77c1a47254136f1ef733de65df"
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 44NtcqPJETSOD3UGOYSEeYgdqRDG8ZjjcFL_UrQ4ulvWNQFVd1n6_Q==
age: 279110
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
184.31.15.170200 OK 22 kB URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 0414a6060f859432740ff3b773311338
d459f6cf86c974fde0586363e04e93fa3b560f58
3b9da3da1bcc662aef932a8864256fd2e9df8eed4bdd425352ce7ffdf1a99b6c
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:14 GMT
etag: "ee2c66068893f4f63aa174dd615cd3d8"
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 21978
date: Mon, 23 Jan 2023 16:41:55 GMT
akamai-grn: 0.a60f1fb8.1674492115.235318bc
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cc298ded3fc0f058105ddd7b442f5b55
38d43fe921b0b34e4a762598c3ad003956592c04
61a166c11ee3bc04f5be109d262b7f69525e428b1a85f68e00a58de4ff26b4c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9f9788e381983082a10350bba3234afb
dc16e103c5174374433d4432b8d6171a3960dbbc
961980c0a8fa08aca4b97e793686994e2d85e5272cebeb48229611a88ecabc83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/765524202/?random=1674492113101&cv=11&fst=1674489600000&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=825237278&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/765524202/?random=1674492113101&cv=11&fst=1674489600000&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=825237278&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/765524202/?random=1674492113101&cv=11&fst=1674489600000&bg=ffffff&guid=ON&async=1>m=2wg1i0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=825237278&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 16:41:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7bff7d720b54be58230418df03651f8c
78bf3b2cc16a316827595f30e965bf0d894f9011
e9745158fb5e1959fa63fc7427a59f9e569acba0450c45f840f51f2ecd456ed5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2771
Cache-Control: max-age=158335
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Etag: "63ce757f-139"
Expires: Wed, 25 Jan 2023 12:40:50 GMT
Last-Modified: Mon, 23 Jan 2023 11:54:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4ec3b5ebec8f98b7435df060984d7ca6
dedffe21033e532f09b5c5e89e76db0853f91b0a
01e21ddc29765a26a6c7e48c1d30bd0c5f6cd3d40ad00e1b67deacc827d341e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.js
184.31.15.170200 OK 26 kB URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0a0c4b9f347048cbc7157961d9373a9c
796053889801299f29842db1f52ee5169c2ed141
0af82867f7f63111ad6a484bb78e047608582c939da3468c1f70e1d06934f631
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:15 GMT
etag: "abffc55f39590e496c56222093615e92"
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 25673
date: Mon, 23 Jan 2023 16:41:55 GMT
akamai-grn: 0.a60f1fb8.1674492115.235319a4
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d14e8782b62a4de2df55c33db9baea6b
a978ef5dd2733c04938063672de978795fec32f2
f02211e54ba4c2f92272a711e95edec35c0618f243880c8c9be1044cb6acb5a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5750
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Last-Modified: Mon, 23 Jan 2023 15:06:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674492114192&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674492114192&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1746644&time=1674492114192&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674492114192%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIxb3ctA7u2egAAAYXfgfsvYhyFqXp82BKYslZc7lcSbKfIyAUE_SlsrxUvyiKK0PRx_Myz_O0p2Q; Max-Age=2592000; Expires=Wed, 22 Feb 2023 16:41:55 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLfnMvvLKO8MgAAAYXfgfswKTSoMZdiliOgo1lLY-cihCQ2ocwy3Th97Kq15j3QfnjW45XRs657CvPryeVp7g; Max-Age=2592000; Expires=Wed, 22 Feb 2023 16:41:55 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&a8797849-f8c4-4ec9-8319-7d807ec7e372"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 23-Jan-2024 16:41:55 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2416:u=1:x=1:i=1674492115:t=1674578515:v=2:sig=AQFdi7vU3ZpwyHAMYPBnLKDK6r6kvZ7c"; Expires=Tue, 24 Jan 2023 16:41:55 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXy8RO9E5NOZg2xNZddTw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D2BDF8CEFE9B44DE94EAF633F5CBD047 Ref B: OSL30EDGE0105 Ref C: 2023-01-23T16:41:55Z
date: Mon, 23 Jan 2023 16:41:55 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 71ebdfdb4747eb45c3e92682eb35fbd1
92100a3b5064554f56256f7de1989347c99d1f84
a89dba1d46608e305eb6f21f7fda86a756b70154c8b8525978c6965c92e67477
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4854
Cache-Control: max-age=147501
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Etag: "63ce430a-1d7"
Expires: Wed, 25 Jan 2023 09:40:16 GMT
Last-Modified: Mon, 23 Jan 2023 08:19:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 71ebdfdb4747eb45c3e92682eb35fbd1
