conduentglobal.com/
3.33.152.147301 Moved Permanently 60 B IP 3.33.152.147:0
File type HTML document, ASCII text
Hash 19372b46ea2a7393def55bd155a793e5
f68e108dc2d3a3117f4bc3584032ddfcbcbdb6de
c8cd09466c81c77f01ee52c1cf933055eceacf29eec50b416d52cd6686440df0
GET / HTTP/1.1
Host: conduentglobal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 05:36:12 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 60
Connection: keep-alive
Location: https://www.conduent.com/
Server: ip-100-74-2-146.eu-west-2.compute.internal
X-Request-Id: 46bdc86b-3111-40ee-a49e-446b45e440e4
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8253
Expires: Sat, 03 Dec 2022 07:53:46 GMT
Date: Sat, 03 Dec 2022 05:36:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6250
Cache-Control: max-age=110352
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:13 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:15:25 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7007
Expires: Sat, 03 Dec 2022 07:33:00 GMT
Date: Sat, 03 Dec 2022 05:36:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 05:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 974
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jalIG9j3HhWcvDKc7gAtYqGB98MpN4VEgLE+NS4pwNn4K+jtwhS2YbwEI69YH2lV14QL6Fuq2Bs=
x-amz-request-id: RTESNB67EDV3PGD9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 04:46:59 GMT
age: 2954
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:36:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 05:11:17 GMT
cache-control: public,max-age=3600
age: 1496
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6243
Cache-Control: max-age=105284
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:13 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:50:57 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.212.166.60101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.212.166.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mHpf6L3NTYJRyDpAroeSwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hIHozOpR/Gmd1trJ0VGhracuVLk=
www.conduent.com/wp-content/cache/autoptimize/css/autoptimize_4fa3d906dfca39318f28747a6522e72f.css
107.154.76.43200 OK 33 kB URL HTTP/2 www.conduent.com/wp-content/cache/autoptimize/css/autoptimize_4fa3d906dfca39318f28747a6522e72f.css
IP 107.154.76.43:0
File type ASCII text, with very long lines (43771)
Hash 650da4634573b48a210045f1da367bd7
f2c6788335ab472b27465c6bb662051e78b211fc
aa34bc5d0629a02cffdcc0014e8988675a29a8a37051f59e979fa7f4db8b86d7
GET /wp-content/cache/autoptimize/css/autoptimize_4fa3d906dfca39318f28747a6522e72f.css HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: W/"6387d5d5-38d62"
last-modified: Wed, 30 Nov 2022 22:14:45 GMT
content-type: text/css
content-length: 32850
content-encoding: gzip
access-control-allow-origin: *
cache-control: max-age=31359868, public
expires: Fri, 01 Dec 2023 04:40:41 GMT
date: Sat, 03 Dec 2022 05:36:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 626) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
www.conduent.com/wp-content/cache/autoptimize/css/autoptimize_002689b74ecbf052ec6216c2842d3f91.css
107.154.76.43200 OK 1.1 kB URL HTTP/2 www.conduent.com/wp-content/cache/autoptimize/css/autoptimize_002689b74ecbf052ec6216c2842d3f91.css
IP 107.154.76.43:0
File type ASCII text, with very long lines (2641)
Hash 292e7e9f2143ad845a08ff6fb7c83cf9
fc71d575ed6ef259e12c97185dc2a83d57253f83
837d587992be5113e63781e734e69910a7d2d7e1cf31f6cb8f027f520134799e
GET /wp-content/cache/autoptimize/css/autoptimize_002689b74ecbf052ec6216c2842d3f91.css HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: W/"6387d5d5-e48"
last-modified: Wed, 30 Nov 2022 22:14:45 GMT
content-type: text/css
content-length: 1102
content-encoding: gzip
access-control-allow-origin: *
cache-control: max-age=31347435, public
expires: Fri, 01 Dec 2023 01:13:28 GMT
date: Sat, 03 Dec 2022 05:36:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 627) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
www.conduent.com/wp-includes/js/jquery/jquery.min.js
107.154.76.43200 OK 31 kB URL HTTP/2 www.conduent.com/wp-includes/js/jquery/jquery.min.js
IP 107.154.76.43:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 982edad5bfc9035b5809810aefff78c5
a42996331642de364b258faae47d8f306cdf341a
11fd6a4c88b7f2b3c4b541ed0d4157fdbaf6b2e1a7451313325ed731bbc967c0
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: W/"6048e0ac-15db1"
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-type: application/javascript
content-length: 30846
content-encoding: gzip
access-control-allow-origin: *
cache-control: max-age=31385712, public
expires: Fri, 01 Dec 2023 11:51:25 GMT
date: Sat, 03 Dec 2022 05:36:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 629) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
www.conduent.com/c-Pealogge-nor-there-that-ith-Byrnane-fore-and-y
107.154.76.43200 OK 55 kB URL HTTP/2 www.conduent.com/c-Pealogge-nor-there-that-ith-Byrnane-fore-and-y
IP 107.154.76.43:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1ec6ea2e8a546a94b4075a72ef02c0d6
88cfd7d60e6e2bd408967a402d269cf8764e5291
8e85fa93a17acdcef2819848eb3faac6e0bdc12f450f16c65f5a2c1ae5e1af17
GET /c-Pealogge-nor-there-that-ith-Byrnane-fore-and-y HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
cache-control: max-age=60
content-encoding: gzip
access-control-allow-origin: *
server-timing: bon, total;dur=0.15747999999999998
server: bon
content-length: 55190
date: Sat, 03 Dec 2022 05:36:13 GMT
set-cookie: nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; path=/; Domain=.conduent.com; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-158022734 NNNN CT(3 5 0) RT(1670045773151 625) q(0 0 0 -1) r(0 0) U18
X-Firefox-Spdy: h2
www.conduent.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=121543732
107.154.76.43200 OK 21 kB URL HTTP/2 www.conduent.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=121543732
IP 107.154.76.43:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7d3052d171b85c4a89e7c87f8d0b2979
58be3499f0b69ff99f768b8e11e0163a2af20328
1b2cf3830220b85a3b9a8fae56673673ea921e0e8ab89786258b0e4e733a4ead
GET /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=121543732 HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/javascript
content-encoding: gzip
x-robots-tag: noindex
content-length: 21441
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.conduent.com/wp-content/cache/autoptimize/js/autoptimize_784ce8e9fddc3b1c16243e4a762641b0.js
107.154.76.43200 OK 192 kB URL HTTP/2 www.conduent.com/wp-content/cache/autoptimize/js/autoptimize_784ce8e9fddc3b1c16243e4a762641b0.js
IP 107.154.76.43:0
File type Unicode text, UTF-8 text, with very long lines (50561)
Size 192 kB (191873 bytes)
Hash 5a5f179690d4608249758a97eb504422
e12a0a4a366cf87377cc511f5788424435c21bf6
3f7f2da5b17252b5d47e989a208d4c4b6932626ebaa6606eb4bd1111b26a42b1
GET /wp-content/cache/autoptimize/js/autoptimize_784ce8e9fddc3b1c16243e4a762641b0.js HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: W/"6387d5d5-b25fd"
last-modified: Wed, 30 Nov 2022 22:14:45 GMT
content-type: application/javascript
content-length: 191873
content-encoding: gzip
access-control-allow-origin: *
cache-control: max-age=31385712, public
expires: Fri, 01 Dec 2023 11:51:25 GMT
date: Sat, 03 Dec 2022 05:36:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 664) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
192.229.233.25200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1451
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 03 Dec 2022 05:36:14 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
www.conduent.com/
107.154.76.43200 OK 134 kB IP 107.154.76.43:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (25151)
Size 134 kB (133942 bytes)
Hash 6410634b931d37e1ec1a480287fafc2b
f46121d19618fb02dd5f05f44d39c72510deb93c
815c2f1027241547c4434da11af5ce814be64d1ee2a1a6ffda1dba8dd59da488
GET / HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:36:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://www.conduent.com/wp-json/>; rel="https://api.w.org/", <https://www.conduent.com/wp-json/wp/v2/pages/60225>; rel="alternate"; type="application/json", <https://www.conduent.com/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://www.conduent.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://www.conduent.com
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 30
x-cache-group: normal
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests; default-src 'self' data: *.ceros.com *.conduentassets.com *.gstatic.com *.googleapis.com *.marketo.com *.marketo.net *.googletagmanager.com *.addthis.com *.moatads.com *.twitter.com *.addthisedge.com *.algolia.net *.google-analytics.com *.licdn.com *.airpr.com *.demandbase.com *.facebook.net *.bing.com *.rezync.com *.rackcdn.com *.gumgum.com *.trustarc.com *.ads-twitter.com *.youtube.com *.linkedin.com *.bidr.io *.rlcdn.com *.gonorth.io *.rfihub.net *.rfihub.com *.googleadservices.com t.co *.company-target.com *.doubleclick.net *.mookie1.com *.mktoresp.com *.facebook.com *.google.com *.conduent.com conduent.wpenginepowered.com *.cdntwrk.com *.adsymptotic.com *.tiqcdn.com *.clarity.ms *.adnxs.com *.polyfill.io *.jquery.com *.sendsafely.com *.bootstrapcdn.com *.gravatar.com *.twitter.com *.cloudflare.com yoast.com *.basis.net *.dstillery.com *.sitescout.com *.media6degrees.com *.adsrvr.org *.cloudfront.net *.hotjar.com *.d41.co 'unsafe-inline' 'unsafe-eval'; base-uri 'self' data: *.conduentassets.com *.gstatic.com *.googleapis.com *.marketo.com *.marketo.net *.googletagmanager.com *.addthis.com *.moatads.com *.twitter.com *.addthisedge.com *.algolia.net *.google-analytics.com *.licdn.com *.airpr.com *.demandbase.com *.facebook.net *.bing.com *.rezync.com *.rackcdn.com *.gumgum.com *.trustarc.com *.ads-twitter.com *.youtube.com *.linkedin.com *.bidr.io *.rlcdn.com *.gonorth.io *.rfihub.net *.rfihub.com *.googleadservices.com t.co *.company-target.com *.doubleclick.net *.mookie1.com *.mktoresp.com *.facebook.com *.google.com *.conduent.com conduent.wpenginepowered.com *.cdntwrk.com *.adsymptotic.com *.tiqcdn.com *.clarity.ms *.adnxs.com *.polyfill.io *.jquery.com *.sendsafely.com *.bootstrapcdn.com *.gravatar.com *.twitter.com *.cloudflare.com yoast.com *.basis.net *.dstillery.com *.sitescout.com *.media6degrees.com *.adsrvr.org *.cloudfront.net *.hotjar.com *.d41.co 'unsafe-inline' 'unsafe-eval'; script-src 'self' *.ceros.com *.conduentassets.com *.gstatic.com *.googleapis.com *.marketo.com *.marketo.net *.googletagmanager.com *.addthis.com *.moatads.com *.twitter.com *.addthisedge.com *.algolia.net *.google-analytics.com *.licdn.com *.airpr.com *.demandbase.com *.facebook.net *.bing.com *.rezync.com *.rackcdn.com *.gumgum.com *.trustarc.com *.ads-twitter.com *.youtube.com *.linkedin.com *.bidr.io *.rlcdn.com *.gonorth.io *.rfihub.net *.rfihub.com *.googleadservices.com t.co *.company-target.com *.doubleclick.net *.mookie1.com *.mktoresp.com *.facebook.com *.google.com *.conduent.com conduent.wpenginepowered.com *.cdntwrk.com *.adsymptotic.com *.tiqcdn.com *.clarity.ms *.adnxs.com *.polyfill.io *.jquery.com *.sendsafely.com *.bootstrapcdn.com *.gravatar.com *.twitter.com *.cloudflare.com yoast.com *.basis.net *.dstillery.com *.sitescout.com *.media6degrees.com *.adsrvr.org *.cloudfront.net *.hotjar.com *.d41.co *.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: *.conduentassets.com *.gstatic.com *.googleapis.com *.marketo.com *.marketo.net *.googletagmanager.com *.addthis.com *.moatads.com *.twitter.com *.addthisedge.com *.algolia.net *.google-analytics.com *.licdn.com *.airpr.com *.demandbase.com *.facebook.net *.bing.com *.rezync.com *.rackcdn.com *.gumgum.com *.trustarc.com *.ads-twitter.com *.youtube.com *.linkedin.com *.bidr.io *.rlcdn.com *.gonorth.io *.rfihub.net *.rfihub.com *.googleadservices.com t.co *.company-target.com *.doubleclick.net *.mookie1.com *.mktoresp.com *.facebook.com *.google.com *.conduent.com conduent.wpenginepowered.com *.cdntwrk.com *.adsymptotic.com *.tiqcdn.com *.clarity.ms *.adnxs.com *.polyfill.io *.jquery.com *.sendsafely.com *.bootstrapcdn.com *.gravatar.com *.twitter.com *.cloudflare.com yoast.com *.basis.net *.dstillery.com *.sitescout.com *.media6degrees.com *.adsrvr.org *.cloudfront.net *.hotjar.com *.d41.co s3.amazonaws.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' data: *.conduentassets.com *.gstatic.com *.googleapis.com *.marketo.com *.marketo.net *.googletagmanager.com *.addthis.com *.moatads.com *.twitter.com *.addthisedge.com *.algolia.net *.google-analytics.com *.licdn.com *.airpr.com *.demandbase.com *.facebook.net *.bing.com *.rezync.com *.rackcdn.com *.gumgum.com *.trustarc.com *.ads-twitter.com *.youtube.com *.linkedin.com *.bidr.io *.rlcdn.com *.gonorth.io *.rfihub.net *.rfihub.com *.googleadservices.com t.co *.company-target.com *.doubleclick.net *.mookie1.com *.mktoresp.com *.facebook.com *.google.com *.conduent.com conduent.wpenginepowered.com *.cdntwrk.com *.adsymptotic.com *.tiqcdn.com *.clarity.ms *.adnxs.com *.polyfill.io *.jquery.com *.sendsafely.com *.bootstrapcdn.com *.gravatar.com *.twitter.com *.cloudflare.com yoast.com *.basis.net *.dstillery.com *.sitescout.com *.media6degrees.com *.adsrvr.org *.cloudfront.net *.hotjar.com *.d41.co 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: *.conduentassets.com *.gstatic.com *.googleapis.com *.marketo.com *.marketo.net *.googletagmanager.com *.addthis.com *.moatads.com *.twitter.com *.addthisedge.com *.algolia.net *.google-analytics.com *.licdn.com *.airpr.com *.demandbase.com *.facebook.net *.bing.com *.rezync.com *.rackcdn.com *.gumgum.com *.trustarc.com *.ads-twitter.com *.youtube.com *.linkedin.com *.bidr.io *.rlcdn.com *.gonorth.io *.rfihub.net *.rfihub.com *.googleadservices.com t.co *.company-target.com *.doubleclick.net *.mookie1.com *.mktoresp.com *.facebook.com *.google.com *.conduent.com conduent.wpenginepowered.com *.cdntwrk.com *.adsymptotic.com *.tiqcdn.com *.clarity.ms *.adnxs.com *.polyfill.io *.jquery.com *.sendsafely.com *.bootstrapcdn.com *.gravatar.com *.twitter.com *.cloudflare.com yoast.com *.basis.net *.dstillery.com *.sitescout.com *.media6degrees.com *.adsrvr.org *.cloudfront.net *.hotjar.com *.d41.co 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self' data: *.conduentassets.com *.gstatic.com *.googleapis.com *.marketo.com *.marketo.net *.googletagmanager.com *.addthis.com *.moatads.com *.twitter.com *.addthisedge.com *.algolia.net *.google-analytics.com *.licdn.com *.airpr.com *.demandbase.com *.facebook.net *.bing.com *.rezync.com *.rackcdn.com *.gumgum.com *.trustarc.com *.ads-twitter.com *.youtube.com *.linkedin.com *.bidr.io *.rlcdn.com *.gonorth.io *.rfihub.net *.rfihub.com *.googleadservices.com t.co *.company-target.com *.doubleclick.net *.mookie1.com *.mktoresp.com *.facebook.com *.google.com *.conduent.com conduent.wpenginepowered.com *.cdntwrk.com *.adsymptotic.com *.tiqcdn.com *.clarity.ms *.adnxs.com *.polyfill.io *.jquery.com *.sendsafely.com *.bootstrapcdn.com *.gravatar.com *.twitter.com *.cloudflare.com yoast.com *.basis.net *.dstillery.com *.sitescout.com *.media6degrees.com *.adsrvr.org *.cloudfront.net *.ceros.com *.hotjar.com *.d41.co; object-src 'self';
