r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8977
Expires: Tue, 24 Jan 2023 05:32:23 GMT
Date: Tue, 24 Jan 2023 03:02:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11888
Expires: Tue, 24 Jan 2023 06:20:54 GMT
Date: Tue, 24 Jan 2023 03:02:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 02:42:40 GMT
content-type: application/json
age: 1206
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8755
Expires: Tue, 24 Jan 2023 05:28:41 GMT
Date: Tue, 24 Jan 2023 03:02:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PwBkACh7TIuP57LxQA5ufmnhLOkKVRPkuWMl7PCDRBZ3MI6RKIphaIBucDXCQgstQcTics+ORw0=
x-amz-request-id: KHAC5F0AGR94XRCV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 02:47:58 GMT
age: 888
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 03:02:46 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 02:48:59 GMT
age: 827
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
view.gravwell-tech.com/click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next
301 Moved Permanently 0 B URL HTTP/1.1 view.gravwell-tech.com/click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next HTTP/1.1
Host: view.gravwell-tech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Date: Tue, 24 Jan 2023 03:02:45 GMT
Location: https://proxy.quickmail.com/click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next
Server: Cowboy
Via: 1.1 vegur
Content-Length: 0
ocsp.digicert.com/
200 OK 471 B IP
Hash bb280016d8f12fa0a6ae86792ba89e67
53188091dab8e35ba20d2e341624777c2fb1536a
c28ed8dc9af97c7096f60030048432a41fb853e81ea91208e91493784d382bb9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1675
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:46 GMT
Last-Modified: Tue, 24 Jan 2023 02:34:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9a43045415120fbe717c627d2ae16
000575030d666f4447464702fb5fb7c1080967b8
3fb1c8422e3b3f2dea7af9ca94ed410eadf5e7e8ee271c66a028ca156bc0cca6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FB1C8422E3B3F2DEA7AF9CA94ED410EADF5E7E8EE271C66A028CA156BC0CCA6"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11471
Expires: Tue, 24 Jan 2023 06:13:57 GMT
Date: Tue, 24 Jan 2023 03:02:46 GMT
Connection: keep-alive
proxy.quickmail.com/click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next
301 Moved Permanently 118 B URL HTTP/1.1 proxy.quickmail.com/click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next
IP
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 4d815e3c70b40864bd8e05e66d81bf65
921ecaa5e402de4f492a99930cb6b3656d800bf7
968522318a41dc7d04ca5c6f526d9228a694df1b5e396917102ab5db6a6d828d
Analyzer Verdict Alert fortinet Phishing
GET /click/1/538125800/5fafb693d8950e70da15f1991f75bb34/c92c268b87bb20b876c782ea953a598a/next HTTP/1.1
Host: proxy.quickmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: strict-origin-when-cross-origin
Location: https://www.gravwell.io/file/gravwell-vs-legacy-siem
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
X-Request-Id: 26f0f7f4-ee69-4d4f-86a8-e7a2da97a457
X-Runtime: 0.026881
Server:
Date:
Last-Modified:
Strict-Transport-Security: max-age=63072000; includeSubDomains
Transfer-Encoding: chunked
Via: 1.1 vegur
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p0S9IEfRV6CKmtxSU+9zww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q13U0vwKbtV6/hG159Qu0fHmoyA=
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
File type ASCII text, with very long lines (65447)
Hash d900ca08873ee57d40616d39a44cc0aa
7ab3ac8b1504b7b914a6e94c979b8390bb492f6a
1eea479cc0abe04a0846f41031207f9511f12ffef017a6109d4efb6f5523465b
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4769637
expires: Sun, 14 Jan 2024 03:02:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4b7EERGdR2PPJAZjYZiCAUeElLgy%2Ba9gb9kMUfOvBmZI12DWXvF9syN1AQgHumMW17Gr6pne9m0F3kNJWWjKE2l3UmPHPHWczSiD7ldrJFin7gVoqDyfSAbLWB1pdLBBZUHPzE4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78e588463e110afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/main.js
200 OK 503 B URL HTTP/2 documentcloud.adobe.com/view-sdk/main.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (938)
Hash 6793c4d530ebaa24162ce7aefc274789
c064ec4747444a84742c985f1bc91905af9f321b
dd53d151beb1db93938959da1c3335bddc994f7e522da2f69fb7a4ef40f042be
GET /view-sdk/main.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 11:14:07 GMT
etag: "436ddde4b7d4a30ec4bbf54252ef0fab"
cache-control: max-age=60, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 503
date: Tue, 24 Jan 2023 03:02:48 GMT
akamai-grn: 0.bf0a655f.1674529368.22ba0a7e
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2693
Expires: Tue, 24 Jan 2023 03:47:41 GMT
Date: Tue, 24 Jan 2023 03:02:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2693
Expires: Tue, 24 Jan 2023 03:47:41 GMT
Date: Tue, 24 Jan 2023 03:02:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2693
Expires: Tue, 24 Jan 2023 03:47:41 GMT
Date: Tue, 24 Jan 2023 03:02:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2693
Expires: Tue, 24 Jan 2023 03:47:41 GMT
Date: Tue, 24 Jan 2023 03:02:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2693
Expires: Tue, 24 Jan 2023 03:47:41 GMT
Date: Tue, 24 Jan 2023 03:02:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 07:53:50 GMT
age: 68938
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a0f24f-7a25-4324-960c-9137142e8f70.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a0f24f-7a25-4324-960c-9137142e8f70.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 32dd7620701c91aba60f9602444a044d
326af548de3711b3af0e3271eae6409461520604
56d8f0647de678252f5a3b186e06e7d4668fd03e77e9c38ce3b3b4e476a5f5ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5a0f24f-7a25-4324-960c-9137142e8f70.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: e4c0d6ab-0eee-46b7-acde-3d0f9e743379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVbEXvIAMFfcA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3288-5f5a78bf26b1d94428b3b092;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1r-d4VCpWW-lCTIPKfQQQA2SPkiBaCcFPegs0W0LBh_9tHJNq7zPQQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 08:03:15 GMT
age: 68373
etag: "326af548de3711b3af0e3271eae6409461520604"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:59:05 GMT
age: 18223
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81d3fe9a-5a47-4b14-b9fa-dbdb9eaa15b5.webp
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81d3fe9a-5a47-4b14-b9fa-dbdb9eaa15b5.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463ff6307fdd172cbd2cae55f9b4a502
7e17bac498e8403b40fc7bfeffe8a8ca0161c6b5
1b30579f2387e4d417cc9ae8d33361b95b2778f7d74a29c77ec4731927fed2a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81d3fe9a-5a47-4b14-b9fa-dbdb9eaa15b5.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9337
x-amzn-requestid: f3e46ddd-18ac-4a5f-b32a-397613b152bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzYjFiroAMFl8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ceff69-05f69341783503ea1daca727;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GZROgJAlFZPcxpL_dnRdxQ4uZHmt5i3TcafbLfEQC-QY4mMrAFeg0A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:59 GMT
age: 18349
etag: "7e17bac498e8403b40fc7bfeffe8a8ca0161c6b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c29ea116f715297b757c81dab8d1b5f3
6aae9d763dec58740cdfbfe46f6c69986b81414d
09afde8ec60dd1471e0ce33ed11ae4542b6813ad02e2abf037629a8ae5cfe240
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F987410c8-c934-4399-b586-efb1a5111e3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12102
x-amzn-requestid: 54ba881d-c54b-49fa-a5b3-20b8d80f2a35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyrNG1AIAMFxTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe47-1acbf1c34a4dbfdd506d3383;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ies4Oa0AiQaj9sEkpSZ-WZHMiRVYMV6IeLWDWq_G69cwBYi-RuKLGQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 17684
etag: "6aae9d763dec58740cdfbfe46f6c69986b81414d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F140a90fd-357c-46c9-a6c8-87ba604d4d03.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F140a90fd-357c-46c9-a6c8-87ba604d4d03.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b13174aad4c8a3fd46552a6ac200da
64f9cbd0604812e72c037dd805dd959087cf9f89
8a4aff1f9887fb590f72a2e81bb9752fa5cbc84cd149f0a179fb0d56aec4c817
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F140a90fd-357c-46c9-a6c8-87ba604d4d03.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5664
x-amzn-requestid: dddf598e-c703-4c1a-9221-5a33f2609f2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNza6FBmIAMFnRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ceff78-1c19e9dc6097976248411cf2;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:43:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6D4ujywPYPiPrwoDgnB2ymDfyY4c71TeCD_LYoFIW-H7baZ-mRyc2Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 17684
etag: "64f9cbd0604812e72c037dd805dd959087cf9f89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 831949834fce41f3fa8f544c99730c25
e98b70a86255cacf4cca405c7fd4bb05bf427bad
94cb9cfe8593a576362e5707670dfc3a46bda5cdc5d9b15d69b8b32b0c99cbe9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/gel7sic.css
200 OK 714 B URL HTTP/2 use.typekit.net/gel7sic.css
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash f4080f7d25497fdac3b3f2d1375a6c2d
53481e1ce4e7e82b24b5289602cc56e43507f562
b26c0849be9c92821f9f14aa45764e0060531b343dd4cc4f1f281a9d5a31b9cd
GET /gel7sic.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 714