92100a3b5064554f56256f7de1989347c99d1f84
a89dba1d46608e305eb6f21f7fda86a756b70154c8b8525978c6965c92e67477
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4854
Cache-Control: max-age=147501
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:55 GMT
Etag: "63ce430a-1d7"
Expires: Wed, 25 Jan 2023 09:40:16 GMT
Last-Modified: Mon, 23 Jan 2023 08:19:22 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
js.hs-analytics.net/analytics/1674492000000/3422725.js
104.17.68.176200 OK 21 kB URL HTTP/2 js.hs-analytics.net/analytics/1674492000000/3422725.js
IP 104.17.68.176:0
File type ASCII text, with very long lines (64784)
Hash 4f0c52107ad9d0a9162241f1276acab8
c778c4c2a988e069ae9f508d437472e4d444e633
17a917a05c72b23c5d45342d7905a8dc9c3fe493bc01d1b43e87dee678074041
GET /analytics/1674492000000/3422725.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:55 GMT
content-type: text/javascript
x-amz-id-2: 3ynNnd7ay6coP7tjSCr8Oh9i4OstL/VE42nmCnyYgLsq9c9xvXv5zGHz+XEoi7vPTrpqfTZEm5U=
x-amz-request-id: HFDS28HSJN7TR7RG
last-modified: Wed, 18 Jan 2023 20:01:09 GMT
etag: W/"41fdc6bbb3ffb516514655767e27c05c"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Mon, 23 Jan 2023 16:46:41 GMT
cf-cache-status: HIT
age: 13
server: cloudflare
cf-ray: 78e1fac8cb930b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
use.typekit.net/bxf0ivf.js
23.36.76.186200 OK 6.8 kB URL HTTP/2 use.typekit.net/bxf0ivf.js
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (2369)
Hash e9bb21bdff4d1b1d8d1c9c4bd49be397
2ac18e6c5fa9898282b746d4193e61a2aeac941c
94e1f6021ec6fcab07c882a950e88e75d8d0cdefc25a73044adec4f43a1934bc
GET /bxf0ivf.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6811
date: Mon, 23 Jan 2023 16:41:55 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=134629809&tm=gtm002&Ver=2&mid=c9171415-fbce-4f76-bbb6-80f732831e0d&sid=d0452f109b3c11ed8631773a614e5eb3&vid=d0455a209b3c11ed98464d65afe8ff11&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gravwell%20vs%20Legacy%20SIEM&p=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&r=<=2068&evt=pageLoad&sv=1&rn=512292
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=134629809&tm=gtm002&Ver=2&mid=c9171415-fbce-4f76-bbb6-80f732831e0d&sid=d0452f109b3c11ed8631773a614e5eb3&vid=d0455a209b3c11ed98464d65afe8ff11&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gravwell%20vs%20Legacy%20SIEM&p=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&r=<=2068&evt=pageLoad&sv=1&rn=512292
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=134629809&tm=gtm002&Ver=2&mid=c9171415-fbce-4f76-bbb6-80f732831e0d&sid=d0452f109b3c11ed8631773a614e5eb3&vid=d0455a209b3c11ed98464d65afe8ff11&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gravwell%20vs%20Legacy%20SIEM&p=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&r=<=2068&evt=pageLoad&sv=1&rn=512292 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0E1279C14ABE6E6B28486B634B4B6F0D; domain=.bing.com; expires=Sat, 17-Feb-2024 16:41:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CEA330EA309F4685892C08C2423FB1D1 Ref B: OSL30EDGE0120 Ref C: 2023-01-23T16:41:55Z
date: Mon, 23 Jan 2023 16:41:55 GMT
X-Firefox-Spdy: h2
dc-api.adobe.io/system/log
34.197.224.31204 No Content 0 B URL HTTP/1.1 dc-api.adobe.io/system/log
IP 34.197.224.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /system/log HTTP/1.1
Host: dc-api.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-app-info,x-api-client-id,x-request-id,x-requested-with
Referer: https://documentcloud.adobe.com/
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Mon, 23 Jan 2023 16:41:55 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH
Access-Control-Allow-Headers: content-type,x-api-app-info,x-api-client-id,x-request-id,x-requested-with
Access-Control-Max-Age: 1800
Strict-Transport-Security: max-age= 3153600; includeSubdomains; preload
X-Robots-Tag: noindex, nofollow
Content-Length: 0
Content-Type: text/plain
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e74f283e-be9f-4eac-b412-e42a47dc3222&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2f1f0b7e-7a0c-492c-87ed-e3c83d8d8ba5&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e74f283e-be9f-4eac-b412-e42a47dc3222&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2f1f0b7e-7a0c-492c-87ed-e3c83d8d8ba5&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=e74f283e-be9f-4eac-b412-e42a47dc3222&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2f1f0b7e-7a0c-492c-87ed-e3c83d8d8ba5&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:55 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_m7IfLqfifFx2L0fOzFIphQ=="; Max-Age=63072000; Expires=Wed, 22 Jan 2025 16:41:55 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 98afd18c9d225ccd
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: e5b2faae552d2fdca3546eb935b6b95f15d5a6fd6580805888a3ddea9758f3ff
X-Firefox-Spdy: h2