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
content-encoding: gzip
set-cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; expires=Sat, 02 Dec 2023 22:15:19 GMT; HttpOnly; path=/; Domain=.conduent.com; Secure; SameSite=None
nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; path=/; Domain=.conduent.com; Secure; SameSite=None
incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; path=/; Domain=.conduent.com; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-158022704 NNNN CT(116 233 0) RT(1670045773151 19) q(0 0 4 0) r(5 5) U12
X-Firefox-Spdy: h2
www.conduentassets.com/cwf/0.1.428/css/cwf_full.min.css
35.190.185.247200 OK 49 kB URL HTTP/2 www.conduentassets.com/cwf/0.1.428/css/cwf_full.min.css
IP 35.190.185.247:0
File type ASCII text, with very long lines (63371)
Hash 6a4683888cdb35f4ba1e24351d6fce2a
b7f605ed532e176c650ab6d590fc42204f653353
4849e4b7500a81df775497060bf544fac12c5d1ece3f9c7cbf77992e1c07f093
GET /cwf/0.1.428/css/cwf_full.min.css HTTP/1.1
Host: www.conduentassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:36:14 GMT
content-type: text/css
last-modified: Fri, 04 Jun 2021 19:51:38 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60ba844a-55901"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
142.250.74.74200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,700,700i
IP 142.250.74.74:0
Hash 2dbb0fb0bcec0607bed6b5fc48cf616f
03d5fe25ce01845185a6419910e894cc8421bea1
556ecd885c401b9689ed8b6921012733c705e6b42d4f42339cbdc1812bfd550d
GET /css?family=Open+Sans:300,300i,400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduentassets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 05:36:14 GMT
date: Sat, 03 Dec 2022 05:36:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.conduentassets.com/cwf/0.1.428/js/bootstrap.min.js
35.190.185.247200 OK 55 kB URL HTTP/2 www.conduentassets.com/cwf/0.1.428/js/bootstrap.min.js
IP 35.190.185.247:0
File type ASCII text, with very long lines (32033)
Hash 66523209966a73e6bb1d20d98aa7c9fe
8901b3b98b3514e46c5d010a7636d2cd1774c72e
c5e4a2531dc770a8148ad903e912e1cb596e92985a4a98a17405547e73ca4766
GET /cwf/0.1.428/js/bootstrap.min.js HTTP/1.1
Host: www.conduentassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:36:14 GMT
content-type: application/javascript
last-modified: Fri, 04 Jun 2021 19:51:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60ba844b-90b5"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
www.conduent.com/wp-content/themes/conduent-corporate/img/i_conduent-star.svg
107.154.76.43200 OK 219 B URL HTTP/2 www.conduent.com/wp-content/themes/conduent-corporate/img/i_conduent-star.svg
IP 107.154.76.43:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash c0dadd458e02ab3bfdb4dcfbdf57ac05
51d893d4e2e182231dadd5e4fef0c7cb94a02244
9e65428c6ae71680067d8320a773c6286f709fcec94b93abe372b1e65a9a70a2
GET /wp-content/themes/conduent-corporate/img/i_conduent-star.svg HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/wp-content/cache/autoptimize/css/autoptimize_4fa3d906dfca39318f28747a6522e72f.css
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: W/"5fa55fa4-111"
last-modified: Fri, 06 Nov 2020 14:37:24 GMT
content-type: image/svg+xml
content-length: 219
content-encoding: gzip
access-control-allow-origin: *, *
cache-control: max-age=29438535, public
expires: Wed, 08 Nov 2023 22:58:29 GMT
date: Sat, 03 Dec 2022 05:36:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 1514) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
www.conduent.com/wp-content/themes/conduent-corporate/img/g_hash.svg
107.154.76.43200 OK 1.9 kB URL HTTP/2 www.conduent.com/wp-content/themes/conduent-corporate/img/g_hash.svg
IP 107.154.76.43:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2488), with no line terminators
Hash bfc67bd5af955b3c1230c7ce8caee5e3
b22185c0d70b505ae702de7f02af71e763372952
ab2e9a6f678ae9490e054c57de2864e45d072f7820d6de9bcbec4e5163214693
GET /wp-content/themes/conduent-corporate/img/g_hash.svg HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/wp-content/cache/autoptimize/css/autoptimize_4fa3d906dfca39318f28747a6522e72f.css
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: W/"5fa55fa4-9b8"
last-modified: Fri, 06 Nov 2020 14:37:24 GMT
content-type: image/svg+xml
content-length: 1892
content-encoding: gzip
access-control-allow-origin: *, *
cache-control: max-age=29438535, public
expires: Wed, 08 Nov 2023 22:58:29 GMT
date: Sat, 03 Dec 2022 05:36:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 1516) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5T2HXZS&l=cduDataLayer
142.250.74.168200 OK 87 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5T2HXZS&l=cduDataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (57469)
Hash 38072fec9c58da250bed61409d57841a
9e79cf723a47f80b51d9f7b2b6d26307567670c4
37230a326d0221db161444abf254aa1dfea81d43362b76b57315f0ebf8d7e1c7
GET /gtm.js?id=GTM-5T2HXZS&l=cduDataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 05:36:15 GMT
expires: Sat, 03 Dec 2022 05:36:15 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.conduent.com/wp-content/themes/conduent/fonts/conduent_icon_font.ttf?wljsj5
107.154.76.43200 OK 41 kB URL HTTP/2 www.conduent.com/wp-content/themes/conduent/fonts/conduent_icon_font.ttf?wljsj5
IP 107.154.76.43:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, conduent_icon_font\012- data
Hash 019bad70f9ae06e27f01b67d93c2cf2b
1909eab4d0c7db85984baef277eebff96cc5162b
a92154b75a374e906d47dd377130bf47a15c0efb2f12589f5a58bee9d40b5012
GET /wp-content/themes/conduent/fonts/conduent_icon_font.ttf?wljsj5 HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/wp-content/cache/autoptimize/css/autoptimize_4fa3d906dfca39318f28747a6522e72f.css
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "5fa55fa4-a03c"
last-modified: Fri, 06 Nov 2020 14:37:24 GMT
content-type: application/octet-stream
content-length: 41020
access-control-allow-origin: *, *
cache-control: max-age=29438535, public
expires: Wed, 08 Nov 2023 22:58:29 GMT
date: Sat, 03 Dec 2022 05:36:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 1608) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
www.conduentassets.com/conduent-logo.png
35.190.185.247200 OK 14 kB URL HTTP/2 www.conduentassets.com/conduent-logo.png
IP 35.190.185.247:0
File type PNG image data, 1130 x 295, 8-bit/color RGBA, non-interlaced\012- data
Hash c502304107e28708df99adddc1c9d890
3579b47f44d22751d06df02408f857053aea382c
1f95e6bf41e0483300963dc2c6c25e75e97be609164c145bbbf150801b5bec7d
GET /conduent-logo.png HTTP/1.1
Host: www.conduentassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:36:15 GMT
content-type: image/png
content-length: 13873
last-modified: Wed, 07 Oct 2020 18:28:21 GMT
etag: "5f7e08c5-3631"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
www.conduentassets.com/hfs/assets/flags/us.gif
35.190.185.247200 OK 603 B URL HTTP/2 www.conduentassets.com/hfs/assets/flags/us.gif
IP 35.190.185.247:0
File type GIF image data, version 89a, 16 x 11\012- data
Hash da422823d2ddd00613748c00f199a54c
6623e3aef5dd13012bb67abbaacf1bad718f6a94
abebe7311660503623f0d4e98a9aa05411b01a317878ad41f0428ef6392e7d08
GET /hfs/assets/flags/us.gif HTTP/1.1
Host: www.conduentassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:36:15 GMT
content-type: image/gif
content-length: 603
last-modified: Wed, 07 Oct 2020 18:28:24 GMT
etag: "5f7e08c8-25b"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Sat, 03 Dec 2022 08:03:56 GMT
Date: Sat, 03 Dec 2022 05:36:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Sat, 03 Dec 2022 08:03:56 GMT
Date: Sat, 03 Dec 2022 05:36:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Sat, 03 Dec 2022 08:03:56 GMT
Date: Sat, 03 Dec 2022 05:36:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Sat, 03 Dec 2022 08:03:56 GMT
Date: Sat, 03 Dec 2022 05:36:15 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Sat, 03 Dec 2022 08:03:56 GMT
Date: Sat, 03 Dec 2022 05:36:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 28008
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd79a3383-273b-420b-975f-73400e86239a.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd79a3383-273b-420b-975f-73400e86239a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7c90eda6b69179422ecd1245e94162c
d5e0aef84626250a62cc94a781a47e08aaac3f6a
5fd1c9586a82c9e6a9a8b5d99b746f17e9485f80057ec35c3f8d5ab5256fbb16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd79a3383-273b-420b-975f-73400e86239a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8273
x-amzn-requestid: 6abe0e18-1b39-4a87-8f15-6ea75d99b658
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZosHLDIAMFyoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fd1-455200672a96e0f5605a339f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:36:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sSTysER3tOW4FGv3lqvx2cPAaG8J9wyeuRJB61x8oYQG9Ah1xe1Z0w==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:33 GMT
age: 27762
etag: "d5e0aef84626250a62cc94a781a47e08aaac3f6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b77186d0d93f7ccfe729edd9d184af3
458aa485b9abef3b72427d308a172d1c24eceabd
8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 08:01:16 GMT
age: 77699
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 11:01:04 GMT
age: 66911
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jM-fTqLsmU3c_gc9Wle-lvCwXelA9Sid9axtzJQDsfOHv23yUbKsBw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:43:28 GMT
age: 21167
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 585e7e56aed6b2f2f5e658f46bb791c4
34b768eb68f6cb850ff984fd687096e089649523
5412ba902e667571b0bbb3879ba6b9ad39501abce59381e84e6aa09779e7198b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F741da48c-a860-42fc-8f5c-4572522c2f56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6416
x-amzn-requestid: f5456dd6-8459-4a19-a9b5-b7b567fceb01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cik2pG5aoAMFrVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a81c3-0923232b35133f471332062b;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 22:52:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fO2Nzz-s_o-67i4JhGgbUZdA5G1B8c9RrnJKm56RN7Ae_MK65KeRtQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 23:08:03 GMT
age: 23292
etag: "34b768eb68f6cb850ff984fd687096e089649523"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.conduent.com/_Incapsula_Resource?SWKMTFSR=1&e=0.4049437125839991
107.154.76.43200 OK 1 B URL HTTP/2 www.conduent.com/_Incapsula_Resource?SWKMTFSR=1&e=0.4049437125839991
IP 107.154.76.43:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /_Incapsula_Resource?SWKMTFSR=1&e=0.4049437125839991 HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; ___utmvc=Dhth4GJ4EaI9sHLkAQLktyVSjr+nor/TnyKpEVri6w/fgVFeKtbm8hi9TlMqMTDS1eD64zPypgOTw8wQu7Y7GDKcEYPOmNlvbDjQCBIyvRnI/F95pPlPKoEr3q3j3bm1sIWJ3765N//iSGLhZuaVhwQxuvx0aBLJPPb42+VlJ7ZqNYh/ct9ZMyjhNNOXdWewlBWf7DPahPpkS28NYQIOGrCFUAP5p+xb27YsnvIT/Mr5McvqUY7QfYhXEvAhmmSMFayjnEpKuBnEdGZWz9PEM2W0KEInGUj7hVFlvtKIGpI4xrzNT4ec8ffB0McB39GAguGYKqGrNs/AErYQfDVl5ZfAuDZNgLu1jkBjACiIWzrnvMSNMjyygimBJ/c29u0O0a1/2l+KXSkASk+aG3vKyfD3+LwPVIUvDxcBxepft73w9XdOc679PmPO9WzhbePCJrfKMirU/oFi2jOIW333S0FhS3QWC2+GW8AABqkvkaUY4KU9jjqDfFQYJWQlPPrZztgPcZwOaJHuWu6mk6ziktbW57y6NHqPhMg/FAgVWO931jVQUpTTPEv8fhIqrmvNfLSGsBaY07mtx7l4f/ORc8A9xFQA4mzuS4x/F/ICO+QHBr3vAMgKPUP6Tz+bWVFqRo1xYGouGBFzg64pTOXG9F8qAmeJmTHZllyGO/wgEv6SI7Vqv4LxZVoFEFW2lgN9Y69KNmbWME8KGgaXfb6Bdt5p4PhiBvaiT/yz6jODWvyoyyHYDxZ0jXEiX+UnCrVK8o5Lmm42G23g2m56tMqz8p8eVMc/coozlZ3bCfx8PZTTU+09UWYZBypf0138N3M5AufQTbfU5/q8Fxaz0jQZjWe8YNcqTJvSFUFqr7RA0JS9ts8PAa89SCZ2QwyfrdU+3Osfk5eEs07TZzk3EKwpQSUNlSJfcZU9ff46CJSlNCr3ii/iY0YPmQEKux9dGfQ4R1QPhTS3xGM3lcB27Y+ihX3wSz9jBjd3PD75FXx7N+42N2+AYnzgKfkDjfQSu1mqTaW0mF7Ov72kM/9hziLDONjSwe2S5dAJ0F/AyUJvQM6wn59RrRJKkIi2DXov9SXs6D1qFGd+rior3T+ovTMbZ2VT6GJi0kStZjigjpitVSNU9QQbvGUdBWe3P1tFeC36ynto65HfqFB5sj0Lmvf4pvoQb2wKySDADeVykgeRFPODa+eha+ewffgy6VEKPgjSCJbabz6HfHLllQbzjIXzYDAC+LfEt0vn0XIHuIf9fpnwbN2jZR57mbOXSEqF46MHE9oc5n9D4pxWw5azj3OaODMmtMRBi4GZS8N+9m+Zkr2QRhsbc1OuF9tgwOaxBvQZdc3qBFvYOKUv0QKgQgvKL2JoxsYsu5XTs00MeM0sx8WuOK+j7A0Libx+igZSwk3a8KjidjCv9YaqhUYMsMO0OY3AlNhFakwfaHA+vcKBwuf0yicuc9yyiNg/X/kKkY+FxtplD+bZkWrL8aCcZGyZvKWX/sZ2hSzkL8A/pCGJnzXfDDzjg2AGR7jlYRPLCSUPuUW/+9QBVcy6LpNMgLcNaCBd70jog78uiFPTPiaKpZ83S8JGXJDMXR8TyJ7gqR9sILQ5jNkzexegDWzMK9dKluNECuBReyn+gUYKkqb7/SoX8zqc+vL1OuS/xnAGVbhQ6Andkg4b4P3otB1D+URJgZLHFwIdIX1eLqfq22E/Pty9PTaVOsr/wWdvs5tl0jpdpPW/hy1jEQSi9VG1OP90Roa5zhBb6Ir+ImHMGzwr/3VwkiqijrwFP+Yb6/eByIy9BadUxJooLXdvJxVj4R0G+LCzGc76eDvvKm32+Sca292j0Ve1CDy+4XJgEvFy9KfYC5Qnu1gTeyVx2Z14XUnO45dHa6BLApA0Cyju7PRQzhur3GJR1Iy5oC8N5LIMwFwK+q8l4cCN5k0wJY7VpFAi4M5vkRoNdwiF4tCLt0Lr5bpak7Yhb6T79c/df9pf1QK2C1j1nW5ow6TnSoLcyQw/a/IlIWIHEMphqIe5ezrQIlICGVG3VylBQe/7K62rMe/r+4ucuFIp0PsgIqrj7gJPndGl2b6jg81bOEf8QQrXjtI9pc2wqxe+GIbFdUEutA/iXwoln0Ha+kCM/HgcMrKKHDVDSTxdzNRlQRWWYtQO4Hy1QNFx99dWfCTNVnJ4m7i4KHYzxlTtsjXot7I15YstuoEyB/+aKrII18//QvdagVazwdOhWGFj6+njLCtxGLiG+ozEXtzt1/5Pm0jyZ/GiObF9dbSxF08sHbS6bGoiFnPXoChyi60bqzMIBgbh2W6+pu9E/IbOGTcsV3MZptuQnrFumKhTP4KHWtd8cnRwZRx6VhttP5dUvk+RNkMiwe3icZoC+iswPB99TawRpSFt+hLPXEEHhbQcPk6awMLFrRbw4YuGCIwqOeRJ0w7Ez01RziMqZ9PoMhrRElWAYgZfuyNtpH8RvbaBLUGc20XRzuEzHGy1F5PqMXNYN5218L7xOTM/5YFmIsR8SE61ZgcMVvSYVeE6UJhgjrrhoYKdmWIHFRrrH+7sxqsBprd947+2cEhv0mAvMqnu6If78KeVX2DqnqZ2qn6KYTVlm8e9uw5vYvhtn0kjeiCaJp0d4gOVNl+ihNR1uEpsl0QpD/k73mXvl09fPuE0cPnU1/4X9GuMwS/yhirHdyIUkRMPijgVKq9Iu7StQeElJYIV019DSK4FUFlHMixkaWdlc3Q9MTg1MDU2LHM9ODBhOWE0ODg4YzdiNjE4ZjZkNzM5Yjg0YTQ5YjdlYTNhOTliYTA5MWE2OTE2ODg0N2Y3OTc4YTQ5ZThlNzI3ZDhlNzU5N2EyN2Q3OTcyNmQ=; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: text/plain
x-robots-tag: noindex
content-length: 1
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Sun, 13 Nov 2022 22:08:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 03 Dec 2022 05:36:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.conduent.com
192.229.233.25200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.conduent.com
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.conduent.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 199819
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 03 Dec 2022 05:36:15 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
v1.addthisedge.com/live/boost/ra-5e7cbae62f300a86/_ate.track.config_resp
23.38.200.123200 OK 154 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-5e7cbae62f300a86/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 1798455c51e19a1de93e52339a502e8d
a0457d200050e575fe5fce342ef18826773a19a2
3f695eaf6f5245ffc8385edd6ed3d174509a3faedc9b9e14e4bffb1f0a881fb0
GET /live/boost/ra-5e7cbae62f300a86/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
etag: 659743217
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 154
cache-control: public, max-age=12, s-maxage=86400