date: Tue, 24 Jan 2023 03:02:48 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
200 OK 405 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
IP
Hash 7f0fc5218fe7e5a6a7b68844840d1d5b
8b5712032ff09cc4b7096065f038df7f72d971dc
d019bacce3e2d6056274f50500ab25079c7df09e90d1fde6203e4bd8a238b95e
GET /css2?family=Lato:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 24 Jan 2023 03:02:48 GMT
date: Tue, 24 Jan 2023 03:02:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.typekit.net/af/97dfb1/00000000000000007735b014/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
200 OK 20 kB URL HTTP/2 use.typekit.net/af/97dfb1/00000000000000007735b014/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 20388, version 1.0\012- data
Hash 664a8f5be311f4107332e7e528fcb171
9bad541804c8b6ce6cead5d5924f85db66e2dd64
2c71c37bce6c7382e88482c6f8543ec284ba2f6392e704bb4a8e598cf62f8835
GET /af/97dfb1/00000000000000007735b014/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 20388
etag: "cb2fec304ab64f5f92f40c483a634849a91fa1d7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:48 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash dd676ffc078f2b075fdc6d7606dc55b3
f57644c4be9f9521b2c45df5ee6eee87489819e1
b0ecd59482b2bc369555e2b94287c0de6eb874c9f52c15d2ecda112b8f3d2dba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/af/2ab381/00000000000000007735b011/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
200 OK 24 kB URL HTTP/2 use.typekit.net/af/2ab381/00000000000000007735b011/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
Hash c8a4d9ac966d3c89fca703d04a8fda59
21a3fee976dfec5f1b07ed54dc3e015b0fb648ad
5293e555a35b2a81305efe8dfd8ab92f22f94b404596e7e93a084824d8ec6a6e
GET /af/2ab381/00000000000000007735b011/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 20548
etag: "25bc7a4ea6675dddcd78a233524f54db30f06c5d"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:48 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 04:29:06 GMT
expires: Wed, 17 Jan 2024 04:29:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
age: 599622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDKInterface.js
200 OK 43 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDKInterface.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (29952)
Hash 288d16ab7f3d7845d913313336a585c8
5cf045627568af5427beaac05a971fe0dc80429d
bc7b6a98e3d266d0dc5263c762d5c1a946cca24d7ff74a5b665f014c0e6ed10a
GET /view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDKInterface.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:38 GMT
etag: "e2fc2f90882c11f516ba8fb2babe6fcd"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 34993
date: Tue, 24 Jan 2023 03:02:48 GMT
akamai-grn: 0.bf0a655f.1674529368.22ba0dae
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 8.1 kB IP
Hash ca1436cb56af6511ccfebcd4291231c1
8c46dccfcad345993cc51d6385c00d4e27ef7db9
b65a0349b3110356ab4e52cd6bd195f39d1ef329ad8d5ad0f7c1d04013c773a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash aed5663b228e788fd436798f50414d96
1c043254848d1107978dee4f5d757a0f9fee3521
3245bfd7d948f3579f650c45c149bc00ef11d97a8f50e59c84956f6321c0fb6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3119
Cache-Control: max-age=102388
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Etag: "63ce2b1e-117"
Expires: Wed, 25 Jan 2023 07:29:17 GMT
Last-Modified: Mon, 23 Jan 2023 06:37:18 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
200 OK 19 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35751)
Hash 8f065abf32c730b71e427474ce23576d
ff488367194a50a49a32747678c45e64de9707cd
27471991e96f88d505293f90c927693884ebaabcf1424171932904f69cd3d645
GET /view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:38 GMT
etag: "c1ada9eae5213ab686379651d4be0297"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: text/html
vary: Accept-Encoding
content-encoding: br
content-length: 18627
date: Tue, 24 Jan 2023 03:02:49 GMT
akamai-grn: 0.bf0a655f.1674529369.22ba0e6e
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
content-security-policy: default-src 'none'; upgrade-insecure-requests; base-uri 'self'; form-action 'none'; script-src 'self' use.typekit.net assets.adobedtm.com www.adobe.com/marketingtech/ prod.adobeccstatic.com/utilnav/ widget.uservoice.com by2.uservoice.com/t2/ assets.adobe.com api.demandbase.com/api/v2/ip.json commerce.adobe.com; style-src 'self' 'unsafe-inline' use.typekit.net prod.adobeccstatic.com/utilnav/ assets.adobe.com; connect-src 'self' dc-api.adobe.io dc-api-v2.adobe.io p13n.adobe.io/fg/api/ sstats.adobe.com dpm.demdex.net viewlicense.adobe.io/viewsdklicense/ viewlicense.adobe.io/domainVerification/ viewlicense.adobe.io/variations/service_delivery_auth performance.typekit.net use.typekit.net p.typekit.net dc-api.adobecontent.io dc-api-v2.adobecontent.io by2.uservoice.com/t2/ pgc.adobe.io/api/discovery files.acrobat.com/api/base_uris *.adobesign.com *.documents.adobe.com *.echosign.com cctypekit.adobe.io/v1/ bps-il.adobe.io/jil-api/users/ *.amazonaws.com commerce.adobe.com send.acrobat.com; img-src 'self' blob: data: about: p.typekit.net images.pexels.com/photos/ *.documents.adobe.com *.adobesign.com *.echosign.com; frame-src 'self' https://acrobat.uservoice.com/ *.documents.adobe.com/ commerce.adobe.com *.adobesign.com *.echosign.com; font-src 'self' use.typekit.net; child-src 'self'; report-uri https://dc-api.adobe.io/system/csp?source=viewsdkprod;
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-core/2.35.2/dc-mobx.js
200 OK 24 kB URL HTTP/2 documentcloud.adobe.com/dc-core/2.35.2/dc-mobx.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65471)
Hash 4b2b5b67e81940905d7ca55366fee468
bb913e5fe97b6ee9435e1e4244012e6669f0f6d0
1f3b31df94ad7a39d8b87e480ea05d00212986f1e85a04878d80504bf5d8c17c
GET /dc-core/2.35.2/dc-mobx.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 19:46:08 GMT
etag: "023c88dd93088a44e2b2dc482c55beec"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 24451
date: Tue, 24 Jan 2023 03:02:49 GMT
akamai-grn: 0.bf0a655f.1674529369.22ba0ed4
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-core/2.35.2/dc-core.js
200 OK 117 kB URL HTTP/2 documentcloud.adobe.com/dc-core/2.35.2/dc-core.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65471)
Size 117 kB (117212 bytes)
Hash a3dcdf954c6618fd607953dcf5bd6959
88a9d809040f5d0f15b999c2d9512e5f63fc89d7
976ea8e820f926040d1cd30d8b9ab2632c9965e278f2288fbac4f3983b66f577
GET /dc-core/2.35.2/dc-core.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 19:46:08 GMT
etag: "8809e22943f08befa3f862a3f1bbf9c4"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 117212
date: Tue, 24 Jan 2023 03:02:49 GMT
akamai-grn: 0.bf0a655f.1674529369.22ba0ed3
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-core/2.35.2/dc-extras.js
200 OK 78 kB URL HTTP/2 documentcloud.adobe.com/dc-core/2.35.2/dc-extras.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65467)
Hash 791cd2f77a139617e0efc0c1a6193182
c80b43489b5c87ee2278346557d1952cc4eab19e
aaf2b65d4e77a0efadf8867869f7ed52144a2c4965a4c6a409c27e7823bade1e
GET /dc-core/2.35.2/dc-extras.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 19:46:08 GMT
etag: "aaaa7772f9ede7c609544bd34e42ac14"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Tue, 24 Jan 2023 03:02:49 GMT
content-length: 77468
akamai-grn: 0.bf0a655f.1674529369.22ba0ed5
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/dc-app-launcher.js
200 OK 16 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/dc-app-launcher.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (57186), with no line terminators
Hash d5e8b0068000e6fe3497fa9a6658de1f
139370efce38632ead2f83734af1e68bc1d6448a
cb6ae499895314adde786b3111e886aa38fcfb18f373c7ea480e10fa94feb4ed
GET /view-sdk/2.35.2_3.1.3-3ac6701a/dc-app-launcher.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:38 GMT
etag: "32d3d483a41ceb54b8bcab2ebb6c9830"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 16534
date: Tue, 24 Jan 2023 03:02:49 GMT
akamai-grn: 0.bf0a655f.1674529369.22ba0ede
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDK.js
200 OK 44 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDK.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (35798), with NEL line terminators
Hash ea573911b60b89ef47a9bc0522fb3004
54ef33f11989c7944386185c07ec5d6478cb86d8
d9f99f07a27c343d3ef4ad97785279b07e7e92511b16234f0df6d088f95ec0cc
GET /view-sdk/2.35.2_3.1.3-3ac6701a/ViewSDK.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:37 GMT
etag: "c24f1acbd3ff2557e9a74b8a3930dbce"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 44254
date: Tue, 24 Jan 2023 03:02:49 GMT
akamai-grn: 0.bf0a655f.1674529369.22ba0edf
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/linearizationTrialToken.js
200 OK 1.2 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/linearizationTrialToken.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2901), with no line terminators
Hash 023398e1416ca3a57291bbd4fd1437e8
3e773f5aa312ce155bce66b23a5ee4734827d469
39b5edaee04490fd0ef77e4a7a8dfde942f36223fe6afa20c7cc5abc4e6d2e6a
GET /view-sdk/2.35.2_3.1.3-3ac6701a/linearizationTrialToken.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:38 GMT
etag: "eed8cdc4ec109e42fa23e0b12a678571"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 1205
date: Tue, 24 Jan 2023 03:02:49 GMT
akamai-grn: 0.bf0a655f.1674529369.22ba0ef2
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash f695f52891607d19fb5c10a2c6b90cf4
45711af281cb29e6be20769845cdb018894a596c
23b42207f437ee6a14d2c5757a083d02d0cf33541db0c15d3823f4249b61e3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3544
Cache-Control: max-age=161129