p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
107.22.247.231204 No Content 0 B URL HTTP/1.1 p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
IP 107.22.247.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false HTTP/1.1
Host: p13n.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-adobe-uuid,x-api-key
Referer: https://documentcloud.adobe.com/
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Mon, 23 Jan 2023 16:41:55 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: Authorization,Content-Type,X-Api-Key,cache-control,User-Agent,If-None-Match,x-adobe-uuid,x-request-id
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: etag,x-cache,x-request-id,x-proxy-cache
X-Request-Id: cRs36AgxCCcbN0D63Bz957358rQQu0ed
bat.bing.com/p/action/134629809.js
204.79.197.200200 OK 1.4 kB URL HTTP/2 bat.bing.com/p/action/134629809.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 7d7f620c37c3bcfcadcefee9bfe199c4
0b9ba4c16df0c6ed54769616da151e7f29aedd5f
0fa4adc21b20d9a585c0e75e7b60f01409cc86932274da136d7e6007c10aaae3
GET /p/action/134629809.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1447
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D13B85343754B87B3C3881E4B6B6743 Ref B: OSL30EDGE0120 Ref C: 2023-01-23T16:41:55Z
date: Mon, 23 Jan 2023 16:41:55 GMT
X-Firefox-Spdy: h2
dc-api.adobe.io/system/log
34.197.224.31204 No Content 0 B URL HTTP/1.1 dc-api.adobe.io/system/log
IP 34.197.224.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /system/log HTTP/1.1
Host: dc-api.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: application/vnd.adobe.dc+json; profile="https://dc-api.adobe.io/schemas/system_log_parameters_v1.json"
x-request-id: bba31c02-3374-44e8-ba74-7fc106d4ff80
x-api-app-info: adobe-dc-view-sdk
x-api-client-id: dc-view-sdk-api_browser
Content-Length: 2428
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Mon, 23 Jan 2023 16:41:56 GMT
Connection: keep-alive
x-request-id: bba31c02-3374-44e8-ba74-7fc106d4ff80
x-server: adobe.loggingserver.2.1.8f11f2f488445442f2a91594f38aa1881ded6633
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: noindex, nofollow
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH
Access-Control-Max-Age: 1800
Strict-Transport-Security: max-age= 3153600; includeSubdomains; preload
p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
107.22.247.231200 OK 1.8 kB URL HTTP/1.1 p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
IP 107.22.247.231:0
File type JSON data\012- , ASCII text, with very long lines (9139), with no line terminators
Hash cd126f6d602bf3155f06113381c5d97e
1de7a527cc2d28696ad71f4bfe8f9e6ba01d0bb0
abaa0b7e23d42de0d73ce59d12e69dcdf5d6e4bcaa30dcb7ba9d03948ec8866d
GET /fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false HTTP/1.1
Host: p13n.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://documentcloud.adobe.com/
x-api-key: dc-prod-virgoweb
x-adobe-uuid: prod_dc-prod-virgoweb_0e63309b-9c43-42a0-970a-4b2499b5316d
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 23 Jan 2023 16:41:56 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-cache: MISS
x-proxy-cache: MISS
x-request-id: xe4GqlrenTyh1F8jJKOS4g9C84BL0BDx
ETag: W/"018420b41f5b9438953234a1f8ed13022"
x-adobe-fg-poll-interval: 60
Public-Key-Pins: pin-sha256='aZDniQiBGXn9kmC1MKpHxVsYje4hsP/aWBbSaW+qeb4='; includeSubdomains; max-age=5184000
Strict-Transport-Security: max-age=31536000; includeSubdomains;always
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self'; img-src 'self' data:; style-src 'self'; font-src 'self'; frame-src; object-src 'none'
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: Authorization,Content-Type,X-Api-Key,cache-control,User-Agent,If-None-Match,x-adobe-uuid,x-request-id
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: etag,x-cache,x-request-id,x-proxy-cache
use.typekit.net/af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3
23.36.76.186200 OK 39 kB URL HTTP/2 use.typekit.net/af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38708, version 1.0\012- data
Hash 9b7df6de861255c8e82ef093d507d3dd
bd72b5eabbdce88f1701a76e1469744d85ce663f
4b6a2e9b5ae1532e496a30ff9680b75a554cbe0785b4b12beabd729477869c22
GET /af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38708
etag: "dd165ea14e70e875c866c52590b09697264a4997"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3
23.36.76.186200 OK 36 kB URL HTTP/2 use.typekit.net/af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 36388, version 1.0\012- data
Hash b2fe0d9753fe193a7965b201cceb9547
5f2d96f6bfd11797a53e9a2832ca5a2f53211556
a4df96cbf8e2caa44973a92cc15757c900efc169039ce07e36f4e0fbc86b0216
GET /af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 36388
etag: "41965d6d62842bb2d99d68ccf8ee9edb4761b717"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3
23.36.76.186200 OK 39 kB URL HTTP/2 use.typekit.net/af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38948, version 1.0\012- data