date: Sat, 03 Dec 2022 05:36:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.conduent.com/wp-content/uploads/2022/03/Home_Landing_Banner1-1362x535.jpg
107.154.76.43200 OK 77 kB URL HTTP/2 www.conduent.com/wp-content/uploads/2022/03/Home_Landing_Banner1-1362x535.jpg
IP 107.154.76.43:0
File type JPEG image data, baseline, precision 8, 1362x535, components 3\012- data
Hash aca2f41a5b4f8ffb376d7241911c3c6c
3b59c772c428de77538eaf12347673c73019f64a
3ac569209af15359807e5d074100deeac4f53ff1e1599657135e7513ec5f56e8
GET /wp-content/uploads/2022/03/Home_Landing_Banner1-1362x535.jpg HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "62328cfa-12f5c"
last-modified: Thu, 17 Mar 2022 01:20:58 GMT
content-type: image/jpeg
content-length: 76718
access-control-allow-origin: *
cache-control: max-age=31385709, public
expires: Fri, 01 Dec 2023 11:51:24 GMT
date: Sat, 03 Dec 2022 05:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 1911) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=31928
date: Sat, 03 Dec 2022 05:36:15 GMT
X-Firefox-Spdy: h2
www.conduent.com/wp-content/uploads/2018/02/cropped-faviTest-192x192.png
107.154.76.43200 OK 20 kB URL HTTP/2 www.conduent.com/wp-content/uploads/2018/02/cropped-faviTest-192x192.png
IP 107.154.76.43:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c1cc8f9172890392b8c76fd439cd83ac
79b3810effd90e26d7f7977d47aa9d4f2d46f407
f94e8ce58489265dca19b239660aef6deaff189531617336d474b8fa8713e2a3
GET /wp-content/uploads/2018/02/cropped-faviTest-192x192.png HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "62328cf4-4ff3"
last-modified: Thu, 17 Mar 2022 01:20:52 GMT
content-type: image/png
content-length: 20467
access-control-allow-origin: *
cache-control: max-age=31367518, public
expires: Fri, 01 Dec 2023 06:48:13 GMT
date: Sat, 03 Dec 2022 05:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 1977) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.138200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 12:56:59 GMT
expires: Mon, 27 Nov 2023 12:56:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 491956
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.conduent.com/wp-content/uploads/2018/02/cropped-faviTest-32x32.png
107.154.76.43200 OK 2.0 kB URL HTTP/2 www.conduent.com/wp-content/uploads/2018/02/cropped-faviTest-32x32.png
IP 107.154.76.43:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ee03392002173d2112d9a0ea6bb265d
88cb1ea0f89a86b6d9e3c006aec9aa1d5a061171
fdac4d8e86fc342cdc7994aaf4b38959a694a4df757584131a81bcebdb823d0f
GET /wp-content/uploads/2018/02/cropped-faviTest-32x32.png HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "62328cf4-831"
last-modified: Thu, 17 Mar 2022 01:20:52 GMT
content-type: image/png
content-length: 1973
access-control-allow-origin: *
cache-control: max-age=31367518, public
expires: Fri, 01 Dec 2023 06:48:13 GMT
date: Sat, 03 Dec 2022 05:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 1979) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=638ae04d2e7a0b8e&bkl=0&bl=1&pdt=1511&sid=638ae04d2e7a0b8e&pub=ra-5e7cbae62f300a86&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.conduent.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670045773447&jsl=8193&uvs=638ae04d97c2ac75000&skipb=1&callback=addthis.cbs.jsonp__87030539049067270
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=638ae04d2e7a0b8e&bkl=0&bl=1&pdt=1511&sid=638ae04d2e7a0b8e&pub=ra-5e7cbae62f300a86&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.conduent.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670045773447&jsl=8193&uvs=638ae04d97c2ac75000&skipb=1&callback=addthis.cbs.jsonp__87030539049067270
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 21be070c58928da6ed95fefe03d588e2
5c1f2d89e1efed683a3b00c90e7e52e729b446e6
d1b2ea94baf116d573a7f2d2d57b955a56b86a3988b23710bf8ba6fae6a3302a
GET /live/red_lojson/300lo.json?si=638ae04d2e7a0b8e&bkl=0&bl=1&pdt=1511&sid=638ae04d2e7a0b8e&pub=ra-5e7cbae62f300a86&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.conduent.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670045773447&jsl=8193&uvs=638ae04d97c2ac75000&skipb=1&callback=addthis.cbs.jsonp__87030539049067270 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 03 Dec 2022 05:36:15 GMT
X-Firefox-Spdy: h2
script.hotjar.com/modules.90de377b639fd5b933d2.js
143.204.55.46200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.90de377b639fd5b933d2.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 8766036825574dfbddbfc197bd098f6b
3c6087743e1b23d7f071f66d65bec1fdb143a2c2
89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
GET /modules.90de377b639fd5b933d2.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rrZNNQfdclanhVj2SjzkdCa9ZCcxz31jZVZ7cZA3EaZ1XRRTrPGt4w==
age: 143949
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 008d73afe4b0c9173762e808e60a25b4
3667c94f1fb3ac84426306c33e42e977ea1c8f5f
8cb7e87e8a4a09cace36dbc160197bf46a0de5e2a192435616acfa8fa8e973b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5553
Cache-Control: max-age=90163
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:15 GMT
Etag: "638987d2-139"
Expires: Sun, 04 Dec 2022 06:38:58 GMT
Last-Modified: Fri, 02 Dec 2022 05:06:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
secure.adnxs.com/seg?add=27589829&t=1
37.252.173.215307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/seg?add=27589829&t=1
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /seg?add=27589829&t=1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 05:36:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27589829%26t%3D1
AN-X-Request-Uuid: 87b372d4-7ba8-4512-b71a-2c320ddba180
Set-Cookie: uuid2=256713999479915940; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Mar-2023 05:36:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
syndication.twitter.com/settings?session_id=1a96add098be620cf2dc0551ba031fe1c4c0f62d
104.244.42.200200 OK 1.2 kB URL HTTP/2 syndication.twitter.com/settings?session_id=1a96add098be620cf2dc0551ba031fe1c4c0f62d
IP 104.244.42.200:0
File type ASCII text, with very long lines (980)
Hash a4c786844f729201f2086b2b8390161e
348627f2972d0352939ae348745b610fec97fbdf
c5ba7ecbba41df36108d6eb160c04149cba1ef18e7d9583eb80c68b6175bf859
GET /settings?session_id=1a96add098be620cf2dc0551ba031fe1c4c0f62d HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:15 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sat, 03 Dec 2022 05:36:15 GMT
content-length: 386
content-encoding: gzip
x-transaction-id: e74fc8ac84ef96c5
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: b2862eda88500db02bcff789b42a3540f1cb9e457b9a1a716aa5ce9708ec93ee
X-Firefox-Spdy: h2
consent.trustarc.com/notice?domain=conduent.com&c=teconsent&js=nj¬iceType=bb>m=1
143.204.55.90200 OK 5.1 kB URL HTTP/2 consent.trustarc.com/notice?domain=conduent.com&c=teconsent&js=nj¬iceType=bb>m=1
IP 143.204.55.90:0
File type ASCII text, with very long lines (2910)
Hash 7e7372b2bf7dfef06d16081fb7e2413a
4b47a7efd1f510bae69d139d7b31ae6387971986
4a511296be5517a80c46be34041c00ae13b30d080775a446d6ef40e7362f9a54
GET /notice?domain=conduent.com&c=teconsent&js=nj¬iceType=bb>m=1 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 5112
date: Sat, 03 Dec 2022 05:35:28 GMT
content-encoding: gzip
expires: Sat, 03 Dec 2022 06:35:28 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
cloudfront-viewer-country-region: 03
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 64urj5YBigcL1zZVkh-7tRWcSMdBw-bI-4OLzcgciEB-TWpB1b_eRg==
age: 47
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27589829%26t%3D1
37.252.173.215200 OK 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fseg%3Fadd%3D27589829%26t%3D1
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fseg%3Fadd%3D27589829%26t%3D1 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 05:36:15 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 4e96583b-c07a-49c6-8715-28cf6924a1d5
Set-Cookie: anj=dTM7k!M4/8CxrEQF']wIg2C%@sgRd>!@wnf-Te9(>wL5L!!'5h$YFFQ; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Mar-2023 05:36:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=f31bfbaee5783b41222717822c5b368b&k=conduent-rt-zync-pixel
143.204.55.27200 OK 1.3 kB URL HTTP/2 live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=f31bfbaee5783b41222717822c5b368b&k=conduent-rt-zync-pixel
IP 143.204.55.27:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (1314)
Hash 621595a6c0de8b68c4223864bd863c92
b4ce1d875fe0ca36a1ce753483a283236f926dc8
5c1a09bd0296f8316b934da09412018a88dfffb08f7ff8456ad379543755f262
GET /sync?c=16b6410431b6374e780104abb0443ca8&p=f31bfbaee5783b41222717822c5b368b&k=conduent-rt-zync-pixel HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1348
date: Sat, 03 Dec 2022 05:36:16 GMT
set-cookie: zync-uuid=c918fb15-ce7a-4c3c-8b90-78a094eb8619:1670045775.9208848; Domain=rezync.com; Expires=Thu, 01 Jun 2023 05:36:16 GMT; Path=/; SameSite=None; Secure
sd-session-id=eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiYzkxOGZiMTUtY2U3YS00YzNjLThiOTAtNzhhMDk0ZWI4NjE5OjE2NzAwNDU3NzUuOTIwODg0OCJ9.Y4rgUA.HjdpFZeQ50FgDIO6c_dcCXn9iZs; Expires=Thu, 01 Jun 2023 05:36:16 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gaIDqvM8CosF_ojJ_ztuRallXMElRt3_9GpWb95dk9qId4EK6TGoog==
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 28ZrKqdXrtY6w221W3i3y4fU3i5AB8SKQTDi93xby7qOrlVBO68TZA==
age: 836770
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7b3adc27ee30eab3059de85690badfe9
eb276b7e511c37fdc3f93f4f6bcbbecd3c49273a
bc46c46178bad6aa8d1964c29f53be2223dc3fc8041303a646df2e8222224ae6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 23:37:31 GMT
Expires: Tue, 06 Dec 2022 23:37:30 GMT
Etag: "eb276b7e511c37fdc3f93f4f6bcbbecd3c49273a"
Cache-Control: max-age=323473,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7739f1930c53b506-OSL
static.hotjar.com/c/hotjar-759017.js?sv=6
143.204.55.84200 OK 5.2 kB URL HTTP/2 static.hotjar.com/c/hotjar-759017.js?sv=6
IP 143.204.55.84:0
File type ASCII text, with very long lines (5908)
Hash 8ce148d21d0e459cad08218acbce99be
975134f34be731aab2e8c8f6d8df0219f4b566ff
60a8d8a518cbecb6c6eaff727da617ad8e4e91481a2ebf187ff66b61923b9e21
GET /c/hotjar-759017.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 05:35:27 GMT
cache-control: max-age=60
etag: W/75f036d0231112b331195ea96f8fcb0b
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Yq-uMvEYvC3136vYHT_6k__u3bDMkQ4MHW8XHp56Fs1p96i6XDLy9A==
age: 48
X-Firefox-Spdy: h2
consent.trustarc.com/log?domain=conduent.com&country=no&state=&behavior=implied&c=b54f
143.204.55.90200 OK 43 B URL HTTP/2 consent.trustarc.com/log?domain=conduent.com&country=no&state=&behavior=implied&c=b54f
IP 143.204.55.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /log?domain=conduent.com&country=no&state=&behavior=implied&c=b54f HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Sat, 03 Dec 2022 05:36:16 GMT
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TcjmCqxeSkpx0VyoyeS2MxiCkpaRJl-hwGf3RPfd3PjedDxzeTHVDQ==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
consent.trustarc.com/notice?domain=conduent.com&country=no&js=nj2&c=teconsent¬iceType=bb>m=1
143.204.55.90200 OK 4.8 kB URL HTTP/2 consent.trustarc.com/notice?domain=conduent.com&country=no&js=nj2&c=teconsent¬iceType=bb>m=1
IP 143.204.55.90:0
File type HTML document, ASCII text, with very long lines (4311)
Hash 2461ef30474898b747b16bfca6e84d2e
c32c766b4e7ecccd28d4c293d869e0c88757c767
de2956838255d6a5af32ac619eb8380031e7931cc3f6968f7b1573095e2ed489
GET /notice?domain=conduent.com&country=no&js=nj2&c=teconsent¬iceType=bb>m=1 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 4789
date: Sat, 03 Dec 2022 05:35:28 GMT
content-encoding: gzip
expires: Sat, 03 Dec 2022 06:35:28 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
cloudfront-viewer-country-region: 03
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C9mH6VFOIRwWBOGGzbh5Fpp1WO1My5iqiJ6qUgEcy4S6348lfdDkVg==
age: 48
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
www.conduent.com/wp-content/themes/conduent-corporate/img/p_articles.jpg
107.154.76.43200 OK 5.4 kB URL HTTP/2 www.conduent.com/wp-content/themes/conduent-corporate/img/p_articles.jpg
IP 107.154.76.43:0
File type JPEG image data, baseline, precision 8, 170x170, components 3\012- data
Hash 8854da988ed2ef5df648049bd8eb39fe
cde5b1bffb16b0823807be3441430689c1e99328
afe737c24f50562d6b9d21686037e42cbb303ef06b276672c2dc5262e9af1d00
GET /wp-content/themes/conduent-corporate/img/p_articles.jpg HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000; wp-wpml_current_language=en; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.1.806545584.1670045774; notice_behavior=implied,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "60d227e2-1a9b"
last-modified: Tue, 22 Jun 2021 18:11:46 GMT
content-type: image/jpeg
content-length: 5351
access-control-allow-origin: *
cache-control: max-age=31347435, public
expires: Fri, 01 Dec 2023 01:13:30 GMT
date: Sat, 03 Dec 2022 05:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 2615) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
www.conduent.com/wp-content/themes/conduent-corporate/img/p_solutions.jpg
107.154.76.43200 OK 6.7 kB URL HTTP/2 www.conduent.com/wp-content/themes/conduent-corporate/img/p_solutions.jpg
IP 107.154.76.43:0
File type JPEG image data, baseline, precision 8, 170x170, components 3\012- data
Hash d00c45187d7add014b4e8e7bfd500ae3
4296421a40c6afc330761ff5f6038170cb30b3f2
d876e6e19199c99976a1c60c640767cb01ee329b136054e3f40f481bbf752518
GET /wp-content/themes/conduent-corporate/img/p_solutions.jpg HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000; wp-wpml_current_language=en; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.1.806545584.1670045774; notice_behavior=implied,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "60d227e2-1e24"
last-modified: Tue, 22 Jun 2021 18:11:46 GMT
content-type: image/jpeg
content-length: 6674
access-control-allow-origin: *
cache-control: max-age=31347435, public
expires: Fri, 01 Dec 2023 01:13:30 GMT
date: Sat, 03 Dec 2022 05:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 2618) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
www.conduent.com/wp-content/uploads/2022/11/bnr_Digital_Integrated_Payments_Hub3-150x150.jpg
107.154.76.43200 OK 3.0 kB URL HTTP/2 www.conduent.com/wp-content/uploads/2022/11/bnr_Digital_Integrated_Payments_Hub3-150x150.jpg
IP 107.154.76.43:0
File type JPEG image data, baseline, precision 8, 150x150, components 3\012- data
Hash 4da77f6453a7acc2f4b294504c758fe1
7c3644f177f8e31a18bc4414936fa6043d3297c2
75fdcc41593dafd9f70231816ac439f4c040e190e991f1951fb770d957aa2e7b
GET /wp-content/uploads/2022/11/bnr_Digital_Integrated_Payments_Hub3-150x150.jpg HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000; wp-wpml_current_language=en; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.1.806545584.1670045774; notice_behavior=implied,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "637bb05e-cad"
last-modified: Mon, 21 Nov 2022 17:07:42 GMT
content-type: image/jpeg
content-length: 2973
access-control-allow-origin: *
cache-control: max-age=30549273, public