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Etag: "63cf0eeb-118"
Expires: Wed, 25 Jan 2023 23:48:18 GMT
Last-Modified: Mon, 23 Jan 2023 22:49:15 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 278 B IP
Hash ddf650c658e87e71fbb21864fb2e2c17
f0a0d65fc5970b61a57672ef05641dd1644720e3
94e70fe71efd9343296491f6a0965de06696b08bf00337a83ff9fd38916c0bea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Last-Modified: Tue, 24 Jan 2023 01:16:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 7.9 kB IP
Hash 41228db7682bacd6f99faade055f7ce4
441c5e07f844f7e3f08b59c39f2c304b7177c8c2
da358e919a0441b5c7085b81fc82aecfafa24c94028429589496ba67715aaae8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4202
Cache-Control: max-age=143794
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Etag: "63cec8a2-116"
Expires: Wed, 25 Jan 2023 18:59:23 GMT
Last-Modified: Mon, 23 Jan 2023 17:49:22 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash ddf650c658e87e71fbb21864fb2e2c17
f0a0d65fc5970b61a57672ef05641dd1644720e3
94e70fe71efd9343296491f6a0965de06696b08bf00337a83ff9fd38916c0bea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Last-Modified: Tue, 24 Jan 2023 01:16:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/AdobeDCViewApp.js
200 OK 157 kB URL HTTP/2 documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/AdobeDCViewApp.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65464)
Size 157 kB (156961 bytes)
Hash 7c32e0fd6b6ddce26d89b178af9e2766
3afb3234ae965d990a9b1d82acfbfb3114f4668e
82b0b3b9ed3bda05894f9f052b19a364e1b6cbd86a7a36935c41ccb69b1c5f3d
GET /view-sdk/2.35.2_3.1.3-3ac6701a/AdobeDCViewApp.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 10:23:37 GMT
etag: "052ba6105ddfb12e5a979094d849cc16"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Tue, 24 Jan 2023 03:02:49 GMT
content-length: 156961
akamai-grn: 0.bf0a655f.1674529369.22ba1004
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/rendition.js
200 OK 38 kB URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/rendition.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65469)
Hash 79e34b51e1bb8ede7c280483fa223734
4d1f8833e5d37cc1510096b3914a11c3056a3a22
8c6f2bbfa478c3f1ecb1b6336d45d6cc900a2b5c753facd057e64c98ecca9249
GET /dc-rendition-provider/2.35.0_4.177.0/rendition.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:15 GMT
etag: "78b4745209e5d942a806072a312fd5bc"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 38392
date: Tue, 24 Jan 2023 03:02:49 GMT
akamai-grn: 0.bf0a655f.1674529369.22ba103e
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dcpreviewdropin/2.35.2_1.1780.0/bootstrap.js
200 OK 1.1 MB URL HTTP/2 documentcloud.adobe.com/dcpreviewdropin/2.35.2_1.1780.0/bootstrap.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65469)
Size 1.1 MB (1091520 bytes)
Hash 82aadd67b86b5de61d4ed59547f43a5e
f445ae3d30f2d10b2729455e330473d6018decf1
bfe622d75fa23ada797af87d2bbb604f0b314c6a736b12e044699904922c5402
GET /dcpreviewdropin/2.35.2_1.1780.0/bootstrap.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 09 Dec 2022 14:11:27 GMT
etag: "73c909524d234f9b9280bc2eb673ac72"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
date: Tue, 24 Jan 2023 03:02:49 GMT
content-length: 1091520
akamai-grn: 0.bf0a655f.1674529369.22ba103d
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
no-cache.hubspot.com/cta/default/3422725/8ed14a6a-35e9-4f6e-922d-dc4ca563972a.png
200 OK 1.4 kB URL HTTP/2 no-cache.hubspot.com/cta/default/3422725/8ed14a6a-35e9-4f6e-922d-dc4ca563972a.png
IP
File type PNG image data, 100 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eae6f2014b9262dc5ac4e9e5130e4a4
93952368d132e4ca6cc1fac857c962bd18f3865f
639ead76a2efe36388bb8db682af42e2dda708161228ac7abd1f35d0dbb6e329
GET /cta/default/3422725/8ed14a6a-35e9-4f6e-922d-dc4ca563972a.png HTTP/1.1
Host: no-cache.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:49 GMT
content-type: image/png
content-length: 1399
x-amz-id-2: rXBEGjpYTpsqT1t4KQAGwmqj5CbjaUYJPm6n5Sk+IUC2Rh/1W6zVsubktktjhFUQqwjaLUTPLqs=
x-amz-request-id: 1YD5V44J1GEY2AXY
last-modified: Fri, 28 Oct 2022 15:04:16 GMT
etag: "4eae6f2014b9262dc5ac4e9e5130e4a4"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: null
accept-ranges: bytes
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=oYV_9MDuP8Tarq6TpN9qvLIQ4BBa4uY9M2R.FPlh3_w-1674529369-0-AaojbsANXneTeoRWus2IQtfbho/ESkeRpdV6CitRLlECBDrNkC9TUIsxFIUcUJ6oba7xWI97DyHCdwJPmdfHp40=; path=/; expires=Tue, 24-Jan-23 03:32:49 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f02iYMn%2BZ41y224Xj6SI0I%2FPYLdCGOektcV8IKzUbcCT9eMFelvdOZ1Q0i%2F9s%2Fy5U14W3pcVBN2J8biR0Z9zNWvVTgKT4zk%2FBemb6uunVd7yeaJidwpxXaoZOPoA542XCQNQbFur"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e5884ebfe0b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash ddf650c658e87e71fbb21864fb2e2c17
f0a0d65fc5970b61a57672ef05641dd1644720e3
94e70fe71efd9343296491f6a0965de06696b08bf00337a83ff9fd38916c0bea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Last-Modified: Tue, 24 Jan 2023 01:16:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 278
app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3422725&callback=jsonpHandler
204 No Content 0 B URL HTTP/2 app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=3422725&callback=jsonpHandler
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /content-tools-menu/api/v1/tools-menu/has-permission?portalId=3422725&callback=jsonpHandler HTTP/1.1
Host: app.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 24 Jan 2023 03:02:49 GMT
cf-ray: 78e5884ebfe3b518-OSL
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=78e5884ebfe3b518&resource=unknown"
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: d29ffed7-925f-44b8-88ab-70753f415a7e
x-trace: 2B36293EFD1581ABAA482F7F28147F9E492043B2D4000000000000000000
set-cookie: __cf_bm=.0gSSVV98Fr6ijRm5V6YQOHxO71GlAwewtrkhB9kWFg-1674529369-0-ASHStldu+1Nitf6eVRXu7rz5hmnwRVJz0iVbJI6EZZUjwbKcqmChwWxN7vpWYIpSPUHYzkGhu8+KwNEb+aU3M+I=; path=/; expires=Tue, 24-Jan-23 03:32:49 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 78706be8a7a18f82e92247d446931ef2
f1a9721e32fbcd453b5c05353ad8c91998831fde
42c97a076a0c0b76559e3fa0e79421adb592fbf2753237834abee15fff5571a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4889
Cache-Control: max-age=104876
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:49 GMT
Etag: "63ce2dec-1d7"
Expires: Wed, 25 Jan 2023 08:10:45 GMT
Last-Modified: Mon, 23 Jan 2023 06:49:16 GMT
Server: ECS (amb/6BA9)
X-Cache: HIT
Content-Length: 471
dc-api.adobe.io/system/csp?source=viewsdkprod
204 No Content 0 B URL HTTP/1.1 dc-api.adobe.io/system/csp?source=viewsdkprod
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /system/csp?source=viewsdkprod HTTP/1.1
Host: dc-api.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 2288
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Tue, 24 Jan 2023 03:02:49 GMT
Connection: keep-alive
x-request-id: AkwudreeTVjri2lnL1YlgXC75HeymauU
x-server: adobe.loggingserver.2.1.8f11f2f488445442f2a91594f38aa1881ded6633
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: noindex, nofollow
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH
Access-Control-Max-Age: 1800
Strict-Transport-Security: max-age= 3153600; includeSubdomains; preload
no-cache.hubspot.com/cta/default/3422725/055439a8-1753-42ee-8cab-c627f2b7a917.png
200 OK 1.5 kB URL HTTP/2 no-cache.hubspot.com/cta/default/3422725/055439a8-1753-42ee-8cab-c627f2b7a917.png
IP
File type PNG image data, 108 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a1a31c4768f35ecfffa2d76b2c3deab
9ebce1e709fa3d2f6e8a29cd3ec6f85a596c0607
5393b82f044c4d2363501bba8f910d7d47a0fd73c05d79a01f57301ff28d3f07
GET /cta/default/3422725/055439a8-1753-42ee-8cab-c627f2b7a917.png HTTP/1.1
Host: no-cache.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:49 GMT
content-type: image/png
content-length: 1513
x-amz-id-2: SfCA738DrsM09VwLV1B1CCm8JJGHx1UpM52P+/ger7BkqBrApQ5bhR1leS31Y98QOphhJ6B5mmM=
x-amz-request-id: 1YD1B9Z4R15DH539
last-modified: Fri, 16 Dec 2022 15:59:33 GMT
etag: "2a1a31c4768f35ecfffa2d76b2c3deab"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: J9k.YeBIYnHW7B3LPYI94ddlRTm8uh3s
accept-ranges: bytes
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=KXNDUbWFsSzsQfSbXlYye5riILq1zZ.vE7I_S9jLvwM-1674529369-0-AcKGSihh81bqmi0oVkCKmwpOSReAWyRfgXVrAh3MXY9yRhYej9cYq1ZYIXHnFNQy+Yiz0e4ux0sShQ7zBiK13qQ=; path=/; expires=Tue, 24-Jan-23 03:32:49 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WHlb4bsgfIThTMZiTmbYBOKCXVJX62VWzr5NFqO1z2EtDp7nNfO5V9yKTRoV2I%2BxvD0l%2BfhGoV4nqze6k7lU4k8aD2jeIEk5VNWvTMXtTe1prZYLleD%2B8U%2BU4%2BPeyEBBZBvLe8t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e5884ebfdfb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
200 OK 22 kB URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 5eac7b029b7ff6381400f98d13a17030
d8be805822377cfe1f543ff385cc5d0bc65dd199
298a7e2eec922c0d2301db5d81ac5fed7a4dfa15476f63dd2b2ca74c6784d323
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:14 GMT
etag: "ee2c66068893f4f63aa174dd615cd3d8"
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 22131
date: Tue, 24 Jan 2023 03:02:50 GMT
akamai-grn: 0.bf0a655f.1674529370.22ba14e7
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f136e9bdce8b778967f31c138c730bf6
032c6b734540fe786b259ba0c700622b88d768a2
ec9e91a632a1ee89dfd038cbe9700ed8c01e146846433284e81fad0ff2a75192
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.typekit.net/bxf0ivf.js
200 OK 9.0 kB URL HTTP/2 use.typekit.net/bxf0ivf.js
IP
ASN #20940 Akamai International B.V.