Hash 8cf9ce13f6fe0205f4eaac49fa17b681
2cef6cd00a2d4a5cd5e0ab6f00042a70f1b73756
85257e2624bbb138582821ceb2f8b18c7b4fb43d26c1bcbfd5155ca81b55cc69
GET /af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38948
etag: "d3174cc9c8510f80b83b9cfd410deee482da5b22"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3
23.36.76.186200 OK 38 kB URL HTTP/2 use.typekit.net/af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38004, version 1.0\012- data
Hash 8d3c19e4eccd8530efc9e39326e0fc52
083f5a3b3161541e62ce4002d9fd1731fca640d2
5961262fd0cd492d39005e866ef7496f7dd4779ebd615a0fc5ade35d4eeb8030
GET /af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38004
etag: "ffabdd35c33ff95d9e079b6182134208d7454ba5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3
23.36.76.186200 OK 39 kB URL HTTP/2 use.typekit.net/af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 39260, version 1.0\012- data
Hash 35234f8adc394c536031c99d7ac8484f
12ebfa0153118fab8664c3b8ef696b64f4ea8eb5
e024fb3f5d381fe02fa0bc243dc557d5daff401f1b89220ebdfda89d5f99d207
GET /af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 39260
etag: "8c36bd97ea24a61ae9be2b67e129a8c251197d40"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3
23.36.76.186200 OK 39 kB URL HTTP/2 use.typekit.net/af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38976, version 1.0\012- data
Hash 3dc8e6938118f5fa1af3e7a5a98baa66
03cd9ee2cd0b7cd881fa75ff4a7369e68bd2154a
3d75bb0a01bc2fd0e963f6879634c371b205ca4da67021b0f453592337dcc001
GET /af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38976
etag: "5ebcf29234d7a3daf97e3d8d5fe8864631b7e3e7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X7vW9dX2dLAE4RRv-vCZR-nY8iLU9jj_eoZ3zydui_gWdP69vftdmg==
age: 455330
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=bxf0ivf&ht=tk&h=documentcloud.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1674492114760
23.36.76.186200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bxf0ivf&ht=tk&h=documentcloud.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1674492114760
IP 23.36.76.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bxf0ivf&ht=tk&h=documentcloud.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1674492114760 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4734d8a05cb5144e21f3749460877fad
2bfe8512dd6a5ed06b23a615d82bcae6076a105b
3acdf4482ca1869b01af3e519f1b9958a0afc71d3122b86cf1d2a7b2a754f322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5213
Cache-Control: max-age=127678
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 16:41:56 GMT
Etag: "63cdf435-117"
Expires: Wed, 25 Jan 2023 04:09:54 GMT
Last-Modified: Mon, 23 Jan 2023 02:43:01 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674492114192%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674492114192%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674492114192%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674492114192&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&089c6903-8af6-4d85-891f-d70f6e44a302"; Domain=.linkedin.com; Expires=Tue, 23-Jan-2024 16:41:56 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230123164156f700bc56-3941-4710-8c5e-1c336fe0e751AQGeULiI9zGSwBicC9X_UI_rKsIo8OJM"; Domain=.www.linkedin.com; Expires=Tue, 23-Jan-2024 16:41:56 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQ0OTIxMTY7MjswMjHcWLwlUUz0+W+A/8lGdTutdy3/Kg1RqgrbFFx8Mjhf+w==; Domain=.linkedin.com; Expires=Sat, 22 Jul 2023 16:41:56 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2416:u=1:x=1:i=1674492116:t=1674578516:v=2:sig=AQHP8QYUPKJZUZ9QZPoD0HIqwYUJ8QgY"; Expires=Tue, 24 Jan 2023 16:41:56 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXy8RPEwE69OW1b1Y4w3g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 68216D0E87A1468B8C3402B9BF2C7E40 Ref B: OSL30EDGE0105 Ref C: 2023-01-23T16:41:56Z
date: Mon, 23 Jan 2023 16:41:56 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674492114192&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674492114192&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1746644&time=1674492114192&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&969b3eb9-adbc-491b-8972-af9fa5872d6b"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 23-Jan-2024 16:41:56 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2446:u=1:x=1:i=1674492116:t=1674578516:v=2:sig=AQHYOqVQxmhiJzffZ4OAOxSev2stK4La"; Expires=Tue, 24 Jan 2023 16:41:56 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-source-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXy8RPM2psmg8nGHqy30w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 293A5F135E9F41C3A4BBCA3D0FA2CE3F Ref B: OSL30EDGE0105 Ref C: 2023-01-23T16:41:56Z
date: Mon, 23 Jan 2023 16:41:56 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 6c4b6bc0ac8a4052c348b0ac9523bfab
3dca92a045f63e72007965e1c3c603590b0842e7