expires: Tue, 21 Nov 2023 19:30:48 GMT
date: Sat, 03 Dec 2022 05:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 2623) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd901450af1f5a00362f62b995d3a71
9a59bc910b83700d486d9a84341d6f1e0e876dcb
696bde2c7ab8c26b95e7625bfa8a801f5adbbed1272ccdccec0b5cb447af6471
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.conduent.com/wp-content/uploads/2020/07/benepath-banner2-150x150.png
107.154.76.43200 OK 26 kB URL HTTP/2 www.conduent.com/wp-content/uploads/2020/07/benepath-banner2-150x150.png
IP 107.154.76.43:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 08d8deac212982e90ca3368e79892082
a2b30970679273ee2444701df19752e6a6e96ebf
3dfe4bf1f69a2d887bc375194f9475e999850297a3c7cf386ed8352c5d983b7e
GET /wp-content/uploads/2020/07/benepath-banner2-150x150.png HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000; wp-wpml_current_language=en; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.1.806545584.1670045774; notice_behavior=implied,eu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "62328cf8-6533"
last-modified: Thu, 17 Mar 2022 01:20:56 GMT
content-type: image/png
content-length: 25907
access-control-allow-origin: *, *
cache-control: max-age=29438541, public
expires: Wed, 08 Nov 2023 22:58:36 GMT
date: Sat, 03 Dec 2022 05:36:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-iinfo: 14-158022702-0 0CNN RT(1670045773151 2628) q(0 -1 -1 -1) r(0 -1)
X-Firefox-Spdy: h2
6319809.fls.doubleclick.net/activityi;src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F?
142.250.74.134200 OK 230 B URL HTTP/2 6319809.fls.doubleclick.net/activityi;src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (444), with no line terminators
Hash dc378e13e1679d953d3236b8c51608ff
fab82627f385b4c7d2fa601a0cbd7f447fd808cc
abee7519ade24ae2aa53a26936e3a11944d9ca686c53c9f75007e58ca9637c5e
GET /activityi;src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F? HTTP/1.1
Host: 6319809.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 05:36:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 230
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 05:51:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com/11239.js
23.38.200.213200 OK 22 kB URL HTTP/1.1 8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com/11239.js
IP 23.38.200.213:0
File type Unicode text, UTF-8 text, with very long lines (61281)
Hash 590b0436392912afd560d69ce6ce04b0
4bdf898adcfb2ee330aca81a3eaa825a3f7e9e0e
6ef9c527c257d754c7495dc5d653e4459324af655961adf065ce5930e435650e
GET /11239.js HTTP/1.1
Host: 8ab0a26cb0027939bcf5-49c99c3c0c9c98b3365b710757036e1b.ssl.cf5.rackcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Trans-Id: tx0dccfe4054614289bbe39-00638ae050iad3
Last-Modified: Thu, 17 Nov 2022 14:50:06 GMT
ETag: 2dbb2ec4a14e39a16fd4a32151df3c82
Accept-Ranges: bytes
X-Timestamp: 1668696605.46942
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=893
Expires: Sat, 03 Dec 2022 05:51:09 GMT
Date: Sat, 03 Dec 2022 05:36:16 GMT
Content-Length: 22169
Connection: keep-alive
cdn-akamai.mookie1.com/LB/LightningBolt.js
184.86.4.81200 OK 5.9 kB URL HTTP/1.1 cdn-akamai.mookie1.com/LB/LightningBolt.js
IP 184.86.4.81:0
Hash e66b8d19906da9a8aab646bf7b51d171
f3bb761464dd54be6501ec0a71b85b69060bf602
171c35f576f98994cf6fc44361c51125b87f39323031efbdb4284c75c81c89ef
GET /LB/LightningBolt.js HTTP/1.1
Host: cdn-akamai.mookie1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "270039c6f895b8dedb38670a8b5d8d8e:1632232785.507395"
Last-Modified: Tue, 21 Sep 2021 13:59:45 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
Expires: Sun, 04 Dec 2022 05:36:16 GMT
Date: Sat, 03 Dec 2022 05:36:16 GMT
Content-Length: 5924
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd901450af1f5a00362f62b995d3a71
9a59bc910b83700d486d9a84341d6f1e0e876dcb
696bde2c7ab8c26b95e7625bfa8a801f5adbbed1272ccdccec0b5cb447af6471
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent.trustarc.com/bannermsg?action=views&domain=conduent.com&behavior=implied&country=no&language=en&rand=0.2993443794728391
143.204.55.90200 OK 43 B URL HTTP/2 consent.trustarc.com/bannermsg?action=views&domain=conduent.com&behavior=implied&country=no&language=en&rand=0.2993443794728391
IP 143.204.55.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /bannermsg?action=views&domain=conduent.com&behavior=implied&country=no&language=en&rand=0.2993443794728391 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Sat, 03 Dec 2022 05:36:16 GMT
cache-control: no-cache
pragma: no-cache
expires: Sat, 03 Dec 2022 05:36:15 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3_hij-0L1VxS4aR_Xyt4GOq27H_plenrfzrduo2w8lrjLd7VGfbtdQ==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F
142.250.74.162200 OK 248 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (443), with no line terminators
Hash 59740ead67bfc415967f003dcbb2ceac
930f1a9f70502bbccf46efa50dd9e669b0f7d266
38879aa6d34bb9f1ad473296c82fd2e6b6bf0078b7e38bafa74ee469d82dc5af
GET /ddm/fls/i/src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6319809.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 05:36:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F
172.217.21.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=6319809;type=home;cat=cdn_h0;ord=7008085972503;gtm=2wgbu0;auiddc=511948215.1670045774;~oref=https%3A%2F%2Fwww.conduent.com%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 05:36:16 GMT
expires: Sat, 03 Dec 2022 05:36:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
action.dstillery.com/orbserv/nsjs?adv=cl1026144&ns=3628&nc=Brand&ncv=42&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
104.18.22.234302 Found 808 B URL HTTP/2 action.dstillery.com/orbserv/nsjs?adv=cl1026144&ns=3628&nc=Brand&ncv=42&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
IP 104.18.22.234:0
Hash 9a852774a0022191c4f6f6e81ae9c756
78029921f0aa233fd4a4511e9a2feea3cc12e514
8ac0b5ebffec1b024f1537ae90374e83c5a35d78338b5b41dff7c4e0ebe0b30f
GET /orbserv/nsjs?adv=cl1026144&ns=3628&nc=Brand&ncv=42&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP/1.1
Host: action.dstillery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 05:36:16 GMT
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1026144&ns=3628&nc=Brand&ncv=42&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7739f194afd20b55-OSL
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash f20a2a13442e9e5b2e1017eb151f9fbd
f10dbc9ffdbbc7ef268907be0bd95ad4bfd84285
8298488553e2b997b63301e82c737279efe3c6b4f10a5adf57caf34bdb0b8bcb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Dec 2022 05:36:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 21:36:13 GMT
Expires: Sat, 03 Dec 2022 21:36:13 GMT
ETag: "f10dbc9ffdbbc7ef268907be0bd95ad4bfd84285"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
region1.google-analytics.com/g/collect?v=2&tid=G-21KBGVSV08>m=2oebu0&_p=333292847&cid=806545584.1670045774&ul=en-us&sr=1280x1024&_s=1&sid=1670045774&sct=1&seg=0&dl=https%3A%2F%2Fwww.conduent.com%2F&dt=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-21KBGVSV08>m=2oebu0&_p=333292847&cid=806545584.1670045774&ul=en-us&sr=1280x1024&_s=1&sid=1670045774&sct=1&seg=0&dl=https%3A%2F%2Fwww.conduent.com%2F&dt=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-21KBGVSV08>m=2oebu0&_p=333292847&cid=806545584.1670045774&ul=en-us&sr=1280x1024&_s=1&sid=1670045774&sct=1&seg=0&dl=https%3A%2F%2Fwww.conduent.com%2F&dt=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.conduent.com
date: Sat, 03 Dec 2022 05:36:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-akamai.mookie1.com/adv/mapping.js
184.86.4.81200 OK 1.8 kB URL HTTP/1.1 cdn-akamai.mookie1.com/adv/mapping.js
IP 184.86.4.81:0
Hash c10d6e6e8f258532b288c74c71c35247
f2de11a9e2f589c9aeb4b527d3929d3ae7f0e9f3
509daa47cdf103f866f354e6b3d8399311507a8d9e20eb679d04812b25428c16
GET /adv/mapping.js HTTP/1.1
Host: cdn-akamai.mookie1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "592e363ecdc5bb51b1f59d1604fe5ba9:1669678621.419906"
Last-Modified: Mon, 28 Nov 2022 23:37:01 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86400
Expires: Sun, 04 Dec 2022 05:36:16 GMT
Date: Sat, 03 Dec 2022 05:36:16 GMT
Content-Length: 1760
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
leads-api.gonorth.io/api/v2/external/session/11239/clb7i4una0000289dknc0wnmt?callback=__jp0
104.239.226.241200 OK 4.7 kB URL HTTP/2 leads-api.gonorth.io/api/v2/external/session/11239/clb7i4una0000289dknc0wnmt?callback=__jp0
IP 104.239.226.241:0
File type ASCII text, with very long lines (13060)
Hash 904b86a3db8c7a9025220272543016df
0975082453d6bd14b367dc482488955b62cd338f
f91c5159c1afaf4f609de54d02437d459ba3d4626ba23e4d03f005d28ff5eafd
GET /api/v2/external/session/11239/clb7i4una0000289dknc0wnmt?callback=__jp0 HTTP/1.1
Host: leads-api.gonorth.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-type: application/javascript; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
date: Sat, 03 Dec 2022 05:36:16 GMT
x-ratelimit-limit: 100
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-content-type-options: nosniff
set-cookie: X-Mapping-fjhppofk=52329A96FC29EAA6FE35DA5FDE0D6877; path=/
lead_cd_token=clb7i4una0000289dknc0wnmt; expires=Mon, 18 Oct 2027 05:36:16 GMT; Max-Age=153792000; path=/; secure; httponly; samesite=none
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 97
X-Firefox-Spdy: h2
action.media6degrees.com/orbserv/nsjs?adv=cl1026144&ns=3628&nc=Brand&ncv=42&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
104.18.22.234200 OK 2.2 kB URL HTTP/2 action.media6degrees.com/orbserv/nsjs?adv=cl1026144&ns=3628&nc=Brand&ncv=42&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
IP 104.18.22.234:0
File type ASCII text, with very long lines (7406)
Hash a64c79c39497284be74711b6a9610fcf
6278d578e1f6534b516a43467810edf46ba1c7a2
2130a5f638d545abbcb0cc50dfcd619135aa50e887ca65df2012f08c9948497b
GET /orbserv/nsjs?adv=cl1026144&ns=3628&nc=Brand&ncv=42&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP/1.1
Host: action.media6degrees.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:16 GMT
content-type: text/html;charset=ISO-8859-1
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
content-language: en-US
set-cookie: JSESSIONID=D2C16B51F0A8A66DE0EA63B0474AA0A2; Path=/orbserv/; HttpOnly
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7739f19758570b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=2BF30F91C41D65001F5A1DFEC54A64BB; domain=.bing.com; expires=Thu, 28-Dec-2023 05:36:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0CF57F1D0F0409BA2A9CB99045759C9 Ref B: OSL30EDGE0410 Ref C: 2022-12-03T05:36:16Z
date: Sat, 03 Dec 2022 05:36:16 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 933bd2bc7dd004d74961dfc0878c1d22
8a4f50edb54fea8ffa604f5ca593345341ce15a1
252363badd64d5ec8ad9eb56af41e44bb094d8c80646dd228e90dba5e56c87b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 733
Cache-Control: max-age=167460
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:16 GMT
Etag: "638ac897-1d7"
Expires: Mon, 05 Dec 2022 04:07:16 GMT
Last-Modified: Sat, 03 Dec 2022 03:55:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.23200 OK 1.7 kB IP 192.124.249.23:0
Hash 6df2646f3423eba21631a8f3347dc5d4
944812b4e3748c844262c0d67e25bb6c6a94dbae
3cca579fe838833edf32b6f6c97ce9d125e283d2f71572bcd49ed7d0cf28fdc5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Dec 2022 05:36:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 19:18:30 GMT
Expires: Sat, 03 Dec 2022 19:18:30 GMT
ETag: "944812b4e3748c844262c0d67e25bb6c6a94dbae"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
c1.rfihub.net/js/tc.min.js
54.230.111.77200 OK 6.2 kB URL HTTP/2 c1.rfihub.net/js/tc.min.js
IP 54.230.111.77:0
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6162
date: Sat, 03 Dec 2022 04:50:13 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
expires: Sat, 03 Dec 2022 05:50:13 GMT
last-modified: Sat, 03 Dec 2022 04:50:03 GMT
content-encoding: gzip
server: Jetty(9.3.29.v20201019)
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W1-peUMqrGVvkXe7knsoBpcPgw8n6ZMH2pfZJdGiuo_cVVBehedajw==
age: 2763
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-akamai.mookie1.com/adv/default.js
184.86.4.81200 OK 0 B URL HTTP/1.1 cdn-akamai.mookie1.com/adv/default.js
IP 184.86.4.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adv/default.js HTTP/1.1
Host: cdn-akamai.mookie1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 0
Content-Type: application/x-javascript
ETag: "d41d8cd98f00b204e9800998ecf8427e:1632162627.594044"
Last-Modified: Mon, 20 Sep 2021 18:30:27 GMT
Server: AkamaiNetStorage
Cache-Control: max-age=86400
Expires: Sun, 04 Dec 2022 05:36:16 GMT
Date: Sat, 03 Dec 2022 05:36:16 GMT
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
munchkin.marketo.net/munchkin.js
23.53.51.106200 OK 728 B URL HTTP/1.1 munchkin.marketo.net/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (521)
Hash 51a92d8c69733d719447dea0416ed039
69f4c1e0b7ebba812bc096708d57627927dff265
cb483c0ea4012ac512bcba6204b37622b388c1aefd4ae9028f60abb965f23d29
GET /munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 03 Dec 2022 05:36:16 GMT
Content-Length: 728
Connection: keep-alive
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 04:41:08 GMT
expires: Sat, 03 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 3308
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Sat, 03 Dec 2022 05:36:16 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1621-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Cw86k/eFq8j6EmM496parXZewYXnGQ0siDWl+hA+NwWX3Dk7ie831ycQ7AWf0JG0OvzWrNWianxXXY60UumCkQ==
content-length: 27340
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 05:36:16 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004390576/?random=1670045774751&cv=11&fst=1670045774751&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.conduent.com%2F&tiba=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&auid=511948215.1670045774&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.130200 OK 896 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1004390576/?random=1670045774751&cv=11&fst=1670045774751&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.conduent.com%2F&tiba=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&auid=511948215.1670045774&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (1927), with no line terminators
Hash e0b0ac730a859b0d27a063a989b6706f
0aecb8cb7b7adb273b9c2b8442b2bf5aaa6be963
8a7e4f923071da5271445d7c0caad8cce713c2041badea891a669d79b2d99d9f
GET /pagead/viewthroughconversion/1004390576/?random=1670045774751&cv=11&fst=1670045774751&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.conduent.com%2F&tiba=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&auid=511948215.1670045774&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 05:36:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 896
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 05:51:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 712a436b01cfa6fca9f55bad5982ea96