Hash c967837c1deecaddb101ff125c25f7e2
73c53334d79514baa2f199baf9f5e3e86a2d4f27
c7d62f0453241de1d5cce2a8984cf842323612e2030569363176f0d5c2c7583b
GET /bxf0ivf.js HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6811
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PTZ3HNT
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PTZ3HNT
IP
File type ASCII text, with very long lines (5109)
Hash 451820436782c424233aebfcb8d071fe
c7643836f0b1b624647e23d9b26ddfb16429ed42
edfd98a35fc039842ccad2b61f793e07cd49f84d820827e4fa28f0d4fd385ec9
GET /gtm.js?id=GTM-PTZ3HNT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Jan 2023 03:02:50 GMT
expires: Tue, 24 Jan 2023 03:02:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f136e9bdce8b778967f31c138c730bf6
032c6b734540fe786b259ba0c700622b88d768a2
ec9e91a632a1ee89dfd038cbe9700ed8c01e146846433284e81fad0ff2a75192
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 71ebdfdb4747eb45c3e92682eb35fbd1
92100a3b5064554f56256f7de1989347c99d1f84
a89dba1d46608e305eb6f21f7fda86a756b70154c8b8525978c6965c92e67477
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3723
Cache-Control: max-age=109115
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:50 GMT
Etag: "63ce430a-1d7"
Expires: Wed, 25 Jan 2023 09:21:25 GMT
Last-Modified: Mon, 23 Jan 2023 08:19:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 71ebdfdb4747eb45c3e92682eb35fbd1
92100a3b5064554f56256f7de1989347c99d1f84
a89dba1d46608e305eb6f21f7fda86a756b70154c8b8525978c6965c92e67477
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4511
Cache-Control: max-age=109903
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:50 GMT
Etag: "63ce430a-1d7"
Expires: Wed, 25 Jan 2023 09:34:33 GMT
Last-Modified: Mon, 23 Jan 2023 08:19:22 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.js
200 OK 26 kB URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 835bd7740650cdb1ba305b6c1a5c1f8b
3fa2e7161774794cee8ed8fc3f9f9aefa7ee43a3
a5610f1da5bc65d22083391168ca1b179d476d49910dad28340f045830082829
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:15 GMT
etag: "abffc55f39590e496c56222093615e92"
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 25874
date: Tue, 24 Jan 2023 03:02:50 GMT
akamai-grn: 0.bf0a655f.1674529370.22ba1529
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
use.typekit.net/af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3
200 OK 39 kB URL HTTP/2 use.typekit.net/af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38708, version 1.0\012- data
Hash 9b7df6de861255c8e82ef093d507d3dd
bd72b5eabbdce88f1701a76e1469744d85ce663f
4b6a2e9b5ae1532e496a30ff9680b75a554cbe0785b4b12beabd729477869c22
GET /af/cb695f/000000000000000000017701/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38708
etag: "dd165ea14e70e875c866c52590b09697264a4997"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3
200 OK 36 kB URL HTTP/2 use.typekit.net/af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 36388, version 1.0\012- data
Hash b2fe0d9753fe193a7965b201cceb9547
5f2d96f6bfd11797a53e9a2832ca5a2f53211556
a4df96cbf8e2caa44973a92cc15757c900efc169039ce07e36f4e0fbc86b0216
GET /af/74ffb1/000000000000000000017702/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 36388
etag: "41965d6d62842bb2d99d68ccf8ee9edb4761b717"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3
200 OK 39 kB URL HTTP/2 use.typekit.net/af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38948, version 1.0\012- data
Hash 8cf9ce13f6fe0205f4eaac49fa17b681
2cef6cd00a2d4a5cd5e0ab6f00042a70f1b73756
85257e2624bbb138582821ceb2f8b18c7b4fb43d26c1bcbfd5155ca81b55cc69
GET /af/eaf09c/000000000000000000017703/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38948
etag: "d3174cc9c8510f80b83b9cfd410deee482da5b22"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3
200 OK 38 kB URL HTTP/2 use.typekit.net/af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38004, version 1.0\012- data
Hash 8d3c19e4eccd8530efc9e39326e0fc52
083f5a3b3161541e62ce4002d9fd1731fca640d2
5961262fd0cd492d39005e866ef7496f7dd4779ebd615a0fc5ade35d4eeb8030
GET /af/40207f/0000000000000000000176ff/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38004
etag: "ffabdd35c33ff95d9e079b6182134208d7454ba5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3
200 OK 39 kB URL HTTP/2 use.typekit.net/af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 39260, version 1.0\012- data
Hash 35234f8adc394c536031c99d7ac8484f
12ebfa0153118fab8664c3b8ef696b64f4ea8eb5
e024fb3f5d381fe02fa0bc243dc557d5daff401f1b89220ebdfda89d5f99d207
GET /af/a2527e/000000000000000000017704/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n8&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 39260
etag: "8c36bd97ea24a61ae9be2b67e129a8c251197d40"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3
200 OK 39 kB URL HTTP/2 use.typekit.net/af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 38976, version 1.0\012- data
Hash 3dc8e6938118f5fa1af3e7a5a98baa66
03cd9ee2cd0b7cd881fa75ff4a7369e68bd2154a
3d75bb0a01bc2fd0e963f6879634c371b205ca4da67021b0f453592337dcc001
GET /af/4b3e87/000000000000000000017706/27/l?primer=0635fba006f1437d962ae878ad04a353e0c3568e4d5bde3554eb7e3e05ddd02d&fvd=n9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 38976
etag: "5ebcf29234d7a3daf97e3d8d5fe8864631b7e3e7"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
204 No Content 0 B URL HTTP/1.1 p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false HTTP/1.1
Host: p13n.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-adobe-uuid,x-api-key
Referer: https://documentcloud.adobe.com/
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Tue, 24 Jan 2023 03:02:50 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: Authorization,Content-Type,X-Api-Key,cache-control,User-Agent,If-None-Match,x-adobe-uuid,x-request-id
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: etag,x-cache,x-request-id,x-proxy-cache
X-Request-Id: koRi9UjbHl5LBcaHLf6e3jusDtP6jMwC
p.typekit.net/p.gif?s=1&k=bxf0ivf&ht=tk&h=documentcloud.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1674529369064
200 OK 35 B URL HTTP/2 p.typekit.net/p.gif?s=1&k=bxf0ivf&ht=tk&h=documentcloud.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1674529369064
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=bxf0ivf&ht=tk&h=documentcloud.adobe.com&f=7180.7181.7182.7184.7185.22474&a=19707152&js=1.21.0&app=typekit&e=js&_=1674529369064 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: image/gif
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
date: Tue, 24 Jan 2023 03:02:50 GMT
X-Firefox-Spdy: h2
p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
200 OK 1.8 kB URL HTTP/1.1 p13n.adobe.io/fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false
IP
File type JSON data\012- , ASCII text, with very long lines (9099), with no line terminators
Hash 3343bdae7b8ede5e7b1994e703d64a58
b9e5101c74b60210cd8e258334c0c330c6cd9883
5ace36182f662c795b8a791a8a9b2a6702d4a3db7960a8191b55c09e0bb44ac6
GET /fg/api/v3/feature?clientId=dc-prod-virgoweb&meta=false HTTP/1.1
Host: p13n.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://documentcloud.adobe.com/
x-api-key: dc-prod-virgoweb
x-adobe-uuid: prod_dc-prod-virgoweb_8d85f71b-5e01-4436-aadc-d1af45ac1f7f
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 24 Jan 2023 03:02:50 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
x-cache: MISS
x-proxy-cache: MISS
x-request-id: W69ji7RWoexiqiHKltVXYlUdj17j8mv1
ETag: W/"00a19238c855031b82de156230762bb26"
x-adobe-fg-poll-interval: 60
Public-Key-Pins: pin-sha256='aZDniQiBGXn9kmC1MKpHxVsYje4hsP/aWBbSaW+qeb4='; includeSubdomains; max-age=5184000
Strict-Transport-Security: max-age=31536000; includeSubdomains;always
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self'; script-src 'self'; img-src 'self' data:; style-src 'self'; font-src 'self'; frame-src; object-src 'none'
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: Authorization,Content-Type,X-Api-Key,cache-control,User-Agent,If-None-Match,x-adobe-uuid,x-request-id
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: etag,x-cache,x-request-id,x-proxy-cache
ocsp.digicert.com/
200 OK 279 B IP
Hash 4734d8a05cb5144e21f3749460877fad
2bfe8512dd6a5ed06b23a615d82bcae6076a105b
3acdf4482ca1869b01af3e519f1b9958a0afc71d3122b86cf1d2a7b2a754f322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:50 GMT
Last-Modified: Tue, 24 Jan 2023 01:42:28 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
dc-api.adobe.io/system/log
204 No Content 0 B URL HTTP/1.1 dc-api.adobe.io/system/log
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /system/log HTTP/1.1
Host: dc-api.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-app-info,x-api-client-id,x-request-id,x-requested-with
Referer: https://documentcloud.adobe.com/
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Tue, 24 Jan 2023 03:02:50 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH
Access-Control-Allow-Headers: content-type,x-api-app-info,x-api-client-id,x-request-id,x-requested-with
Access-Control-Max-Age: 1800
Strict-Transport-Security: max-age= 3153600; includeSubdomains; preload
X-Robots-Tag: noindex, nofollow
Content-Length: 0
Content-Type: text/plain
perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
200 OK 35 B URL HTTP/2 perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=cta-json-success&value=1 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:51 GMT
content-type: image/gif
content-length: 35
x-trace: 2B028897E09AD65FEBADDB98D9E4444EDBDBDFD289000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 216802d2-3357-4899-92b5-f1b59532ec0d
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
last-modified: Tue, 24 Jan 2023 03:02:51 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e5885719ac0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
200 OK 35 B URL HTTP/2 perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=cta-with-analytics&value=1 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:51 GMT
content-type: image/gif
content-length: 35
x-trace: 2B4A90D203B9DA5D4799D7E7DA17103C4C6816D5D8000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 430525b5-ae10-46da-a4e1-cca6f224e322
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
last-modified: Tue, 24 Jan 2023 03:02:51 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e5885719aa0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
200 OK 35 B URL HTTP/2 perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=cta-render-success&value=1 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:51 GMT
content-type: image/gif
content-length: 35
x-trace: 2B80F4416248C9F6E78DF287787E7B375DD8BF2D97000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
x-hubspot-correlation-id: e6f97463-6dfc-425d-85cb-837bacf821f3
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
last-modified: Tue, 24 Jan 2023 03:02:51 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e5885719ab0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 4734d8a05cb5144e21f3749460877fad
2bfe8512dd6a5ed06b23a615d82bcae6076a105b
3acdf4482ca1869b01af3e519f1b9958a0afc71d3122b86cf1d2a7b2a754f322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3209
Cache-Control: max-age=88419
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Etag: "63cdf435-117"
Expires: Wed, 25 Jan 2023 03:36:30 GMT
Last-Modified: Mon, 23 Jan 2023 02:43:01 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
dc-api.adobe.io/system/log
204 No Content 0 B URL HTTP/1.1 dc-api.adobe.io/system/log
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /system/log HTTP/1.1