545e3edda0ba64be5d526b2457a012da2af85b60dfa84d5ba5f0db3042e38b3a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 23 Jan 2023 16:41:56 GMT
Last-Modified: Mon, 23 Jan 2023 14:58:59 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2SirETi7paMq4fhwCCK8LYhWis_J5ZDh_t-1caP2ifEhfOzsJYrMUg==
Age: 6178
csmetrics.hotjar.com/
54.154.132.81204 No Content 0 B IP 54.154.132.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 102
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 16:41:57 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
csmetrics.hotjar.com/
54.154.132.81204 No Content 0 B IP 54.154.132.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 100
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 16:41:57 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/3147527/visit-data?sv=7
34.248.24.189200 OK 140 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/3147527/visit-data?sv=7
IP 34.248.24.189:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 51101f76be70131ff65fc2d9a2d527f7
9f142614514dbfe1f6f69980f1cd1995525708d7
3112462f560e92343c9118f02245156149f39bfdcedea991b1bd9dc0e786116d
POST /api/v2/client/sites/3147527/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:56 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
13.107.237.53200 OK 19 kB URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (56646)
Hash 8e876f4b042e98ffc523cea45d8f6fe7
21794bbbb329172737a7e018adf98abfcc9c25a0
e35018bb9bc9906bf40ad8531d6815b783208ca4713af4a4311e23200863da0b
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d928dd7500799e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 06ITOYwAAAABn1YX+F77NTqV5kAdUjK/3RlJBMjMxMDUwNDE3MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 01LjOYwAAAABx5p+dRgHAR6Xan76SNS2/Q1BIMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&RedC=c.clarity.ms&MXFR=390DD361F25A6E1E151AC1C3F65A6045
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=390DD361F25A6E1E151AC1C3F65A6045; domain=.clarity.ms; expires=Sat, 17-Feb-2024 16:41:57 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 23 Jan 2023 16:41:56 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&RedC=c.clarity.ms&MXFR=390DD361F25A6E1E151AC1C3F65A6045
204.79.197.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&RedC=c.clarity.ms&MXFR=390DD361F25A6E1E151AC1C3F65A6045
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&RedC=c.clarity.ms&MXFR=390DD361F25A6E1E151AC1C3F65A6045 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&MUID=1B5EB6CF3B2F60DC0D4DA46D3ADA61A4
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=1B5EB6CF3B2F60DC0D4DA46D3ADA61A4; domain=c.bing.com; expires=Sat, 17-Feb-2024 16:41:57 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80D03048C1E7492D8B34956536806CB1 Ref B: OSL30EDGE0120 Ref C: 2023-01-23T16:41:57Z
date: Mon, 23 Jan 2023 16:41:57 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash bb37c0a7805275735c6c705ad7f3680c
171a0b7296fdbe24d442f2b09f130b59fe5780e0
8d576bf8882e89006842b320869d3081f0119b62c285794b5d005fecd40a5b41
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103714
Date: Mon, 23 Jan 2023 16:41:57 GMT
Etag: "63cd949f-1d7"
Expires: Tue, 24 Jan 2023 21:30:31 GMT
Last-Modified: Sun, 22 Jan 2023 19:55:11 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hFt9RYPbg10ELghkjZaCXZH-2nSQ2S0q2HBwUPoCBlCle30CJfKL9Q==
Age: 5720
ws37.hotjar.com/api/v2/client/ws
54.74.196.85101 Switching Protocols 0 B URL HTTP/1.1 ws37.hotjar.com/api/v2/client/ws
IP 54.74.196.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws37.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.gravwell.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q5SvBwHtHka/BDEaFyVH9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 23 Jan 2023 16:41:57 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0lJ9CwcDsCY99FGLVRjW85Rh8HM=
Sec-WebSocket-Extensions: permessage-deflate
c.clarity.ms/c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&MUID=1B5EB6CF3B2F60DC0D4DA46D3ADA61A4
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&MUID=1B5EB6CF3B2F60DC0D4DA46D3ADA61A4
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=679181526112464EB956B57D9CB41146&MUID=1B5EB6CF3B2F60DC0D4DA46D3ADA61A4 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 23-Jan-2023 16:51:57 GMT; path=/; SameSite=None; Secure;
date: Mon, 23 Jan 2023 16:41:57 GMT
content-length: 42
X-Firefox-Spdy: h2
content.hotjar.io/
54.194.139.170200 OK 56 B IP 54.194.139.170:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d9f3d36dac5cb3d460f1493bc1b9e9b5
b5796a43ff4f29ceb383d571c1151d0429edb186
7626e1c91ed65bc9a116b37be61e2149343f25debd5d7c82bb95b18cc77b328a
POST / HTTP/1.1
Host: content.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 219496
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:57 GMT
content-type: application/json
content-length: 56
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/134629809