9b6a5796f2fe23fcdd8893e25c5eff125c554419
3368acb3f374728fb7600dd0fcb9643fce9e5ef0cfcf4b142b9fdfd60591862c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "6389d693-1d7"
Last-Modified: Sat, 03 Dec 2022 03:54:31 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cJ-mJdq4vXSo6b6lEbNWJYFXzwT1epF_3SY_HoMppMPKRLhWNNs1KQ==
Age: 6106
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.gumgum.com/retarget/exposure?id=234&r={RANDOM}>mcb=2082664825
54.72.199.36302 Found 138 B URL HTTP/2 px.gumgum.com/retarget/exposure?id=234&r={RANDOM}>mcb=2082664825
IP 54.72.199.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /retarget/exposure?id=234&r={RANDOM}>mcb=2082664825 HTTP/1.1
Host: px.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 05:36:17 GMT
content-type: text/html
content-length: 138
location: https://px.gumgum.com/retarget/exposure?id=234&r=RANDOM>mcb=2082664825
server: nginx
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c5f3a14f1074341c595f64cbc462f195
5d79a54099488e423104d5bc4bd75b3eb0a8e05f
d0d18873875b681ed34bb4644a1fcde48d57cf90bb7d78997a4f66d286601331
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5045
Cache-Control: max-age=114148
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "6389e780-139"
Expires: Sun, 04 Dec 2022 13:18:45 GMT
Last-Modified: Fri, 02 Dec 2022 11:54:40 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0d3d20a9dfa929e425d2fa7c4bf9443d
2ac59e7b432674bca15d434076ac2b01e7dfcfa5
3e8ee83e28c541bd1cc6fe7180013176199ea403183b02ec4c3ae4ab8e9bc0d4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 02:15:46 GMT
Expires: Wed, 07 Dec 2022 02:15:45 GMT
Etag: "2ac59e7b432674bca15d434076ac2b01e7dfcfa5"
Cache-Control: max-age=332967,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7739f19acf94b506-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e7fa0f0cd8f0f24fe89abd1e0ea50f5b
6981ce391717b75504a6ede63b3aa554ff54c189
0e1d5c4439addf517d34d7f6e1264a099f8d418cb22d767db20ff66c846b97da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Dec 2022 05:36:17 GMT
Last-Modified: Sat, 03 Dec 2022 03:52:10 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lp7Px62vu1zofDAxLw_LTQUP7GiM4owMzPI9nlCOeYIQbkT8Zl-xSg==
Age: 6247
20827134p.rfihub.com/ca.html?ver=9&rb=42737&ca=20827134&_o=42737&_t=20827134&pe=https%3A%2F%2Fwww.conduent.com%2F&pf=&ra=9213171245171061
193.0.160.128200 OK 2.7 kB URL HTTP/1.1 20827134p.rfihub.com/ca.html?ver=9&rb=42737&ca=20827134&_o=42737&_t=20827134&pe=https%3A%2F%2Fwww.conduent.com%2F&pf=&ra=9213171245171061
IP 193.0.160.128:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2660), with no line terminators
Hash 3fe68569cbc30d6d0e0280ec660ea0df
092656f43439d6dd820b021fdcfcf214c5c43092
d3e4bafd3777ed387ccdd0e94a7b2036e05583cadf7d3bb097206aa2e3231f03
GET /ca.html?ver=9&rb=42737&ca=20827134&_o=42737&_t=20827134&pe=https%3A%2F%2Fwww.conduent.com%2F&pf=&ra=9213171245171061 HTTP/1.1
Host: 20827134p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:17 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjUxtzQ0NDQzMRLiM9Q1NUssqfT3DK6IKvcFAMqAHt0lAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:17 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MDcxNrYwMjUxtzQ0NDQzMRLiM9Q1NUssqfT3DK6IKvcFAMqAHt0lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_5vFyGtoZm5gYGJqbm5uaGa0C41_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwvdPGY0_Syo_Fto_E2saOZxo7mHF40vjMp_hMYHAHW4T_cwAQAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:17 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2660
Server: Jetty(9.3.29.v20201019)
leads-api.gonorth.io/api/v2/external/11239/clb7i4una0000289dknc0wnmt/97e3c887-2ee5-4213-92e0-9304f17c2966/visit
104.239.226.241204 No Content 0 B URL HTTP/2 leads-api.gonorth.io/api/v2/external/11239/clb7i4una0000289dknc0wnmt/97e3c887-2ee5-4213-92e0-9304f17c2966/visit
IP 104.239.226.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v2/external/11239/clb7i4una0000289dknc0wnmt/97e3c887-2ee5-4213-92e0-9304f17c2966/visit HTTP/1.1
Host: leads-api.gonorth.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.conduent.com/
Origin: https://www.conduent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
vary: Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
date: Sat, 03 Dec 2022 05:36:17 GMT
access-control-max-age: 0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-content-type-options: nosniff
set-cookie: X-Mapping-fjhppofk=2D50748D8E827F03BFA7D3675F94EB5A; path=/
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST
access-control-allow-headers: content-type
X-Firefox-Spdy: h2
t.co/i/adsct?bci=3&eci=2&event_id=8e278d5e-9fa8-4221-826b-808a86d922cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ab0e3bd6-e662-4cb9-bca0-c2b96c363f0b&tw_document_href=https%3A%2F%2Fwww.conduent.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1aa&type=javascript&version=2.3.29
104.244.42.133200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=8e278d5e-9fa8-4221-826b-808a86d922cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ab0e3bd6-e662-4cb9-bca0-c2b96c363f0b&tw_document_href=https%3A%2F%2Fwww.conduent.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1aa&type=javascript&version=2.3.29
IP 104.244.42.133:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=8e278d5e-9fa8-4221-826b-808a86d922cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ab0e3bd6-e662-4cb9-bca0-c2b96c363f0b&tw_document_href=https%3A%2F%2Fwww.conduent.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1aa&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:16 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=2a55c690-a9ec-48fb-8644-0e2ebb721bea; Max-Age=63072000; Expires=Mon, 02 Dec 2024 05:36:17 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 03d063bec60a1786
strict-transport-security: max-age=0
x-response-time: 103
x-connection-hash: ae33b0e7072945afc93e1842fc2b4c9f1cd2d778166d20ae8376492b65ddcab2
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 283 B IP 172.64.155.188:0
Hash c374fe1bccd0c59a0e0652c3b7d1d75f
1ebe665f727d32d42788e1de267f9f6b1ce68b5e
18106463d8cb7ea7effec1253228c9bf64a20a1a3b11762ec7e90811f4b30697
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 283
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 16:09:12 GMT
Expires: Fri, 09 Dec 2022 16:09:11 GMT
Etag: "1ebe665f727d32d42788e1de267f9f6b1ce68b5e"
Cache-Control: max-age=555773,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7739f19c5828b506-OSL
munchkin.marketo.net/162/munchkin.js
23.53.51.106200 OK 4.7 kB URL HTTP/1.1 munchkin.marketo.net/162/munchkin.js
IP 23.53.51.106:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (606)
Hash 3e9baed982956735f6e0a0e756d97ed9
9223be6a494a10959101a7942419df7b05b84d73
930a508ed0ea6b4861d19c0738360182514010913c4ebfe9352064ae5006f8a1
GET /162/munchkin.js HTTP/1.1
Host: munchkin.marketo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=8640000
Expires: Mon, 13 Mar 2023 05:36:17 GMT
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Length: 4677
Connection: keep-alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
bat.bing.com/action/0?ti=26078040&Ver=2&mid=88b6c6c9-4200-4ddd-ad81-00bb035ad6bf&sid=6748418072cc11edb9714d6ede5b0ea2&vid=674829a072cc11edae2377d8085d258a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&p=https%3A%2F%2Fwww.conduent.com%2F&r=<=2710&evt=pageLoad&sv=1&rn=599860
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=26078040&Ver=2&mid=88b6c6c9-4200-4ddd-ad81-00bb035ad6bf&sid=6748418072cc11edb9714d6ede5b0ea2&vid=674829a072cc11edae2377d8085d258a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&p=https%3A%2F%2Fwww.conduent.com%2F&r=<=2710&evt=pageLoad&sv=1&rn=599860
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=26078040&Ver=2&mid=88b6c6c9-4200-4ddd-ad81-00bb035ad6bf&sid=6748418072cc11edb9714d6ede5b0ea2&vid=674829a072cc11edae2377d8085d258a&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&p=https%3A%2F%2Fwww.conduent.com%2F&r=<=2710&evt=pageLoad&sv=1&rn=599860 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=127C30B452C265A106BC22DB5395649B; domain=.bing.com; expires=Thu, 28-Dec-2023 05:36:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 724D264AAC9D48C7AB95F6E9C185C103 Ref B: OSL30EDGE0410 Ref C: 2022-12-03T05:36:17Z
date: Sat, 03 Dec 2022 05:36:17 GMT
X-Firefox-Spdy: h2
px.gumgum.com/retarget/exposure?id=234&r=RANDOM>mcb=2082664825
54.72.199.36200 OK 35 B URL HTTP/2 px.gumgum.com/retarget/exposure?id=234&r=RANDOM>mcb=2082664825
IP 54.72.199.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /retarget/exposure?id=234&r=RANDOM>mcb=2082664825 HTTP/1.1
Host: px.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:17 GMT
content-type: image/gif;charset=UTF-8
content-length: 35
server: nginx
set-cookie: vst=e_21e54369-8b15-4fe4-b6c7-3fa7faf34ea3; Domain=.gumgum.com; Expires=Sun, 03-Dec-2023 05:36:17 GMT; Path=/; Secure; SameSite=None
cache-control: private, no-store, must-revalidate, max-age=0
expires: 0
pragma: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
bat.bing.com/p/action/26078040.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/26078040.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/26078040.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3329581748C1635B24FB4A784996620E; domain=.bing.com; expires=Thu, 28-Dec-2023 05:36:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DC21DF2EB934D8F9BFE67A5599648A8 Ref B: OSL30EDGE0410 Ref C: 2022-12-03T05:36:17Z
date: Sat, 03 Dec 2022 05:36:17 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 48f17461f6e4d47a102f0e44e1c9fcb5
78292d6ea56f839b9d34e1faa5cd40d027430a26
8bb57fe676f2ffb49425c7f1ee09f6cfb4c2b60dbe4e79400586c2cd3f1ba2a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5442
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Last-Modified: Sat, 03 Dec 2022 04:05:35 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 313
www.google.com/pagead/1p-user-list/1004390576/?random=1670045774751&cv=11&fst=1670043600000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.conduent.com%2F&tiba=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2699891490&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1004390576/?random=1670045774751&cv=11&fst=1670043600000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.conduent.com%2F&tiba=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2699891490&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1004390576/?random=1670045774751&cv=11&fst=1670043600000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.conduent.com%2F&tiba=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2699891490&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 05:36:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.conduent.com/c-Pealogge-nor-there-that-ith-Byrnane-fore-and-y?d=www.conduent.com
107.154.76.43200 OK 1.2 kB URL HTTP/2 www.conduent.com/c-Pealogge-nor-there-that-ith-Byrnane-fore-and-y?d=www.conduent.com
IP 107.154.76.43:0
Hash 7000e8b4c38f0380ae1e198095effbba
f8c07140b99719035c0bcaa410aa7f1d1491fa37
c69bac8bbf5e61731e4449f0464e120ec1f61ba280a83e7aa37c89c54b299e51
POST /c-Pealogge-nor-there-that-ith-Byrnane-fore-and-y?d=www.conduent.com HTTP/1.1
Host: www.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json; charset=utf-8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Content-Type: text/plain; charset=utf-8
Origin: https://www.conduent.com
Content-Length: 22236
Connection: keep-alive
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=8tSkVElejDdh5B7sct2X1QAAAAA6FHjlpUgEyXRQ5kG2vPfs; __atuvc=1%7C48; __atuvs=638ae04d97c2ac75000; wp-wpml_current_language=en; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.2.806545584.1670045774; notice_behavior=implied,eu; _hjSessionUser_759017=eyJpZCI6IjE1MjE4MzI1LWQ2OWYtNTNlZi1iOWFlLWY3MzA2MTgyYTljZiIsImNyZWF0ZWQiOjE2NzAwNDU3NzM5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=1; _hjSession_759017=eyJpZCI6ImViYzcxZjViLTQxZjEtNGNmZS04ZTU5LTU1OTlmMTllYzRkOCIsImNyZWF0ZWQiOjE2NzAwNDU3NzQ0MDIsImluU2FtcGxlIjp0cnVlfQ==; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _uetsid=6748418072cc11edb9714d6ede5b0ea2; _uetvid=674829a072cc11edae2377d8085d258a; _gid=GA1.2.1454843452.1670045775; _gat_UA-86857159-2=1; _gat_UA-86857159-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store
access-control-allow-origin: *
server-timing: bon, total;dur=10.633307
server: bon
date: Sat, 03 Dec 2022 05:36:16 GMT
set-cookie: nlbi_2044933_2147483392=oHUbS9PF6gvv4Rebct2X1QAAAADK6n4mYNwwW/FDkVTG9sVG; path=/; Domain=.conduent.com; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
x-iinfo: 14-158022702-158022734 PNYN RT(1670045773151 3595) q(0 0 0 -1) r(0 0) U6
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 0d708a7e3e84fafa0ecec165571812b6
37985aa20d4129438bd6b5c582a2d16eadb78dc9
e6dc0065c26e6442af981b132b8085b8c6939dfdc592868ce086c6638630b46c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Dec 2022 05:36:17 GMT
Last-Modified: Sat, 03 Dec 2022 04:08:48 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DYD5fW47TRPSWew7KQioMsOXHSBb-pnjUpUubvAyBxtp5BlSeVuCHQ==
Age: 5250
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34451%2C809802&time=1670045774983&url=https%3A%2F%2Fwww.conduent.com%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34451%2C809802&time=1670045774983&url=https%3A%2F%2Fwww.conduent.com%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34451%2C809802&time=1670045774983&url=https%3A%2F%2Fwww.conduent.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34451%252C809802%26time%3D1670045774983%26url%3Dhttps%253A%252F%252Fwww.conduent.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLbrcYftIdwHAAAAYTWfD5lNONykUppwchqDE7d5XhFg4oHDFKptAUstI_FpH3vPtu7XUIsW2e6Mw; Max-Age=2592000; Expires=Mon, 02 Jan 2023 05:36:17 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKOYqEkwo1u3gAAAYTWfD5mPsI-eD0FfSzEtC9JfIa3JMhdohsRJ595sR_KWeBfikTXPMJXGW__xMyUwFuj3A; Max-Age=2592000; Expires=Mon, 02 Jan 2023 05:36:17 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&631ac9aa-d90f-44cf-8648-c12453727d7f"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 03-Dec-2023 05:36:17 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1670045777:t=1670132177:v=2:sig=AQGEspsK0iVn_LdP7SP1wZ3lQEcEcX3_"; Expires=Sun, 04 Dec 2022 05:36:17 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXu5dVToZWeRyFZEGOFhg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 863E13F1E00A40238589AB41BE7FCCA1 Ref B: OSL30EDGE0314 Ref C: 2022-12-03T05:36:17Z
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5bc03b4995299a6a2777604a4d461631
c9de39bb466bfb8f885bae78849b7049389e3483
a8155ab40b718c91379d3a995b89adb27a9044c6f48d0033bfe797e5d9f1437b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 13:42:55 GMT
Expires: Wed, 07 Dec 2022 13:42:54 GMT
Etag: "c9de39bb466bfb8f885bae78849b7049389e3483"
Cache-Control: max-age=374196,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7739f19d187cb506-OSL
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8e278d5e-9fa8-4221-826b-808a86d922cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ab0e3bd6-e662-4cb9-bca0-c2b96c363f0b&tw_document_href=https%3A%2F%2Fwww.conduent.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1aa&type=javascript&version=2.3.29