Host: dc-api.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-Type: application/vnd.adobe.dc+json; profile="https://dc-api.adobe.io/schemas/system_log_parameters_v1.json"
x-request-id: d19dbc49-4331-4cb7-ab13-9da246d12599
x-api-app-info: adobe-dc-view-sdk
x-api-client-id: dc-view-sdk-api_browser
Content-Length: 6601
Origin: https://documentcloud.adobe.com
Connection: keep-alive
Referer: https://documentcloud.adobe.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Tue, 24 Jan 2023 03:02:51 GMT
Connection: keep-alive
x-request-id: d19dbc49-4331-4cb7-ab13-9da246d12599
x-server: adobe.loggingserver.2.1.8f11f2f488445442f2a91594f38aa1881ded6633
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: noindex, nofollow
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, HEAD, PATCH
Access-Control-Max-Age: 1800
Strict-Transport-Security: max-age= 3153600; includeSubdomains; preload
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=58024
date: Tue, 24 Jan 2023 03:02:51 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 24 Jan 2023 01:45:20 GMT
expires: Tue, 24 Jan 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 4651
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39395), with no line terminators
Hash 4f378a725368a42971cd69e29f75db89
2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e
6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11552
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ranges: bytes
etag: "076bc30652fd91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B5554EB2CE34CEF9649107BBEE882CC Ref B: OSL30EDGE0210 Ref C: 2023-01-24T03:02:51Z
date: Tue, 24 Jan 2023 03:02:51 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/765524202/?random=1674529369134&cv=11&fst=1674529369134&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&auid=2009845802.1674529369&rfmt=3&fmt=4
200 OK 880 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/765524202/?random=1674529369134&cv=11&fst=1674529369134&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&auid=2009845802.1674529369&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1855), with no line terminators
Hash e61dc317e241e913b9ef3b6d3719c285
7350347391d19d611603c82a6fc4246bd5e44558
8ad54527c0f124a081556eba07ca073672e2fad1e0abf0905c12533e28854738
GET /pagead/viewthroughconversion/765524202/?random=1674529369134&cv=11&fst=1674529369134&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&auid=2009845802.1674529369&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 03:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 880
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 24-Jan-2023 03:17:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Tue, 24 Jan 2023 03:02:51 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/765524202/?random=1674529369349&cv=11&fst=1674529369349&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2009845802.1674529369&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 896 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/765524202/?random=1674529369349&cv=11&fst=1674529369349&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2009845802.1674529369&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1917), with no line terminators
Hash ce55bfb9c1e5ae37850c14ee49555da4
54b2e7558282a8b7a80c3636f11a3905b3cd370a
77542d46664512c13ccb213e6ff1cfb438608e10843ca5e4024ae25d2fcbf17d
GET /pagead/viewthroughconversion/765524202/?random=1674529369349&cv=11&fst=1674529369349&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=2009845802.1674529369&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 03:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 896
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 24-Jan-2023 03:17:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-3147527.js?sv=7
200 OK 4.0 kB URL HTTP/2 static.hotjar.com/c/hotjar-3147527.js?sv=7
IP
File type ASCII text, with very long lines (7669)
Hash 5850063a951c97bee454f6deacf2e42a
4c18491fb973c282b7d69dffd857f3e666982e48
72733b55b7a4bf343acfde56b247b5cdf578f14e503761318d2fcabb074ab33a
GET /c/hotjar-3147527.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 03:02:51 GMT
cache-control: max-age=60
etag: W/3b1171bee45af029634ab853e317a546
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 70lKoxmcWiX9rZrs_eHw-iQlaGZx6_R6EkU2jIoxck4TELluDkgSmA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5b30b8284ca26f40e61117727a67f32e
689fa2f274ffc67f271fc35b2aff2001a3195cba
c0bec212fe30dee99a94e74758cc809fddf2bf2d1a4a346df78df1b6b71ac305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da2c90870cbcc7eb4d247fe66a32be33
ca5d60ea46a8d4b79c594191002c67077000cc87
eec1aeddcbebfd509994a4badb273faec2987c7d043090b612794abef0292a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5b30b8284ca26f40e61117727a67f32e
689fa2f274ffc67f271fc35b2aff2001a3195cba
c0bec212fe30dee99a94e74758cc809fddf2bf2d1a4a346df78df1b6b71ac305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da2c90870cbcc7eb4d247fe66a32be33
ca5d60ea46a8d4b79c594191002c67077000cc87
eec1aeddcbebfd509994a4badb273faec2987c7d043090b612794abef0292a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/765524202/?random=1674529369349&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2481936014&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/765524202/?random=1674529369349&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2481936014&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/765524202/?random=1674529369349&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2481936014&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 03:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/765524202/?random=1674529369349&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2481936014&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/765524202/?random=1674529369349&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2481936014&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/765524202/?random=1674529369349&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2oa1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2481936014&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 03:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/765524202/?random=1674529369134&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=2720992165&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/765524202/?random=1674529369134&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=2720992165&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/765524202/?random=1674529369134&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=2720992165&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 03:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/765524202/?random=1674529369134&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=2720992165&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/765524202/?random=1674529369134&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=2720992165&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/765524202/?random=1674529369134&cv=11&fst=1674529200000&bg=ffffff&guid=ON&async=1>m=2wg1n0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tiba=Gravwell%20vs%20Legacy%20SIEM&fmt=3&is_vtc=1&random=2720992165&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 03:02:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 7bff7d720b54be58230418df03651f8c
78bf3b2cc16a316827595f30e965bf0d894f9011
e9745158fb5e1959fa63fc7427a59f9e569acba0450c45f840f51f2ecd456ed5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5384
Cache-Control: max-age=123692
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Etag: "63ce757f-139"
Expires: Wed, 25 Jan 2023 13:24:23 GMT
Last-Modified: Mon, 23 Jan 2023 11:54:39 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash 730971b89ffa8b99e4157f49a4275594
7041ce872cc30e32c6b04a958b0cf810e5fc5651
da09da5b55ce65cdb58f29842d654aa637580d8c4d5d3cddfa08de6d866dcf65
GET /box-ff00c703c3bbdf54ae44ee858d64f69e.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 18 Jan 2023 10:13:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "730971b89ffa8b99e4157f49a4275594"
last-modified: Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xwKQKnuE3ha7iuX2q0rsy5HwVSa-E4rQc-HUiKGhef_i1UQ442tnrQ==
age: 492585
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da2c90870cbcc7eb4d247fe66a32be33
ca5d60ea46a8d4b79c594191002c67077000cc87
eec1aeddcbebfd509994a4badb273faec2987c7d043090b612794abef0292a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4ec3b5ebec8f98b7435df060984d7ca6
dedffe21033e532f09b5c5e89e76db0853f91b0a
01e21ddc29765a26a6c7e48c1d30bd0c5f6cd3d40ad00e1b67deacc827d341e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
IP
File type Unicode text, UTF-8 text, with very long lines (48015)
Hash e45ceb77c1a47254136f1ef733de65df
7cc640ca25ac5232038a02fbaf6d2677871ebaf0
25e950716f031b1000c0fc674457836b68ad60912f265f7efc190f6a93a71a2d
GET /modules.ea0a6d6a741d5de8308e.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68675
date: Fri, 20 Jan 2023 11:10:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "e45ceb77c1a47254136f1ef733de65df"
last-modified: Fri, 20 Jan 2023 11:09:55 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0qjj2DCOrgIiwcJsKAHgXcR8r00ySP9SymVbFWgeN_SSQVrk3hfg3Q==
age: 316366
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=134629809&tm=gtm002&Ver=2&mid=5b076e19-6dbc-4b11-8dd7-7305ec600ac7&sid=962255709b9311eda229d19df4b48e99&vid=962273809b9311edb824ed9b2281fa59&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gravwell%20vs%20Legacy%20SIEM&p=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&r=<=4789&evt=pageLoad&sv=1&rn=328238
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=134629809&tm=gtm002&Ver=2&mid=5b076e19-6dbc-4b11-8dd7-7305ec600ac7&sid=962255709b9311eda229d19df4b48e99&vid=962273809b9311edb824ed9b2281fa59&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gravwell%20vs%20Legacy%20SIEM&p=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&r=<=4789&evt=pageLoad&sv=1&rn=328238
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=134629809&tm=gtm002&Ver=2&mid=5b076e19-6dbc-4b11-8dd7-7305ec600ac7&sid=962255709b9311eda229d19df4b48e99&vid=962273809b9311edb824ed9b2281fa59&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Gravwell%20vs%20Legacy%20SIEM&p=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&r=<=4789&evt=pageLoad&sv=1&rn=328238 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0E65DADDF4096F913670C87EF5FC6EB1; domain=.bing.com; expires=Sun, 18-Feb-2024 03:02:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C0B8E9F4EF348B1AF0BCE701F10C3F6 Ref B: OSL30EDGE0210 Ref C: 2023-01-24T03:02:51Z
date: Tue, 24 Jan 2023 03:02:51 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 9292ad05c6fcc3748bcc79c3a773784a
cbc8734ea8eb6f10147206973f39f4c8df2adfa2
cdc1635afec3e5f327dd2a236d377797da6b54c271374a9bfdb1bf8ec5020c6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5147
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 03:02:51 GMT
Last-Modified: Tue, 24 Jan 2023 01:37:04 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
t.co/i/adsct?bci=3&eci=2&event_id=33a12b72-8b77-4304-96f5-f9423cb51749&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d55ff7f6-d2fc-44e9-a033-0d1ba1c8a2fd&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=33a12b72-8b77-4304-96f5-f9423cb51749&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d55ff7f6-d2fc-44e9-a033-0d1ba1c8a2fd&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=33a12b72-8b77-4304-96f5-f9423cb51749&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d55ff7f6-d2fc-44e9-a033-0d1ba1c8a2fd&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=49cd9412-5e43-4541-9ca5-39917760bab4; Max-Age=63072000; Expires=Thu, 23 Jan 2025 03:02:51 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: d1aafdda8b47136a