13.107.237.53200 OK 852 B URL HTTP/2 www.clarity.ms/tag/uet/134629809
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (852), with no line terminators
Hash 3bf5a42165799a5b09e9952c73c7a0b7
c3549ef7f1ce3b01a18699e7da7deed8ef0c3d76
57af9fe0b653eb65280a513e209619473a24b723e8f366fe2f90a21cd2563c2d
GET /tag/uet/134629809 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=dd9fcd76c6f242a08233455bb99286cc.20230123.20240123; expires=Tue, 23 Jan 2024 16:41:56 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
x-cache: CONFIG_NOCACHE
x-azure-ref: 01LjOYwAAAAAVFbMX22MLTJUI8TQubH6pQ1BIMzBFREdFMDQyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 23 Jan 2023 16:41:56 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 84599
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.gravwell.io
access-control-allow-credentials: true
date: Mon, 23 Jan 2023 16:41:57 GMT
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/bootstrap.js
184.31.15.170200 OK 80 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/bootstrap.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65467)
Hash 264b696c3a0b01ce3ed8d0e65808afa5
8ecedf747709da988add7e2f8b1aea870552a9f9
9e8f0c0ff7fa6c98f6f084cbe3cf650d2616ea2308ae5f31cf2d549d8af79be6
GET /dc-pdfverbs-web/2.35.0_3.92.0/bootstrap.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:59 GMT
etag: "d10103b22771d640922c705ec93b2aab"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 80290
date: Mon, 23 Jan 2023 16:41:57 GMT
akamai-grn: 0.a60f1fb8.1674492117.2353284e
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/translations-en-US-json.js
184.31.15.170200 OK 9.7 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/translations-en-US-json.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (46892), with no line terminators
Hash 207c92b7dfbb7ff5fd85bf1a52dad249
b096f9f8d8895635aacb51f17ef3a0da9c1799f4
370e0306b4e66c5149c92e1e1e3b4ca8a13cff026bd3bd11d91dca2d96b2499e
GET /dc-pdfverbs-web/2.35.0_3.92.0/translations-en-US-json.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:26:02 GMT
etag: "001ff1e1a481e5bd871459bd47815d93"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Mon, 23 Jan 2023 16:41:57 GMT
content-length: 9703
akamai-grn: 0.a60f1fb8.1674492117.2353284d
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
viewlicense.adobe.io/viewsdklicense/jwt
34.199.101.34200 OK 0 B URL HTTP/1.1 viewlicense.adobe.io/viewsdklicense/jwt
IP 34.199.101.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /viewsdklicense/jwt HTTP/1.1
Host: viewlicense.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-key-pair-version
Referer: https://www.gravwell.io/
Origin: https://www.gravwell.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 23 Jan 2023 16:41:57 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-origin: https://www.gravwell.io
access-control-max-age: 86400
access-control-allow-headers: content-type,x-api-key,x-key-pair-version
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-credentials: true
vary: Accept-Encoding, User-Agent
X-Content-Type-Options: nosniff
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: none
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Id: LCZnNeVqqIf2vcE1nfC4dGJ95X1oC3TV
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/24-24-icons.js
184.31.15.170200 OK 6.6 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/24-24-icons.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21945)
Hash 3b9aaaa411a4350e3f6e3e366f0ed1ce
62d71877b3370629b89812f5617126a444be69f2
213098744bdb3e02907f6c5d867fb9fd2847934ae3b60fe3c3f73e09a661c51b
GET /dc-pdfverbs-web/2.35.0_3.92.0/24-24-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:58 GMT
etag: "049ff2a9c116f6a55d54f00b7d451ae4"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 6641
date: Mon, 23 Jan 2023 16:41:57 GMT
akamai-grn: 0.a60f1fb8.1674492117.2353292a
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/context-board-icons.js
184.31.15.170200 OK 6.9 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/context-board-icons.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (16355)
Hash 59d918e0491b4938056f1076663171cd
e2f9d909944917b8b8e68b7458f7009dd8a7d1b7
f6e96c43d6e974989abf37008c341d7b7ee9b63a23827e8c201a60df4cbc10ee
GET /dc-pdfverbs-web/2.35.0_3.92.0/context-board-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:59 GMT
etag: "dff189e880c4e2f5325ca196bf36798c"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 6902
date: Mon, 23 Jan 2023 16:41:57 GMT
akamai-grn: 0.a60f1fb8.1674492117.2353292f
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/tile-icons.js
184.31.15.170200 OK 3.3 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/tile-icons.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12488)
Hash 339b8138fd807d50a51a5112fb5e7254
6bb8fba01740254e288ebfa3e6d6ac482b5d9e0d
7e40efb0f33c293a5ec891ed5de9c1c480d2da9db4e8e1a7e2b21f2ff32def44