104.244.42.3200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=8e278d5e-9fa8-4221-826b-808a86d922cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ab0e3bd6-e662-4cb9-bca0-c2b96c363f0b&tw_document_href=https%3A%2F%2Fwww.conduent.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1aa&type=javascript&version=2.3.29
IP 104.244.42.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=8e278d5e-9fa8-4221-826b-808a86d922cb&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ab0e3bd6-e662-4cb9-bca0-c2b96c363f0b&tw_document_href=https%3A%2F%2Fwww.conduent.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1aa&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:16 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_ErQqPBUS2MF97tDe58KvRg=="; Max-Age=63072000; Expires=Mon, 02 Dec 2024 05:36:17 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: a0714362a6bc5e42
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: b435107927d3383db4f5f1e0de7b817f30b482af3b0640366115372256a191a3
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 600360be2d67e8ed12cd84ef52f2e949
fe4ad303463250cc89bd41f80f037d5df2dc77c2
0b2d84cc7e3baab364200762004106d5fabdd5c6fad2e889d502e801f49b12f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5897
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Last-Modified: Sat, 03 Dec 2022 03:58:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=606285636477965&ev=PageView&dl=https%3A%2F%2Fwww.conduent.com%2F&rl=&if=false&ts=1670045775603&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670045775601.1521589569&it=1670045775109&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=606285636477965&ev=PageView&dl=https%3A%2F%2Fwww.conduent.com%2F&rl=&if=false&ts=1670045775603&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670045775601.1521589569&it=1670045775109&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=606285636477965&ev=PageView&dl=https%3A%2F%2Fwww.conduent.com%2F&rl=&if=false&ts=1670045775603&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670045775601.1521589569&it=1670045775109&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Dec 2022 05:36:17 GMT
X-Firefox-Spdy: h2
bpi.rtactivate.com/tag/?id=11017&user_id=5107433825479111642
3.218.77.41200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5107433825479111642
IP 3.218.77.41:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5107433825479111642 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Sat, 03 Dec 2022 05:36:17 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
tag.demandbase.com/9ecadb2a.min.js
143.204.55.67200 OK 20 kB URL HTTP/2 tag.demandbase.com/9ecadb2a.min.js
IP 143.204.55.67:0
File type ASCII text, with very long lines (31940)
Hash 733ca7033347ff98c84d0848d05b3510
78b6051e6c14c0931c6b4b75946d67ad9fde808b
106ceb9e2e03d522410a1bb86fbce340166cf2b8cdd767ec28c610f48ff081c7
GET /9ecadb2a.min.js HTTP/1.1
Host: tag.demandbase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Wed, 26 Oct 2022 08:42:22 GMT
x-amz-version-id: KqB8txhCKDhjxMYSpRRm_EYWHgXaAZF1
server: AmazonS3
content-encoding: gzip
date: Sat, 03 Dec 2022 05:35:29 GMT
cache-control: public, max-age=3600
etag: W/"3ad547dc031eb26f8392be4044037423"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hEctaze6SSAo1JPpB9hD5aT3t2wBZ6-NAIZX3LqU4c2g5LKuO8LNww==
age: 3057
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash fb4f700b81249ed87eb01c16147b2877
0a8546cbf4996c905d13616df00a1b3c3800d571
e4a8178494ae731309459a7098680918e0fa6b64033e97a26387f9cfb6161313
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113889
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "6389e1e2-1d7"
Expires: Sun, 04 Dec 2022 13:14:26 GMT
Last-Modified: Fri, 02 Dec 2022 11:30:42 GMT
Server: ECS (nyb/1DCD)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xDsJRNZkdjGdZ2Y45AntMniZO_mCPQ5ja6ldzU1HyUMEQPHZ0CnPcg==
Age: 6224
www.facebook.com/tr/?id=689393647929167&ev=PageView&dl=https%3A%2F%2Fwww.conduent.com%2F&rl=&if=false&ts=1670045775713&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670045775601.1521589569&it=1670045775109&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=689393647929167&ev=PageView&dl=https%3A%2F%2Fwww.conduent.com%2F&rl=&if=false&ts=1670045775713&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670045775601.1521589569&it=1670045775109&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=689393647929167&ev=PageView&dl=https%3A%2F%2Fwww.conduent.com%2F&rl=&if=false&ts=1670045775713&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670045775601.1521589569&it=1670045775109&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Dec 2022 05:36:17 GMT
X-Firefox-Spdy: h2
idsync.rlcdn.com/360947.gif?partner_uid=5107433825479111642
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5107433825479111642
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5107433825479111642 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=tqEoxWLwkyjEz+7znOZe/vpUAs1aRhIhPrRveoM7lpE=; Path=/; Domain=rlcdn.com; Expires=Sun, 03 Dec 2023 05:36:17 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Wed, 01 Feb 2023 05:36:17 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5107433825479111642
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5107433825479111642
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5107433825479111642 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3130473773580265000V10; Expires=Sun, 03 Dec 2023 05:36:17 GMT; domain=.media.net; Path=/;
data-rk=5107433825479111642~~3;Expires=Sat, 02 Dec 2023 05:36:17 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sat, 03 Dec 2022 05:36:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 03 Dec 2022 05:36:17 GMT
X-Firefox-Spdy: h2
match.prod.bidr.io/cookie-sync/demandbase
52.30.216.14303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/demandbase
IP 52.30.216.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/demandbase HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 03 Dec 2022 05:36:17 GMT
location: https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 03 Dec 2022 05:46:17 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34451%252C809802%26time%3D1670045774983%26url%3Dhttps%253A%252F%252Fwww.conduent.com%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34451%252C809802%26time%3D1670045774983%26url%3Dhttps%253A%252F%252Fwww.conduent.com%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34451%252C809802%26time%3D1670045774983%26url%3Dhttps%253A%252F%252Fwww.conduent.com%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34451%2C809802&time=1670045774983&url=https%3A%2F%2Fwww.conduent.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&2ee47275-1ef0-454f-8fe1-4432c546feb3"; Domain=.linkedin.com; Expires=Sun, 03-Dec-2023 05:36:17 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221203053617d7a1be55-9bb3-4a3a-8789-d8316c2f6ee7AQEvw9jA8uvpW4bTD7kFPaB00_eeHteC"; Domain=.www.linkedin.com; Expires=Sun, 03-Dec-2023 05:36:17 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzAwNDU3Nzc7MjswMjGpEZ9JV5JH1KKQRwcfantl7vET0lUBa9j5G3Cu9C/Syg==; Domain=.linkedin.com; Expires=Thu, 01 Jun 2023 05:36:17 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2386:u=1:x=1:i=1670045777:t=1670132177:v=2:sig=AQFMQ66l_6RZW1Vvw0RFyt8qRdsHiAoB"; Expires=Sun, 04 Dec 2022 05:36:17 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXu5dVWgWky9P0UvHjNww==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B43E483CE8834A64AC9CAA222E6BF0BC Ref B: OSL30EDGE0314 Ref C: 2022-12-03T05:36:17Z
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 7825019b0137a6e0718bf88526ac580b
ea59a401eeb11c4b8f6e4f7d4d672113f649f3aa
43e8cd4d86e137c11637305edc1b322fead5fafbd4cc1a2f68faaf767da4cfd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4405
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "63899ba5-2d7"
Last-Modified: Sat, 03 Dec 2022 04:22:53 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 727
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5107433825479111642
23.38.201.22200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5107433825479111642
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5107433825479111642 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Sat, 03 Dec 2022 05:36:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sat, 03 Dec 2022 05:36:17 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgyNTQ3OTExMTY0Mg==&forward=
142.250.74.34302 Found 369 B URL HTTP/2 cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgyNTQ3OTExMTY0Mg==&forward=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 81658e23d6013f6f36240701ff6db176
2ff9598d7b2472c9e4164fa906c3597307102291
66aab1cac758a15c4d59be0ed9f66a08e714a168953a6ce52d665e26e571a79f
GET /pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgyNTQ3OTExMTY0Mg==&forward= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgyNTQ3OTExMTY0Mg==&forward=&google_tc=
date: Sat, 03 Dec 2022 05:36:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 369
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 05:51:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
52.30.216.14303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
IP 52.30.216.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/demandbase?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 03 Dec 2022 05:36:17 GMT
location: https://segments.company-target.com/log?vendor=choca&user_id=
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8e3d315810f86282f246b99c5efd320
f29235b75edbd1366dfae79b49185ff8fb3385d2
212ac32b342e44bc8d0740156a60641a0ec352328f0845d8d8babc47de89eabe
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6293
Cache-Control: max-age=126207
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "638a11bb-1d7"
Expires: Sun, 04 Dec 2022 16:39:44 GMT
Last-Modified: Fri, 02 Dec 2022 14:54:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
p.rfihub.com/cm?pub=39342&in=0&userid=c918fb15-ce7a-4c3c-8b90-78a094eb8619%3A1670045775.9208848&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc918fb15-ce7a-4c3c-8b90-78a094eb8619%253A1670045775.9208848
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=c918fb15-ce7a-4c3c-8b90-78a094eb8619%3A1670045775.9208848&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc918fb15-ce7a-4c3c-8b90-78a094eb8619%253A1670045775.9208848
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=c918fb15-ce7a-4c3c-8b90-78a094eb8619%3A1670045775.9208848&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc918fb15-ce7a-4c3c-8b90-78a094eb8619%253A1670045775.9208848 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 03 Dec 2022 05:36:17 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: ruds=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1AhLGRgbmRpYmQnyGuoUVQTk5lqUhYaElIQACjy2YJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_z3IwRGAMAgEwAp8pQ4cUMgddpMwsSCfVuvPfe7TUGm8p4XUwhCvs4QzVcCh6WuyW17WoeoBxJ6Hks63bX-CjA9-9VxhSgAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:17 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1AhLGRgbmRpYmQnyGuoUVQTk5lqUhYaElIQACjy2YJQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:17 GMT; Secure; SameSite=None
euds=H4sIAAAAAAAA_wXBwRGAMAgEwI_t4ECE3GE3gYmFWHl2_wudxq8spDeWeD8trFQBl6bv4rR8bULVA4g7h5LOAzpi4RA6AAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=c918fb15-ce7a-4c3c-8b90-78a094eb8619%3A1670045775.9208848
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=591030,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7739f19f995eb506-OSL
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7248e1dacafd3d9f50bd21ca11f2ce94
a573e4caa15e0d8411fa279b7e4bb7774e63e95f
dfe6f32c6acc58306d9e61008bebf9e678d12e73c1568ed6798a8180496a21c0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6282
Cache-Control: max-age=159688
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "638a948f-1d7"
Expires: Mon, 05 Dec 2022 01:57:45 GMT
Last-Modified: Sat, 03 Dec 2022 00:13:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5107433825479111642
3.67.155.142200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5107433825479111642
IP 3.67.155.142:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5107433825479111642 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:17 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 9d0d08cf31d21f51a929409613787a21
b07e95c52e89fb6a190849038ae913c238cfca10
93ded5878775091a280371e085e8676a1c37aca37f294583681ad973824deae1
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 22:06:49 GMT
Expires: Sat, 03 Dec 2022 22:06:49 GMT
ETag: "b07e95c52e89fb6a190849038ae913c238cfca10"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgyNTQ3OTExMTY0Mg==&forward=&google_tc=
142.250.74.34302 Found 269 B URL HTTP/2 cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgyNTQ3OTExMTY0Mg==&forward=&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2ac1f21e70e438c7e2193d02ee7e9be0
f9a11bb626bad146751fc166f96b91f6aeae7eab
de4a04a623ca095cd229a54edeb3120d9dc94d227198b75cb9a0a69677ed7c85
GET /pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwNzQzMzgyNTQ3OTExMTY0Mg==&forward=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
date: Sat, 03 Dec 2022 05:36:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 077f72eab5920d6c9bfba94fe1cac33b
0c34a9744f1980ecfba346331eca96276e29fc4b
ca64530213aaeb90c606f7b96f5e5c47390abbb945eaf7b9193f647750a5cf8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5714
Cache-Control: max-age=115202
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "6389e901-1d7"
Expires: Sun, 04 Dec 2022 13:36:19 GMT
Last-Modified: Fri, 02 Dec 2022 12:01:05 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
us-u.openx.net/w/1.0/sd?id=537073062&val=5107433825479111642&r=
34.98.64.218200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537073062&val=5107433825479111642&r=
IP 34.98.64.218:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537073062&val=5107433825479111642&r= HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 03 Dec 2022 05:36:17 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=119&user_id=5107433825479111642&expires=30
52.57.148.231302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=119&user_id=5107433825479111642&expires=30
IP 52.57.148.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=119&user_id=5107433825479111642&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5107433825479111642&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=ca531ed9-1a2c-4830-a1a1-cfadf64cb759; path=/; expires=Sun, 03-Dec-2023 05:36:17 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670045777; path=/; expires=Sun, 03-Dec-2023 05:36:17 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670045777; path=/; expires=Sun, 03-Dec-2023 05:36:17 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670045777; path=/; expires=Sun, 03-Dec-2023 05:36:17 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a38fe499fbc9d7b6560e992b497afb28