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: 0cb71fc7c955c5804489bf64f39d681734b59e8e8c519da25a5b918001f25e1f
X-Firefox-Spdy: h2
bat.bing.com/p/action/134629809.js
200 OK 1.5 kB URL HTTP/2 bat.bing.com/p/action/134629809.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash e365c0c29eed276b1cc54e4bc7d53841
e11097dc243589e9e9f756e3fdb557aa0768cf82
9efdbc8cb4a345576aedc75960d1ab7361ed82abd2ecfae376dbce396dd547ff
GET /p/action/134629809.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 1498
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 25C2383EEC5542B2ABD5EA64219B36A6 Ref B: OSL30EDGE0210 Ref C: 2023-01-24T03:02:51Z
date: Tue, 24 Jan 2023 03:02:51 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674529369935&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674529369935&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1746644&time=1674529369935&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674529369935%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLQ7H6YZLGdEAAAAYXhunZRn3aUcZ_GdYH52yvN3mWQd8b79zXEcs3XFJw4nCT9749aU2eSAwgvDQ; Max-Age=2592000; Expires=Thu, 23 Feb 2023 03:02:51 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKnp-xZ1kf40QAAAYXhunZRwDVY2A9Bhxq4IqAHL8gvKj59w1j500VWoe8fTf9PtmmglQJ3NKeW2S5WBHKLSA; Max-Age=2592000; Expires=Thu, 23 Feb 2023 03:02:51 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f742a27d-5486-40b3-81e0-23ff30a9527a"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 24-Jan-2024 03:02:51 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2420:u=1:x=1:i=1674529371:t=1674615771:v=2:sig=AQHgwFAjKWrGOT66hpQuaoZa1LUaS_aP"; Expires=Wed, 25 Jan 2023 03:02:51 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXy+cBeFssRcKKOXLCESQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2580B2E877584B6C8F2C6AA477D3D611 Ref B: OSL30EDGE0221 Ref C: 2023-01-24T03:02:51Z
date: Tue, 24 Jan 2023 03:02:51 GMT
content-length: 0
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=33a12b72-8b77-4304-96f5-f9423cb51749&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d55ff7f6-d2fc-44e9-a033-0d1ba1c8a2fd&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29
200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=33a12b72-8b77-4304-96f5-f9423cb51749&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d55ff7f6-d2fc-44e9-a033-0d1ba1c8a2fd&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=33a12b72-8b77-4304-96f5-f9423cb51749&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d55ff7f6-d2fc-44e9-a033-0d1ba1c8a2fd&tw_document_href=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0bk2&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:51 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_3Wvi3WKK9moXCSHF9TGQew=="; Max-Age=63072000; Expires=Thu, 23 Jan 2025 03:02:51 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: fc22b0ed7b27b68e
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: a4078e3a88880a6906bf299a3c5c6147801ca56f49c219bf675e4e75e5c6407e
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash d675f5b093458ad3029930f1c593f477
fb5686268b720f36f0b8141233021596045d3e33
044ccbcff4966fef618d7621d9d233ca9acd880ecb68204f0377ce4c3daf6c53
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136933
Date: Tue, 24 Jan 2023 03:02:51 GMT
Etag: "63cea6dd-1d7"
Expires: Wed, 25 Jan 2023 17:05:04 GMT
Last-Modified: Mon, 23 Jan 2023 15:25:17 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pgguVokBrYt5pFvS26k9yLdA2LnUU4hfpEtqP_hpQ0bhsFU4anzUFg==
Age: 5987
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674529369935%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674529369935%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1746644%26time%3D1674529369935%26url%3Dhttps%253A%252F%252Fwww.gravwell.io%252Ffile%252Fgravwell-vs-legacy-siem%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674529369935&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&1f31a3d2-6b0b-4403-8f26-1a4cc7b0385c"; Domain=.linkedin.com; Expires=Wed, 24-Jan-2024 03:02:52 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230124030252f4a6e5a0-a04d-47e6-868a-7018f5bf5944AQFqLpipJI2KpwZ33OkVJKmupbkioI78"; Domain=.www.linkedin.com; Expires=Wed, 24-Jan-2024 03:02:52 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQ1MjkzNzI7MjswMjHdcw9es4hHL4Bh5KpF9UlDBNnrJxZhrUmHgii12c6xAQ==; Domain=.linkedin.com; Expires=Sun, 23 Jul 2023 03:02:52 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2448:u=1:x=1:i=1674529372:t=1674615772:v=2:sig=AQFCouBZguAXwY8oK0iC0Ml8TAFKqIKF"; Expires=Wed, 25 Jan 2023 03:02:52 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXy+cBiqaiWEfAuDrltYg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 71CB30CE839C4816BB2F65EAFECE1D65 Ref B: OSL30EDGE0221 Ref C: 2023-01-24T03:02:51Z
date: Tue, 24 Jan 2023 03:02:51 GMT
content-length: 0
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/translations-en-US-json.js
200 OK 9.6 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/translations-en-US-json.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (46892), with no line terminators
Hash ffc7ae975678a213373eec0527395e69
7be02e6c08c5f16931c9912b11d0cb8725994664
f182b760db093f26b8d297508b44cf1de8ed1d2d4147ee98ccb624cc82de7c07
GET /dc-pdfverbs-web/2.35.0_3.92.0/translations-en-US-json.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:26:02 GMT
etag: "001ff1e1a481e5bd871459bd47815d93"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 9609
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1a14
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/134629809
200 OK 81 kB URL HTTP/2 www.clarity.ms/tag/uet/134629809
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 8bb1bc4b9c855ccbb8f673a0fc271f59
7e6780dfad94ef66b4aab7e19d4813bcace3c5b2
a898b52fef2ba434888e6ad475e1fcdc54072888ddf270c916b5b05b3a357eda
GET /tag/uet/134629809 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=1354cbfbc5454b35ac4eb804f65c1432.20230124.20240124; expires=Wed, 24 Jan 2024 03:02:52 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
x-cache: CONFIG_NOCACHE
x-azure-ref: 0W0rPYwAAAACDFlzMkevZTrnZkxC1VbIdQ1BIMzBFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 24 Jan 2023 03:02:51 GMT
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/context-board-icons.js
200 OK 6.9 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/context-board-icons.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (16355)
Hash f128806a4d8a6d2a3087a1182e21f0d5
fa49cf954ed5c6230aa417c806029f59b5e523bc
da157fc619230f26c809419afb3bbeae6e0e4b878bdb25d5e7630335dc4b3df5
GET /dc-pdfverbs-web/2.35.0_3.92.0/context-board-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:59 GMT
etag: "dff189e880c4e2f5325ca196bf36798c"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 6901
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1ad2
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/24-24-icons.js
200 OK 6.6 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/24-24-icons.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21945)
Hash b192f6b7161e7881011c5981b8b8429b
e85f3022c8f1e42dd8c2fd9c2ff1cd02926c9163
5b3a29bf1281d6223ddcf67e310f80fe69b31fa573b4579bae22bfd6ac988fa3
GET /dc-pdfverbs-web/2.35.0_3.92.0/24-24-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:58 GMT
etag: "049ff2a9c116f6a55d54f00b7d451ae4"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 6636
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1ad3
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/tile-icons.js
200 OK 3.3 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/tile-icons.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12488)
Hash 339b8138fd807d50a51a5112fb5e7254
6bb8fba01740254e288ebfa3e6d6ac482b5d9e0d
7e40efb0f33c293a5ec891ed5de9c1c480d2da9db4e8e1a7e2b21f2ff32def44
GET /dc-pdfverbs-web/2.35.0_3.92.0/tile-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:26:02 GMT
etag: "beab5225a8663804a13e85f063bf69c2"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 3258
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1ad5
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/18-18-icons.js
200 OK 1.5 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/18-18-icons.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3244)
Hash a067ee775f309980345401dd1c77d4bc
d117bca2d9a06cbf816ea2cedc22c391c0334e86
0631f890f01679456d62283a1420625eeebec57b583950d2eec6777e015322cf
GET /dc-pdfverbs-web/2.35.0_3.92.0/18-18-icons.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:58 GMT
etag: "5643d4fc8a7b253ecf424223e2badedd"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 1480
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1ad9
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
viewlicense.adobe.io/viewsdklicense/jwt
200 OK 0 B URL HTTP/1.1 viewlicense.adobe.io/viewsdklicense/jwt
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /viewsdklicense/jwt HTTP/1.1
Host: viewlicense.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-api-key,x-key-pair-version
Referer: https://www.gravwell.io/
Origin: https://www.gravwell.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 24 Jan 2023 03:02:52 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-origin: https://www.gravwell.io
access-control-max-age: 86400
access-control-allow-headers: content-type,x-api-key,x-key-pair-version
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-credentials: true
vary: Accept-Encoding, User-Agent
X-Content-Type-Options: nosniff
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Robots-Tag: none
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Request-Id: VM5iabShNtyVwat3jArdMoCntkbovQyN
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/media-query-provider.js
200 OK 1.1 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/media-query-provider.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2828)
Hash 1b72eb1a66215a18248b54791c90d6a1
a6978bd0c828d3c5b4fce1ffb83b04b91ce11a65
20b650213185b7f302f942d5d7e68a0dee0013c2a42c8dde7d99f837e1c25d61
GET /dc-pdfverbs-web/2.35.0_3.92.0/media-query-provider.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:26:00 GMT
etag: "75811f1129566c2ea3ea4918df3c9f03"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 1113
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1adb
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/3183.js
200 OK 3.9 kB URL HTTP/2 documentcloud.adobe.com/dc-pdfverbs-web/2.35.0_3.92.0/3183.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12241)
Hash a8349a1b96561e506f25457b5f6a8d42
8fdabf8abffbda28a50980d26138ef7d217caacc
da8038719175b4545fbb76771b4734fdb922cc30250435e844530bb4a51b7049
GET /dc-pdfverbs-web/2.35.0_3.92.0/3183.js HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/view-sdk/2.35.2_3.1.3-3ac6701a/iframe.html?locale=en-US&msi=9710011198101451009945118105101119&parent=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 14:25:58 GMT
etag: "f8b881c1d31a9d2c4d69e6d0487ac7f3"
cache-control: max-age=2592000, must-revalidate
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: br
content-length: 3917
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1adc
x-robots-tag: noindex, nofollow
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b3736e061d2a0951d1b8f0706b9ca0b1
30c0b5e06a3ae7f528ce2e459ff25d60a5601d8b