GET /dc-pdfverbs-web/2.35.0_3.92.0/tile-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:26:02 GMT
etag: "beab5225a8663804a13e85f063bf69c2"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 3258
date: Mon, 23 Jan 2023 16:41:57 GMT
akamai-grn: 0.a60f1fb8.1674492117.23532930
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/18-18-icons.js
184.31.15.170200 OK 1.5 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/18-18-icons.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3244)
Hash a067ee775f309980345401dd1c77d4bc
d117bca2d9a06cbf816ea2cedc22c391c0334e86
0631f890f01679456d62283a1420625eeebec57b583950d2eec6777e015322cf
GET /dc-pdfverbs-web/2.35.0_3.92.0/18-18-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:58 GMT
etag: "5643d4fc8a7b253ecf424223e2badedd"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 1480
date: Mon, 23 Jan 2023 16:41:57 GMT
akamai-grn: 0.a60f1fb8.1674492117.23532949
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/media-query-provider.js
184.31.15.170200 OK 1.1 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/media-query-provider.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2828)
Hash 1b72eb1a66215a18248b54791c90d6a1
a6978bd0c828d3c5b4fce1ffb83b04b91ce11a65
20b650213185b7f302f942d5d7e68a0dee0013c2a42c8dde7d99f837e1c25d61
GET /dc-pdfverbs-web/2.35.0_3.92.0/media-query-provider.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:26:00 GMT
etag: "75811f1129566c2ea3ea4918df3c9f03"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 1113
date: Mon, 23 Jan 2023 16:41:58 GMT
akamai-grn: 0.a60f1fb8.1674492118.235329a1
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/3183.js
184.31.15.170200 OK 3.9 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/3183.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12241)
Hash a8349a1b96561e506f25457b5f6a8d42
8fdabf8abffbda28a50980d26138ef7d217caacc
da8038719175b4545fbb76771b4734fdb922cc30250435e844530bb4a51b7049
GET /dc-pdfverbs-web/2.35.0_3.92.0/3183.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:58 GMT
etag: "f8b881c1d31a9d2c4d69e6d0487ac7f3"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 3917
date: Mon, 23 Jan 2023 16:41:58 GMT
akamai-grn: 0.a60f1fb8.1674492118.235329a6
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
viewlicense.adobe.io/viewsdklicense/jwt
34.199.101.34200 OK 580 B URL HTTP/1.1 viewlicense.adobe.io/viewsdklicense/jwt
IP 34.199.101.34:0
File type JSON data\012- , ASCII text, with very long lines (580), with no line terminators
Hash 7300d7e8369e91dd02ff2170687a2dc7
1a24817fe0a38cbcc2ca5cb67148b5539d86f872
c46ca162bd58c1e38d250b70f29a7d640372d08f98f4a6703ae325d8db9f9bc3
POST /viewsdklicense/jwt HTTP/1.1
Host: viewlicense.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Key-Pair-Version: v1
Content-Type: application/json
x-api-key: 96469cd78a7648b7b719090b04d20a42
Origin: https://www.gravwell.io
Content-Length: 670
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 23 Jan 2023 16:41:58 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 580
Connection: keep-alive
access-control-allow-origin: https://www.gravwell.io
access-control-max-age: 86400
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-credentials: true
x-request-id: Yf6fVx8uwHJbMYhgsnW6NW3bPjgwGqwh
access_control_allow_origin: https://www.gravwell.io
x-server: adobe.viewsdklicense.0.4.c840b6930308cd9dccaef05dad4a97f263bdbde9
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: none
vary: Accept-Encoding, User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
csmetrics.hotjar.com/
54.154.132.81204 No Content 0 B IP 54.154.132.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 67
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 23 Jan 2023 16:41:58 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
184.31.15.170200 OK 0 B URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:14 GMT
etag: "7326cb2af7c9e33ac931f6c80ad8dcf5"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/wasm
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 23 Jan 2023 16:41:58 GMT
akamai-grn: 0.a60f1fb8.1674492118.23532cee
x-robots-tag: noindex, nofollow
access-control-expose-headers: Content-Encoding, Accept-Ranges
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
184.31.15.170200 OK 144 kB URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
Size 144 kB (144460 bytes)
Hash e0055914387445b9058eb9243e6b78ee
a0cb783f788cf7174999de8fd5c61d00d783d28a
2c3d32d8d83d47e0a501fcd98c759f0793acfd58339408f773d08165c2e1f6b6
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:14 GMT
etag: "7326cb2af7c9e33ac931f6c80ad8dcf5"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/wasm
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 23 Jan 2023 16:41:58 GMT
akamai-grn: 0.a60f1fb8.1674492118.23532d56
x-robots-tag: noindex, nofollow
access-control-expose-headers: Content-Encoding, Accept-Ranges