a3e542e6ca157422916ed33bb58e756e31381ac2
f7a4731734b5145ca3fc3d39b043e8c0fd75fab059f8bb24151438e06dfa7658
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6042
Cache-Control: max-age=94280
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "638995ff-1d7"
Expires: Sun, 04 Dec 2022 07:47:37 GMT
Last-Modified: Fri, 02 Dec 2022 06:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
idsync.rlcdn.com/501709.gif?partner_uid=c918fb15-ce7a-4c3c-8b90-78a094eb8619%3A1670045775.9208848
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/501709.gif?partner_uid=c918fb15-ce7a-4c3c-8b90-78a094eb8619%3A1670045775.9208848
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /501709.gif?partner_uid=c918fb15-ce7a-4c3c-8b90-78a094eb8619%3A1670045775.9208848 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjOTE4ZmIxNS1jZTdhLTRjM2MtOGI5MC03OGEwOTRlYjg2MTk6MTY3MDA0NTc3NS45MjA4ODQ4EAAaDQjRwKucBhIFCOgHEABCAEoA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Wed, 01 Feb 2023 05:36:17 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5107433825479111642&img=1
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5107433825479111642&img=1
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5107433825479111642&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=69072377-72cc-11ed-b5dd-12c786060506; expires=Sat, 31-Dec-2022 05:36:17 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5107433825479111642&img=1&__user_check__=1&sync_id=690723d3-72cc-11ed-b5dd-12c786060506
X-fe: 69
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
p.rfihub.com/cm?pub=24472&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Sat, 03 Dec 2022 05:36:17 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjG0sDAwMjcxsRTiM9R1cvXz8_C3TMsoj3cFAHH4HEklAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:17 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0Mja0NDMxMjG0sDAwMjcxsRTiM9R1cvXz8_C3TMsoj3cFAHH4HEklAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_7vFwmtoZm5gYGJqbm5uaWwMADrkHSsQAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:17 GMT; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5123196424188027449&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433825479111642&forward=
185.80.36.245302 Found 0 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433825479111642&forward=
IP 185.80.36.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5107433825479111642&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 03 Dec 2022 05:36:17 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=57&external_user_id=5107433825479111642&forward=&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y4rgUTCZtWh-xqH.tmOfbgAA; Path=/; Domain=casalemedia.com; Expires=Sun, 03 Dec 2023 05:36:17 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4345; Path=/; Domain=casalemedia.com; Expires=Fri, 03 Mar 2023 05:36:17 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4345; Path=/; Domain=casalemedia.com; Expires=Fri, 03 Mar 2023 05:36:17 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
ib.adnxs.com/setuid?entity=18&code=5107433825479111642
37.252.171.85307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5107433825479111642
IP 37.252.171.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5107433825479111642 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433825479111642
AN-X-Request-Uuid: 3a633afc-da56-4a2b-8b77-ee132a2f19f8
Set-Cookie: uuid2=5718529747663310816; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Mar-2023 05:36:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86857159-1&cid=806545584.1670045774&jid=592176452&gjid=708699605&_gid=1454843452.1670045775&_u=YCDACEABBAAAACAAI~&z=677802145
108.177.14.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86857159-1&cid=806545584.1670045774&jid=592176452&gjid=708699605&_gid=1454843452.1670045775&_u=YCDACEABBAAAACAAI~&z=677802145
IP 108.177.14.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86857159-1&cid=806545584.1670045774&jid=592176452&gjid=708699605&_gid=1454843452.1670045775&_u=YCDACEABBAAAACAAI~&z=677802145 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.conduent.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 05:36:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
151.101.2.49302 Found 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP 151.101.2.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~Y4rgUQAAjyrd1AAe; Path=/; Domain=.everesttech.net; Expires=Sun, 03-Dec-2023 05:36:17 GMT; Max-Age=31536000
location: https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y4rgUQAAjyrd1AAe
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sat, 03 Dec 2022 05:36:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670045778.878263,VS0,VE92
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5107433825479111642&expires=30
52.57.148.231200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5107433825479111642&expires=30
IP 52.57.148.231:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=119&user_id=5107433825479111642&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:17 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5bc03b4995299a6a2777604a4d461631
c9de39bb466bfb8f885bae78849b7049389e3483
a8155ab40b718c91379d3a995b89adb27a9044c6f48d0033bfe797e5d9f1437b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 13:42:55 GMT
Expires: Wed, 07 Dec 2022 13:42:54 GMT
Etag: "c9de39bb466bfb8f885bae78849b7049389e3483"
Cache-Control: max-age=374196,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7739f1a00978b506-OSL
250-kmw-698.mktoresp.com/webevents/visitWebPage?_mchNc=1670045775442&_mchCn=&_mchId=250-KMW-698&_mchTk=_mch-conduent.com-1670045775442-92686&_mchHo=www.conduent.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
192.28.144.124200 OK 28 B URL HTTP/1.1 250-kmw-698.mktoresp.com/webevents/visitWebPage?_mchNc=1670045775442&_mchCn=&_mchId=250-KMW-698&_mchTk=_mch-conduent.com-1670045775442-92686&_mchHo=www.conduent.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
IP 192.28.144.124:0
File type ASCII text, with no line terminators
Hash 9dafc521bd59955b4986f0fc3777f77a
5a572b4730d4a2bce2fa35597a0993c649f26c74
e4e90a7b8bacdfe395361149a9fd42f9192b68bdf1497e4454d0ab4c4917f746
POST /webevents/visitWebPage?_mchNc=1670045775442&_mchCn=&_mchId=250-KMW-698&_mchTk=_mch-conduent.com-1670045775442-92686&_mchHo=www.conduent.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp= HTTP/1.1
Host: 250-kmw-698.mktoresp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-Id: 85f5b32b-9bc1-4569-a751-522fe70429a6
Content-Encoding: gzip
Access-Control-Allow-Origin: *
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5107433825479111642
34.252.137.225204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5107433825479111642
IP 34.252.137.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5107433825479111642 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 05:36:17 GMT
set-cookie: _kuid_=PPC4C78e; Expires=Thu, 01-Jun-23 05:36:15 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n019-dub-prod.krxd.net
x-request-time: D=28 t=1670045775
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8e3d315810f86282f246b99c5efd320
f29235b75edbd1366dfae79b49185ff8fb3385d2
212ac32b342e44bc8d0740156a60641a0ec352328f0845d8d8babc47de89eabe
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6305
Cache-Control: max-age=126219
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 05:36:17 GMT
Etag: "638a11bb-1d7"
Expires: Sun, 04 Dec 2022 16:39:56 GMT
Last-Modified: Fri, 02 Dec 2022 14:54:51 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86857159-2&cid=806545584.1670045774&jid=1992681974&gjid=938147008&_gid=1454843452.1670045775&_u=YADAAEAAAAAAACAAI~&z=1175747192
108.177.14.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86857159-2&cid=806545584.1670045774&jid=1992681974&gjid=938147008&_gid=1454843452.1670045775&_u=YADAAEAAAAAAACAAI~&z=1175747192
IP 108.177.14.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86857159-2&cid=806545584.1670045774&jid=1992681974&gjid=938147008&_gid=1454843452.1670045775&_u=YADAAEAAAAAAACAAI~&z=1175747192 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.conduent.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 05:36:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 90b00720e2564fdea30130b45cc33aef
afd79bee9cc2d02d596b3ba7a747df7323049440
d04e8393d607dfdf1aecca050889a18a91026fe68dfc059fbe21fd8e8a735eea
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 19:20:00 GMT
Expires: Sat, 03 Dec 2022 19:20:00 GMT
ETag: "afd79bee9cc2d02d596b3ba7a747df7323049440"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
sync.search.spotxchange.com/partner?adv_id=7180&uid=5107433825479111642&img=1&__user_check__=1&sync_id=690723d3-72cc-11ed-b5dd-12c786060506
185.94.180.125200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5107433825479111642&img=1&__user_check__=1&sync_id=690723d3-72cc-11ed-b5dd-12c786060506
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5107433825479111642&img=1&__user_check__=1&sync_id=690723d3-72cc-11ed-b5dd-12c786060506 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=690f6e96-72cc-11ed-87bf-175cf56a0306; expires=Sat, 31-Dec-2022 05:36:17 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 24
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433825479111642&forward=&C=1
185.80.36.245200 OK 43 B URL HTTP/1.1 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5107433825479111642&forward=&C=1
IP 185.80.36.245:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=57&external_user_id=5107433825479111642&forward=&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:17 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
Pragma: no-cache
Content-Length: 43
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y4rgUQAAjyrd1AAe
151.101.2.49200 OK 85 B URL HTTP/2 sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y4rgUQAAjyrd1AAe
IP 151.101.2.49:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 5bec6606b8392065f9da9898ca6f7b14
73ac5b01b5e3293fb792179626e7f8369cdb944d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
GET /ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y4rgUQAAjyrd1AAe HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Sat, 03 Dec 2022 05:36:17 GMT
via: 1.1 varnish
age: 2790
x-served-by: cache-bma1631-BMA
x-cache: HIT
x-cache-hits: 1860
x-timer: S1670045778.997029,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433825479111642
37.252.171.85200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433825479111642
IP 37.252.171.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5107433825479111642 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 05:36:17 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: b4c9ce86-f097-4e04-8641-590526161e21
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2GUesgRd>!@wnfH8KAM.xpH^Gmi[pHMVIzD>].cHN@hyFT*c!I>Pf26Kb@>!AXTO:4=sB!$LGc$qow-; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Mar-2023 05:36:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjOTE4ZmIxNS1jZTdhLTRjM2MtOGI5MC03OGEwOTRlYjg2MTk6MTY3MDA0NTc3NS45MjA4ODQ4EAAaDQjRwKucBhIFCOgHEABCAEoA
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdjOTE4ZmIxNS1jZTdhLTRjM2MtOGI5MC03OGEwOTRlYjg2MTk6MTY3MDA0NTc3NS45MjA4ODQ4EAAaDQjRwKucBhIFCOgHEABCAEoA
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CM3PHhJBCj0IARAFGjdjOTE4ZmIxNS1jZTdhLTRjM2MtOGI5MC03OGEwOTRlYjg2MTk6MTY3MDA0NTc3NS45MjA4ODQ4EAAaDQjRwKucBhIFCOgHEABCAEoA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CNHAq5wGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Wed, 01 Feb 2023 05:36:17 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433825479111642&redir=
52.213.64.117302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5107433825479111642&redir=
IP 52.213.64.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5107433825479111642&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433825479111642&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=74771566149882527332817102715484668056; Max-Age=15552000; Expires=Thu, 01 Jun 2023 05:36:17 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yiZau3sNSIA=
Content-Length: 0
Connection: keep-alive
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34451%2C809802&time=1670045774983&url=https%3A%2F%2Fwww.conduent.com%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34451%2C809802&time=1670045774983&url=https%3A%2F%2Fwww.conduent.com%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34451%2C809802&time=1670045774983&url=https%3A%2F%2Fwww.conduent.com%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&179942c8-ce8e-4a84-829a-28588fa306f6"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 03-Dec-2023 05:36:17 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2427:u=1:x=1:i=1670045777:t=1670132177:v=2:sig=AQGEspsK0iVn_LdP7SP1wZ3lQEcEcX3_"; Expires=Sun, 04 Dec 2022 05:36:17 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXu5dVaTq4mG/vh5Dhtfg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7DE6987768F544A584A8C54B381DFB5B Ref B: OSL30EDGE0314 Ref C: 2022-12-03T05:36:17Z
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 0
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d16&uid=5107433825479111642
3.71.169.66204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d16&uid=5107433825479111642
IP 3.71.169.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d16&uid=5107433825479111642 HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sat, 03 Dec 2022 05:36:17 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 11f15b60eab5048cff853e0257e50f38
944eb2d1e1fe818f03fa5bce53d025f015d8aaf8
1876770dc7dfd62bcc444d543502cb50ea64e8e66c44fc506920c1e7c7937911
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 09:01:05 GMT
Expires: Wed, 07 Dec 2022 09:01:04 GMT
Etag: "944eb2d1e1fe818f03fa5bce53d025f015d8aaf8"
Cache-Control: max-age=602429,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1179
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7739f1a0d9450b06-OSL
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433825479111642&redir=
52.213.64.117200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433825479111642&redir=
IP 52.213.64.117:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5107433825479111642&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0492369ce.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: gRlX/d0DSnQ=
Content-Length: 59
Connection: keep-alive
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
193.0.160.128200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP 193.0.160.128:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:18 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjWwNDYzNbe0MBbiM9Qt9TMu0k0ycUz08y0DAJY4MRolAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:18 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjWwNDYzNbe0MBbiM9Qt9TMu0k0ycUz08y0DAJY4MRolAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_-NicjUO4jU0MzcwMDE1N7cwMDMBAN2LgmwTAAAA; Path=/; Domain=.rfihub.com; Expires=Thu, 28 Dec 2023 05:36:18 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