4dd29343e2bf1bfe255546ba8ef6223f590fb78d376ff31fc89eb6408d8056ef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 24 Jan 2023 03:02:52 GMT
Last-Modified: Tue, 24 Jan 2023 02:24:26 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F_9A1r3JcpS_Bv_p0SbM88agxkJ2QKNHFWIzF1jJHq9CoGT9z7OJuQ==
Age: 2306
c.clarity.ms/c.gif
302 Found 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&RedC=c.clarity.ms&MXFR=2AAD5083CEEC658E2A484220CAEC6B8D
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2AAD5083CEEC658E2A484220CAEC6B8D; domain=.clarity.ms; expires=Sun, 18-Feb-2024 03:02:52 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 24 Jan 2023 03:02:51 GMT
content-length: 0
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.7.1/clarity.js
200 OK 19 kB URL HTTP/2 www.clarity.ms/eus2/s/0.7.1/clarity.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (56646)
Hash 66bec5cf19258f21f546dafbd8fbac89
9ad80a56291ca677990c37c376631d3ff74e0234
fe223664aef7e529023cbb3ee1920a439abcd1f70bd6ce9554a6fb6ca9e565fb
GET /eus2/s/0.7.1/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d928dd7500799e"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 06ITOYwAAAABn1YX+F77NTqV5kAdUjK/3RlJBMjMxMDUwNDE3MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-azure-ref: 0XErPYwAAAAAXR8Yc1qFyR4g2CqN2ROhLQ1BIMzBFREdFMDQxMgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 24 Jan 2023 03:02:52 GMT
X-Firefox-Spdy: h2
viewlicense.adobe.io/viewsdklicense/jwt
200 OK 580 B URL HTTP/1.1 viewlicense.adobe.io/viewsdklicense/jwt
IP
File type JSON data\012- , ASCII text, with very long lines (580), with no line terminators
Hash b2d846ab2d1ebe95b69fa46a0ef689ee
2b65b766b50743c2c68445d580b66b0a6e3f3d75
ed87d4291b540b4d42ac5efd4ba77da216e0e61aa968f386345c42b5083a0cea
POST /viewsdklicense/jwt HTTP/1.1
Host: viewlicense.adobe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Key-Pair-Version: v1
Content-Type: application/json
x-api-key: 96469cd78a7648b7b719090b04d20a42
Origin: https://www.gravwell.io
Content-Length: 670
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 24 Jan 2023 03:02:52 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 580
Connection: keep-alive
access-control-allow-origin: https://www.gravwell.io
access-control-max-age: 86400
access-control-allow-methods: PUT, POST, GET, DELETE, OPTIONS
access-control-allow-credentials: true
x-request-id: vgrEDj0DrSbvkTCLt89LOP9pj0txfBLD
access_control_allow_origin: https://www.gravwell.io
x-server: adobe.viewsdklicense.0.4.c840b6930308cd9dccaef05dad4a97f263bdbde9
x-content-type-options: nosniff
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-robots-tag: none
vary: Accept-Encoding, User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
c.bing.com/c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&RedC=c.clarity.ms&MXFR=2AAD5083CEEC658E2A484220CAEC6B8D
302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&RedC=c.clarity.ms&MXFR=2AAD5083CEEC658E2A484220CAEC6B8D
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&RedC=c.clarity.ms&MXFR=2AAD5083CEEC658E2A484220CAEC6B8D HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&MUID=0DB6FE7FA0FA60500815ECDCA10F618E
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0DB6FE7FA0FA60500815ECDCA10F618E; domain=c.bing.com; expires=Sun, 18-Feb-2024 03:02:52 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 99129502E8764ED4A9DF983C592E13FF Ref B: OSL30EDGE0210 Ref C: 2023-01-24T03:02:52Z
date: Tue, 24 Jan 2023 03:02:52 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674529369935&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1746644&time=1674529369935&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1746644&time=1674529369935&url=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&fe069bf0-cadd-4371-821b-09292c6d4e8b"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 24-Jan-2024 03:02:52 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2420:u=1:x=1:i=1674529372:t=1674615772:v=2:sig=AQHMALx4_PXNCqThbOpgpy6rsjnu131n"; Expires=Wed, 25 Jan 2023 03:02:52 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXy+cBopnBpLodc3sTg+g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FE3047A5C6114FBCB50FA5A9124F4A6A Ref B: OSL30EDGE0221 Ref C: 2023-01-24T03:02:52Z
date: Tue, 24 Jan 2023 03:02:52 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&MUID=0DB6FE7FA0FA60500815ECDCA10F618E
200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&MUID=0DB6FE7FA0FA60500815ECDCA10F618E
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=18B687C29EE84DE7A5FF059BA67745F4&MUID=0DB6FE7FA0FA60500815ECDCA10F618E HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gravwell.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
accept-ranges: bytes
etag: "b1c8df6cb32ad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Tue, 24-Jan-2023 03:12:52 GMT; path=/; SameSite=None; Secure;
date: Tue, 24 Jan 2023 03:02:51 GMT
content-length: 42
X-Firefox-Spdy: h2
content.hotjar.io/
200 OK 56 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 91f5e619a1eafc75c9beda2ddb8ad345
0659c4f169ec14292c7484155022e093782ebf2a
fc85b00dd95fff969aa4a0b6900eb06e3926ea45b3870fdeb10de48d171ca55e
POST / HTTP/1.1
Host: content.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 222395
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:52 GMT
content-type: application/json
content-length: 56
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
200 OK 0 B URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:14 GMT
etag: "7326cb2af7c9e33ac931f6c80ad8dcf5"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/wasm
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1d15
x-robots-tag: noindex, nofollow
access-control-expose-headers: Content-Encoding, Accept-Ranges
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1493
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.gravwell.io
access-control-allow-credentials: true
date: Tue, 24 Jan 2023 03:02:52 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
204 No Content 0 B IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 80159
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.gravwell.io
access-control-allow-credentials: true
date: Tue, 24 Jan 2023 03:02:52 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb690b8f5503bf4bcf424e58ddb6b8c
eb96120190e3a5c286ac5ec51ee8b163540377fd
c762b17d3e43d773966490d1186ebc352a78d47781c77a4f048e32fee9732b7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b12041d-fdaa-483d-b290-d584ffb6ea13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: 3f4482cf-98a5-420e-abe7-17fd2d214da0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyxIF3aIAMFWoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6d-0c1838dc7b4ab4650d54ee56;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RI2PzIKXk_H09T20cGoqTCC1WdRp3S5N6TOBX_lIcEk8wYaCIfCPJw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:08:04 GMT
age: 17691
etag: "eb96120190e3a5c286ac5ec51ee8b163540377fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1746644/domain/gravwell.io/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1746644/domain/gravwell.io/token
IP
GET /partner/1746644/domain/gravwell.io/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Tue, 24 Jan 2023 02:18:20 GMT
access-control-allow-origin: *
cache-control: public, max-age=30749
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 97W1VumbwApQAn2wVI1vhvQFCffrsyYkomrf5qVnTyPDLHSBzb6IaA==
age: 2671
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/3147527/visit-data?sv=7
200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/3147527/visit-data?sv=7
IP
POST /api/v2/client/sites/3147527/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:52 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
www.gravwell.io/file/gravwell-vs-legacy-siem
200 OK 0 B URL HTTP/2 www.gravwell.io/file/gravwell-vs-legacy-siem
IP
ASN #209242 Cloudflare London, LLC
GET /file/gravwell-vs-legacy-siem HTTP/1.1
Host: www.gravwell.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:47 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
etag: W/"03c9bbe1d868e3d1a97186a1ec02e28c"
last-modified: Sun, 22 Jan 2023 02:27:06 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-80900898355,P-3422725,CW-47842505316,CW-47842505318,CW-47842505323,CW-47842666571,CW-47842817183,CW-47843852949,CW-47844002655,CW-48217253491,E-47842524320,E-47842666572,E-47842690598,E-47842732890,E-47843852952,E-47843852954,E-47843852956,E-47843852957,E-47844002659,E-47845555345,E-47845555351,E-48052514312,E-48233226340,E-48242572572,E-48364961202,E-48392864288,E-48792962447,E-49380486545,PGS-ALL,SW-2,GC-48341658668,GC-48345881659,TS-48991727900
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: REVALIDATED
x-hs-content-campaign-id: d2cf70e9-8c85-48eb-965c-0d69dbd87ce5
x-hs-content-id: 80900898355
x-hs-hub-id: 3422725
x-hs-prerendered: Sun, 22 Jan 2023 02:27:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ntTgoUxr4yuwo%2Fr%2FYALDAvH6IY4%2FV8SbKHFfF6n5TEoqt89SMin9zb2MWER0IdNiZ0Jj6TKeJVJwUU1w1Ms4BW4VW3g78rFfqlfEYQiIMhNvMtaDEe57LBwxKfw5nQsMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=_lNjPv4Kld1v2vKntpUQo0FSOC3BPVO9r6CRRz7wtP8-1674529367-0-AT8jYnvXSiPx216mb1PYGBl+K2NKBqlRXDJ4tUGXPaSis/PkOwwPb5ES7TTmddohEXVfihty1/i9HSCaSlA5R8E=; path=/; expires=Tue, 24-Jan-23 03:32:47 GMT; domain=.www.gravwell.io; HttpOnly; Secure; SameSite=None
__cfruid=62d8cad883f0b98d85628f7be0dd4490b7f866ca-1674529367; path=/; domain=.www.gravwell.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78e588418c20b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>
X-Firefox-Spdy: h2
cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&pageId=80900898355&pid=3422725&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=t&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a
200 OK 0 B URL HTTP/2 cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&pageId=80900898355&pid=3422725&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=t&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a
IP
GET /ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.gravwell.io%2Ffile%2Fgravwell-vs-legacy-siem&pageId=80900898355&pid=3422725&sv=cta-embed-js-static-1.116&rdy=1&cos=1&df=t&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a&pg=055439a8-1753-42ee-8cab-c627f2b7a917&pg=8ed14a6a-35e9-4f6e-922d-dc4ca563972a HTTP/1.1
Host: cta-service-cms2.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:49 GMT
content-type: application/json;charset=utf-8
x-trace: 2B84A279B9BB0AB8DD2DEDFF4727D0296FF9083A85000000000000000000
x-origin-hublet: na1
cache-control: max-age=0, no-cache, no-store
vary: origin
x-hubspot-correlation-id: 04952035-a97f-4e5a-915f-769701701f68
access-control-allow-origin: https://www.gravwell.io
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
access-control-allow-credentials: true
access-control-max-age: 180
x-robots-tag: noindex, follow
access-control-expose-headers: X-Origin-Hublet
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=EZYeZrsceUgKr9fMQAPc5zbU.m0cKGUWxvCIg.C4a0o-1674529369-0-AUTSa21XxkH+4gaUHCWlTtNSETiUzhU7A3jFRH2ifwUzqmI7A5h+9TEieF/ZxxaEYtYzGa9nf1RozoDo4z0wMrc=; path=/; expires=Tue, 24-Jan-23 03:32:49 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gz5ams%2B2I0TGShabVzQGraoEBnvZhbx2hIkKdHr9%2BJ8olLlAXRo9ei8dprjTTRjtYBIg82VfmA0EEtz6psl1H1NqIQNf8nDSdr%2BwpiJUmTAa7l5Z31uRmVzm2x12g4%2BthGktpm9aIMYTjOeTR8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78e5884f080ab518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.wasm
200 OK 0 B URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.wasm
IP
ASN #20940 Akamai International B.V.