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
IP 142.250.74.138:0
GET /css2?family=Lato:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jan 2023 16:41:53 GMT
date: Mon, 23 Jan 2023 16:41:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?__hssc=40238973.1.1674492102318&__hstc=40238973.062f14646b0104b8566b1155b0282608.1674492102317.1674492102317.1674492102317.1&canon=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&hsutk=062f14646b0104b8566b1155b0282608&pageId=80900898355&pid=3422725&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=d&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a
104.19.154.83200 OK 0 B URL HTTP/2 cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?__hssc=40238973.1.1674492102318&__hstc=40238973.062f14646b0104b8566b1155b0282608.1674492102317.1674492102317.1674492102317.1&canon=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&hsutk=062f14646b0104b8566b1155b0282608&pageId=80900898355&pid=3422725&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=d&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a
IP 104.19.154.83:0
GET /ctas/v2/public/cs/cta-json?__hssc=40238973.1.1674492102318&__hstc=40238973.062f14646b0104b8566b1155b0282608.1674492102317.1674492102317.1674492102317.1&canon=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&hsutk=062f14646b0104b8566b1155b0282608&pageId=80900898355&pid=3422725&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=d&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a HTTP/1.1
Host: cta-service-cms2.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:55 GMT
content-type: application/json;charset=utf-8
x-trace: 2B1B7509B2032B53CF940758ABB4756BDB3D646EAB000000000000000000
cache-control: max-age=0, no-cache, no-store
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: 25d953cd-fb2b-41d5-9057-46e8548adf13
access-control-allow-origin: https://www.gravwell.io
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
access-control-max-age: 180
x-robots-tag: noindex, follow
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=FlWnG4X.NaYBYqLtlNHuo2YJdEVkT_KHbqhFDo.U8Z8-1674492115-0-Ad6p0SNB0GtGYYclo21JeWqvfMCTJpoQWMGJvvzS5qvKGV2Yrynta9nHiJ+OvDJmcFMF/b2XN+pBIsy2qRXAb4k=; path=/; expires=Mon, 23-Jan-23 17:11:55 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqqSHG2C%2BLDpys5DpufDTt0Hn%2FwytWDPaDKfU6cJR0gnS4K%2BLe5q4kX3nnMN9IWAyUJGKLDO1QDthiCoGd4UQZmgWF1Hbo%2BgMTjZWC456MDVZjA%2F9QnaJpRa48rwQLTGyFvgSmrmfFUd0oMbrDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e1fac41cd0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3147527.js?sv=7
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-3147527.js?sv=7
IP 143.204.55.54:0
GET /c/hotjar-3147527.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 23 Jan 2023 16:41:42 GMT
cache-control: max-age=60
etag: W/3b1171bee45af029634ab853e317a546
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: q8ebw1eKoB2pA4QFtQvSYg0V5VEBCrGj_zt0FzTvIUL7CBFtpXoLKg==
age: 13
X-Firefox-Spdy: h2
js.hsadspixel.net/fb.js
104.17.112.176200 OK 0 B IP 104.17.112.176:0
GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 23 Jan 2023 16:41:54 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Jan 2023 04:29:49 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: SDrNOl8ziD8gAW.Yx4_m5h0e_hjF8Ssn
etag: W/"c400e8c1e05d683a64923854807562fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: cAOyvhvbcDlArSTQe3mZmyqXggqsjMsPTwu3i4sM8BA8wia3h_NkVQ==
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.316/bundles/pixels-release.js&cfRay=78c93fd85d44d987-IAD
x-hs-target-asset: adsscriptloaderstatic/static-1.316/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 230
server: cloudflare
cf-ray: 78e1fac15a111c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-core/2.35.2/dc-core.js
184.31.15.170200 OK 0 B URL HTTP/2 documentcloud.adobe.com/dc-core/2.35.2/dc-core.js
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
GET /dc-core/2.35.2/dc-core.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 19:46:08 GMT
etag: "8809e22943f08befa3f862a3f1bbf9c4"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 117212
date: Mon, 23 Jan 2023 16:41:54 GMT
akamai-grn: 0.a60f1fb8.1674492114.23530e66
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.wasm
184.31.15.170200 OK 0 B URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.wasm
IP 184.31.15.170:0
ASN #20940 Akamai International B.V.
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.wasm HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:15 GMT
etag: "da866f106b56f27c60fb9b1e88513b0a"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/wasm
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 23 Jan 2023 16:41:55 GMT
akamai-grn: 0.a60f1fb8.1674492115.23531a1e
x-robots-tag: noindex, nofollow
access-control-expose-headers: Content-Encoding, Accept-Ranges
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2