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/wasm_acrobat.wasm HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:15 GMT
etag: "da866f106b56f27c60fb9b1e88513b0a"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/wasm
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 24 Jan 2023 03:02:50 GMT
akamai-grn: 0.bf0a655f.1674529370.22ba1530
x-robots-tag: noindex, nofollow
access-control-expose-headers: Content-Encoding, Accept-Ranges
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1674529200000/3422725.js
200 OK 0 B URL HTTP/2 js.hs-analytics.net/analytics/1674529200000/3422725.js
IP
GET /analytics/1674529200000/3422725.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:49 GMT
content-type: text/javascript
x-amz-id-2: 1AtZTt6o5tSblhe/NGQL37qM+b4TOAZ8YChyfVgYF3JAYU+63X62K9i+u4I89DRqKdRHIeWV898=
x-amz-request-id: 1YD1T8TZ70SDGDKK
last-modified: Wed, 18 Jan 2023 20:01:09 GMT
etag: W/"41fdc6bbb3ffb516514655767e27c05c"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Tue, 24 Jan 2023 03:07:49 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 78e5884ebcabb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-banner.com/3422725.js
200 OK 0 B URL HTTP/2 js.hs-banner.com/3422725.js
IP
GET /3422725.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:49 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: AeLXWAeyuOkcqcppCskS06IV1tgjUXkac6ZOJeYRD1dhUnRIvbaptZ8WQi5Ce4V93vQHVnf6SEg=
x-amz-request-id: 89STEBPG870K9Y7G
last-modified: Tue, 25 Oct 2022 20:12:25 GMT
etag: W/"3ed6eb6b3520076ef23c3a7dbee035d2"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: gpdgdVmDarkC4tefWhtZ8gNJKDZRYEhn
access-control-allow-origin: https://www.gravwell.io
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
vary: origin, Accept-Encoding
expires: Tue, 24 Jan 2023 03:07:49 GMT
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 78e5884cfe940b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hs-scripts.com/3422725.js
200 OK 0 B URL HTTP/2 js.hs-scripts.com/3422725.js
IP
GET /3422725.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:50 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.gravwell.io
access-control-max-age: 3600
cache-control: public, max-age=60
cf-bgj: minify
cf-polished: origSize=1452
last-modified: Mon, 23 Jan 2023 23:33:16 GMT
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 48d7f91a-e7fd-43d3-9379-b970a6b46219
x-trace: 2B35C80BBCD277C00235512952FAB73E207E988C35000000000000000000
cf-cache-status: HIT
age: 2
expires: Tue, 24 Jan 2023 03:03:50 GMT
server: cloudflare
cf-ray: 78e588574f36b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.clickcease.com/monitor/stat.js
200 OK 0 B URL HTTP/2 www.clickcease.com/monitor/stat.js
IP
GET /monitor/stat.js HTTP/1.1
Host: www.clickcease.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 11:31:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 6Er2d0GJvgnFniPQXIH7h8kzG7dJBNJf
server: AmazonS3
content-encoding: gzip
date: Tue, 24 Jan 2023 03:02:45 GMT
etag: W/"1c27f449b067550681f23ad3e53988fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MchXutWqSJ09TZ2wwzqizqxkMlx7b32J92A_bLV0XUhhHpRrltocTw==
age: 6
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self' https://clickcease.com https://*.clickcease.com; upgrade-insecure-requests;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: microphone 'none'; camera 'none';
X-Firefox-Spdy: h2
ws.zoominfo.com/pixel/623ca719a3f8d3001283ccba
200 OK 0 B URL HTTP/2 ws.zoominfo.com/pixel/623ca719a3f8d3001283ccba
IP
GET /pixel/623ca719a3f8d3001283ccba HTTP/1.1
Host: ws.zoominfo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:50 GMT
content-type: text/javascript
vary: Accept-Encoding
x-powered-by: Express
x-content-type-options: nosniff
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
cf-cache-status: DYNAMIC
set-cookie: visitorId=e887db71c0f7f9b5c1b0a4ce1c122f491637b481bb08dd341980a83200647b9d; Max-Age=31536000; Domain=ws.zoominfo.com; Path=/; Expires=Wed, 24 Jan 2024 03:02:50 GMT; Secure; SameSite=None
__cf_bm=TQBZRtZD0N.CYevr_1CH.frEjQlQNpSE4frZW1nWwL8-1674529370-0-AV3fa3UosdVPQz9hhsZnoVxUEN+puiyaVgD56lmPqLr6ooSmAeht9/IwKbh23ymu3keQgdqUxuA+PVm87i2DJs4=; path=/; expires=Tue, 24-Jan-23 03:32:50 GMT; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
_cfuvid=lEV2mG1P99Lmos8M8.zp4aNu71xoYzTCKv3gFAjoabU-1674529370941-0-604800000; path=/; domain=.zoominfo.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78e588574d99b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1746644/domain/gravwell.io/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1746644/domain/gravwell.io/token
IP
GET /partner/1746644/domain/gravwell.io/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Tue, 24 Jan 2023 02:18:20 GMT
access-control-allow-origin: *
cache-control: public, max-age=30749
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eLtyLGt_wgxZD4VNv64qEJIuNay3QxnFlzC2ISh4t0GtDUgcEy6L2w==
age: 2671
X-Firefox-Spdy: h2
js.hsadspixel.net/fb.js
200 OK 0 B IP
GET /fb.js HTTP/1.1
Host: js.hsadspixel.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:49 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 20 Jan 2023 04:29:49 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: SDrNOl8ziD8gAW.Yx4_m5h0e_hjF8Ssn
etag: W/"c400e8c1e05d683a64923854807562fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: cAOyvhvbcDlArSTQe3mZmyqXggqsjMsPTwu3i4sM8BA8wia3h_NkVQ==
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.316/bundles/pixels-release.js&cfRay=78c93fd85d44d987-IAD
x-hs-target-asset: adsscriptloaderstatic/static-1.316/bundles/pixels-release.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 215
server: cloudflare
cf-ray: 78e5884ce93ab521-OSL
content-encoding: br
X-Firefox-Spdy: h2
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=3422725
200 OK 0 B URL HTTP/2 api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=3422725
IP
GET /hs-script-loader-public/v1/config/pixels-and-events/json?portalId=3422725 HTTP/1.1
Host: api.hubapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gravwell.io
Connection: keep-alive
Referer: https://www.gravwell.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 03:02:50 GMT
content-type: application/json;charset=utf-8
cf-ray: 78e588549a42b51e-OSL
access-control-allow-origin: https://www.gravwell.io
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-max-age: 180
x-hubspot-correlation-id: c710145e-a30f-4c68-b721-358783b4acb8
x-trace: 2B8D33D23912CD0D16751DE11A56E31B0AD6B55017000000000000000000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=516seEJiBJB2orI6VoBlGxLk30i37AF9YGiri4g8DxTPDovP090NuAj%2FNwn%2BWlr8vNqv8VcDcr%2BIHf9uIVEIKJSgLhjO%2FDjN555IdpCw0cTAN2ZRi76NoeXkb0tEsC1N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
200 OK 0 B URL HTTP/2 documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm
IP
ASN #20940 Akamai International B.V.
GET /dc-rendition-provider/2.35.0_4.177.0/AJS/licensing.wasm HTTP/1.1
Host: documentcloud.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://documentcloud.adobe.com/dc-rendition-provider/2.35.0_4.177.0/AJS/acrobatProxy.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 13:36:14 GMT
etag: "7326cb2af7c9e33ac931f6c80ad8dcf5"
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=2419200, must-revalidate
accept-ranges: bytes
content-type: application/wasm
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 24 Jan 2023 03:02:52 GMT
akamai-grn: 0.bf0a655f.1674529372.22ba1d2e
x-robots-tag: noindex, nofollow
access-control-expose-headers: Content-Encoding, Accept-Ranges
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
52.53.211.236
104.19.154.83
151.101.244.157
95.101.10.195
34.246.81.18
93.184.220.29