ps.eyeota.net/match?uid=5123196424188027449&bid=omt9pi0
3.125.70.222200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5123196424188027449&bid=omt9pi0
IP 3.125.70.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5123196424188027449&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20827134p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=24385~DM; Domain=eyeota.net; Path=/; Expires=Sat, 03 Dec 2022 05:46:18 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Sat, 03 Dec 2022 05:36:18 GMT
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 65b6e83c9cef41c312b3139d3b2514c4
04cc6429df7a02c9de47b07513dae643b5b0f911
6301ef8cf37410e579b623326e81766070ac7c9ef40a03b968577637a914490b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134524
Date: Sat, 03 Dec 2022 05:36:18 GMT
Etag: "638a3234-1d7"
Expires: Sun, 04 Dec 2022 18:58:22 GMT
Last-Modified: Fri, 02 Dec 2022 17:13:24 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 95gAzh43v2If8oeDuHo03u9sQuv5OPwjI4SmFc_zOSWzuMGhs_B4MA==
Age: 6298
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5bc03b4995299a6a2777604a4d461631
c9de39bb466bfb8f885bae78849b7049389e3483
a8155ab40b718c91379d3a995b89adb27a9044c6f48d0033bfe797e5d9f1437b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 05:36:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 13:42:55 GMT
Expires: Wed, 07 Dec 2022 13:42:54 GMT
Etag: "c9de39bb466bfb8f885bae78849b7049389e3483"
Cache-Control: max-age=374195,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7739f1a00f1bb511-OSL
segments.company-target.com/log?vendor=choca&user_id=
54.230.111.90303 See Other 0 B URL HTTP/1.1 segments.company-target.com/log?vendor=choca&user_id=
IP 54.230.111.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log?vendor=choca&user_id= HTTP/1.1
Host: segments.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Content-Length: 0
Connection: keep-alive
Date: Sat, 03 Dec 2022 05:36:18 GMT
trace-id: 452cc75aa1e361b2
Vary: Origin
Location: /validateCookie?vendor=choca&user_id=&verifyHash=d7911dbbaaf7ead0a9915b9283a71c5b90062bf4
Set-Cookie: tuuid=2b298088-e5a3-4ccf-9e49-e1062cff0e4d; Max-Age=63072000; Expires=Mon, 02 Dec 2024 05:36:18 GMT; SameSite=None; Path=/; Domain=.company-target.com; Secure; HTTPOnly
tuuid_lu=1670045778; Max-Age=63072000; Expires=Mon, 02 Dec 2024 05:36:18 GMT; SameSite=None; Path=/; Domain=.company-target.com; Secure; HTTPOnly
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: A2iLN3FVwq_3x4TX05pQwyd3zXN-fF0p4O3v0IbZPyvDPh4ygEFN2A==
segments.company-target.com/validateCookie?vendor=choca&user_id=&verifyHash=d7911dbbaaf7ead0a9915b9283a71c5b90062bf4
54.230.111.90204 No Content 0 B URL HTTP/1.1 segments.company-target.com/validateCookie?vendor=choca&user_id=&verifyHash=d7911dbbaaf7ead0a9915b9283a71c5b90062bf4
IP 54.230.111.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /validateCookie?vendor=choca&user_id=&verifyHash=d7911dbbaaf7ead0a9915b9283a71c5b90062bf4 HTTP/1.1
Host: segments.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Date: Sat, 03 Dec 2022 05:36:18 GMT
trace-id: d2cd334993add4cf
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QVaZ8qjvGZBU7rrJ-uJ02sVAEB8z1iTf9kej4gGNL6OIZj9rYHfs0w==
insights.conduent.com/hubsFront/embed_collection
45.60.243.181200 OK 55 kB URL HTTP/2 insights.conduent.com/hubsFront/embed_collection
IP 45.60.243.181:0
File type Unicode text, UTF-8 text, with very long lines (49225), with NEL line terminators
Hash 1cd12eb5988301f457814a4eed7d1a9a
4de5af41b7c35af5718c1d1bd4e3a9248980247d
b71f66942fc96edcacf2eb9a5a3e1aa6cd789a68adc8013890253e31933fb7bc
GET /hubsFront/embed_collection HTTP/1.1
Host: insights.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=oHUbS9PF6gvv4Rebct2X1QAAAADK6n4mYNwwW/FDkVTG9sVG; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.2.806545584.1670045774; notice_behavior=implied,eu; _hjSessionUser_759017=eyJpZCI6IjE1MjE4MzI1LWQ2OWYtNTNlZi1iOWFlLWY3MzA2MTgyYTljZiIsImNyZWF0ZWQiOjE2NzAwNDU3NzM5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_759017=eyJpZCI6ImViYzcxZjViLTQxZjEtNGNmZS04ZTU5LTU1OTlmMTllYzRkOCIsImNyZWF0ZWQiOjE2NzAwNDU3NzQ0MDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _uetsid=6748418072cc11edb9714d6ede5b0ea2; _uetvid=674829a072cc11edae2377d8085d258a; _gid=GA1.2.1454843452.1670045775; _gat_UA-86857159-2=1; _gat_UA-86857159-1=1; _mkto_trk=id:250-KMW-698&token:_mch-conduent.com-1670045775442-92686; _fbp=fb.1.1670045775601.1521589569
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
etag: "f61ae805"
content-type: text/javascript;charset=UTF-8
content-length: 54748
content-encoding: gzip
cache-control: max-age=41, public
expires: Sat, 03 Dec 2022 05:36:59 GMT
date: Sat, 03 Dec 2022 05:36:18 GMT
set-cookie: visid_incap_2682640=Y0rucvrLQRipkYWgr6oM5FLgimMAAAAAQUIPAAAAAACupNkf+Pr5vC8bOYqd5ckF; expires=Sat, 02 Dec 2023 22:15:45 GMT; HttpOnly; path=/; Domain=.conduent.com; Secure; SameSite=None
incap_ses_275_2682640=RWNOBjteOnU3v9ZplP/QA1LgimMAAAAARk8V1OK3C7RsqONUSiuevA==; path=/; Domain=.conduent.com; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-content-type-options: "nosniff"
x-xss-protection: 1; mode=block
x-iinfo: 14-194797496-0 0CNN RT(1670045778442 18) q(0 -1 -1 0) r(0 -1)
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 352410f9a355afb50303e4d8eae48577
8d9064368a2fb5bd5946cd5c6ee1729096d4adca
014c27985aa5a772cf1010c67afd35f25b14e5013ed8a5e56ab59d003e9f234c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106369
Date: Sat, 03 Dec 2022 05:36:18 GMT
Etag: "6389ce59-1d7"
Expires: Sun, 04 Dec 2022 11:09:07 GMT
Last-Modified: Fri, 02 Dec 2022 10:07:21 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FTUAZvPrOtchM8uGp0ixNMvGGs2KSCbZ24XvQlVAsl6d_GpTV7gG8Q==
Age: 3706
dpx.airpr.com/px?hostname=www.conduent.com&profile=158558&ga_account_id=UA-86857159-1&ga_account_type=UA&ga_c=806545584.1670045774&an=true
18.196.242.144302 Found 0 B URL HTTP/2 dpx.airpr.com/px?hostname=www.conduent.com&profile=158558&ga_account_id=UA-86857159-1&ga_account_type=UA&ga_c=806545584.1670045774&an=true
IP 18.196.242.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px?hostname=www.conduent.com&profile=158558&ga_account_id=UA-86857159-1&ga_account_type=UA&ga_c=806545584.1670045774&an=true HTTP/1.1
Host: dpx.airpr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 03 Dec 2022 05:36:18 GMT
content-type: image/gif
content-length: 0
location: https://secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=5213496731
server: nginx
set-cookie: an_airpr_recent_visit=1;Max-Age=900;HttpOnly;SameSite=None;Secure
cache-control: private
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=5213496731
37.252.173.215307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=5213496731
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dpx.airpr.com/anpx?adnxs_uid=$UID&airpr_id=5213496731 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 05:36:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D5213496731
AN-X-Request-Uuid: 5eaaa003-3f4e-4ec8-b219-368c15dcd9c7
Set-Cookie: uuid2=6897985880402981884; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Mar-2023 05:36:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D5213496731
37.252.173.215302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D5213496731
IP 37.252.173.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdpx.airpr.com%2Fanpx%3Fadnxs_uid%3D%24UID%26airpr_id%3D5213496731 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 05:36:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://dpx.airpr.com/anpx?adnxs_uid=0&airpr_id=5213496731
AN-X-Request-Uuid: 52071e7e-abdd-40dd-9033-b13877f5d0cc
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content.cdntwrk.com/themes/vanilla/1db39a2/public/embeds/css/template_sets_default_embeds_embed_tiles_page.baf25af777a57245402f.css
54.230.111.72200 OK 62 kB URL HTTP/2 content.cdntwrk.com/themes/vanilla/1db39a2/public/embeds/css/template_sets_default_embeds_embed_tiles_page.baf25af777a57245402f.css
IP 54.230.111.72:0
Hash 74e68f96b766d2f7c21065bffcb21fa7
a72cdfcf8eccb042461cd602fd417e98a5225853
9637c6ae01c4434f5d1f372dc1a43cdb073ad8c5c03b49114ce8f3d9e7b5d91a
GET /themes/vanilla/1db39a2/public/embeds/css/template_sets_default_embeds_embed_tiles_page.baf25af777a57245402f.css HTTP/1.1
Host: content.cdntwrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 28 Nov 2022 18:43:12 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: JQYbSsLLqyiQLoAQ3HR8ndfzodDigRZl
server: AmazonS3
content-encoding: gzip
date: Sat, 03 Dec 2022 05:36:20 GMT
etag: W/"3a704c27f3c26521c3f832b4f98ae8fb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: EKTUJJr79OJKi5tCw03_fiuKFZE2sSXtcwslgCnw1Gksmo3CzfKlxA==
X-Firefox-Spdy: h2
dpx.airpr.com/anpx?adnxs_uid=0&airpr_id=5213496731
18.196.242.144204 No Content 0 B URL HTTP/2 dpx.airpr.com/anpx?adnxs_uid=0&airpr_id=5213496731
IP 18.196.242.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /anpx?adnxs_uid=0&airpr_id=5213496731 HTTP/1.1
Host: dpx.airpr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.conduent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 03 Dec 2022 05:36:19 GMT
server: nginx
cache-control: private
X-Firefox-Spdy: h2
assets.conduent.com/wp-content/themes/conduent-corporate/img/g_hash.svg
45.60.243.181200 OK 1.9 kB URL HTTP/2 assets.conduent.com/wp-content/themes/conduent-corporate/img/g_hash.svg
IP 45.60.243.181:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2488), with no line terminators
Hash bfc67bd5af955b3c1230c7ce8caee5e3
b22185c0d70b505ae702de7f02af71e763372952
ab2e9a6f678ae9490e054c57de2864e45d072f7820d6de9bcbec4e5163214693
GET /wp-content/themes/conduent-corporate/img/g_hash.svg HTTP/1.1
Host: assets.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=oHUbS9PF6gvv4Rebct2X1QAAAADK6n4mYNwwW/FDkVTG9sVG; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.2.806545584.1670045774; notice_behavior=implied,eu; _hjSessionUser_759017=eyJpZCI6IjE1MjE4MzI1LWQ2OWYtNTNlZi1iOWFlLWY3MzA2MTgyYTljZiIsImNyZWF0ZWQiOjE2NzAwNDU3NzM5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_759017=eyJpZCI6ImViYzcxZjViLTQxZjEtNGNmZS04ZTU5LTU1OTlmMTllYzRkOCIsImNyZWF0ZWQiOjE2NzAwNDU3NzQ0MDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _uetsid=6748418072cc11edb9714d6ede5b0ea2; _uetvid=674829a072cc11edae2377d8085d258a; _gid=GA1.2.1454843452.1670045775; _gat_UA-86857159-2=1; _gat_UA-86857159-1=1; _mkto_trk=id:250-KMW-698&token:_mch-conduent.com-1670045775442-92686; _fbp=fb.1.1670045775601.1521589569; visid_incap_2682640=Y0rucvrLQRipkYWgr6oM5FLgimMAAAAAQUIPAAAAAACupNkf+Pr5vC8bOYqd5ckF; incap_ses_275_2682640=RWNOBjteOnU3v9ZplP/QA1LgimMAAAAARk8V1OK3C7RsqONUSiuevA==; nlbi_2682640=FaH6frHv1yEPDy5DTEjkwQAAAABRx7cJnmWGWcpPkLzCqH/M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
etag: W/"5fa55fa4-9b8"
last-modified: Fri, 06 Nov 2020 14:37:24 GMT
content-type: image/svg+xml
content-length: 1892
content-encoding: gzip
cache-control: max-age=29050427, public
expires: Sat, 04 Nov 2023 11:10:06 GMT
date: Sat, 03 Dec 2022 05:36:19 GMT
set-cookie: visid_incap_2682641=1eLdL5l5TG22ecT3TG3G6lPgimMAAAAAQUIPAAAAAAC9ZATwH2nhdXIgM215cNJm; expires=Sat, 02 Dec 2023 22:15:45 GMT; HttpOnly; path=/; Domain=.conduent.com; Secure; SameSite=None
incap_ses_275_2682641=nJCjQbLfV1d5v9ZplP/QA1PgimMAAAAAZZtrT/oGjSlBenmSCQvJ8Q==; path=/; Domain=.conduent.com; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-content-type-options: "nosniff"
x-xss-protection: 1; mode=block
x-iinfo: 14-194797496-0 0CNN RT(1670045778442 1271) q(0 -1 -1 0) r(0 -1)
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.78:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 03 Dec 2022 05:36:16 GMT
date: Sat, 03 Dec 2022 05:36:16 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=GBXVcBydRmw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=6piIvNghDvY; Domain=.youtube.com; Expires=Thu, 01-Jun-2023 05:36:16 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+747; expires=Mon, 02-Dec-2024 05:36:16 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
consent.trustarc.com/asset/notice.js/v/v1.7-9931
143.204.55.90200 OK 0 B URL HTTP/2 consent.trustarc.com/asset/notice.js/v/v1.7-9931
IP 143.204.55.90:0
GET /asset/notice.js/v/v1.7-9931 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Fri, 18 Nov 2022 03:13:04 GMT
pragma: public
timing-allow-origin: *
content-encoding: gzip
date: Sat, 03 Dec 2022 04:48:29 GMT
expires: Mon, 02 Jan 2023 04:48:26 GMT
cache-control: max-age=2592000
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SC4k3rKCTfTOrARcnB7cXKBHhZB7H5byhkmlWsS7tSwkE45pGU5PLg==
age: 2870
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
ws16.hotjar.com/api/v2/sites/759017/recordings/content
52.30.211.95200 OK 0 B URL HTTP/2 ws16.hotjar.com/api/v2/sites/759017/recordings/content
IP 52.30.211.95:0
POST /api/v2/sites/759017/recordings/content HTTP/1.1
Host: ws16.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 214626
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:18 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
partners.tremorhub.com/sync?UIRF=5107433825479111642&r=TSdL6yANCuke
54.197.48.148200 OK 0 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5107433825479111642&r=TSdL6yANCuke
IP 54.197.48.148:0
GET /sync?UIRF=5107433825479111642&r=TSdL6yANCuke HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:18 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/759017/visit-data?sv=6
52.49.107.217200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/759017/visit-data?sv=6
IP 52.49.107.217:0
POST /api/v2/client/sites/759017/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:17 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
soma.smaato.net/oapi/idsync?redirect=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fpub%3D720%26partnerId%3DSomaCookieUserId
52.51.164.198410 Gone 0 B URL HTTP/2 soma.smaato.net/oapi/idsync?redirect=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fpub%3D720%26partnerId%3DSomaCookieUserId
IP 52.51.164.198:0
GET /oapi/idsync?redirect=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fpub%3D720%26partnerId%3DSomaCookieUserId HTTP/1.1
Host: soma.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20827134p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 410 Gone
date: Sat, 03 Dec 2022 05:36:17 GMT
server: SOMA
X-Firefox-Spdy: h2
insights.conduent.com/themes/embed_collection_tiles/7466746?limit=3&&page=1&format=json&excludeCTAs=true
45.60.243.181200 OK 0 B URL HTTP/2 insights.conduent.com/themes/embed_collection_tiles/7466746?limit=3&&page=1&format=json&excludeCTAs=true
IP 45.60.243.181:0
GET /themes/embed_collection_tiles/7466746?limit=3&&page=1&format=json&excludeCTAs=true HTTP/1.1
Host: insights.conduent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Cookie: visid_incap_2044933=0wMJmqbgRvuYgbaLGANnS03gimMAAAAAQUIPAAAAAAA1jjfbtLyruoFQ0gQJzk7S; nlbi_2044933=WA2hXx8wSToR8TJ4ct2X1QAAAAByiy1OO8wW/4yybctYtk6U; incap_ses_7236_2044933=KQe6OviGE0Z0AWc5LnBrZE3gimMAAAAAafXMdjtPSabwSig1j+gWBQ==; nlbi_2044933_2147483392=oHUbS9PF6gvv4Rebct2X1QAAAADK6n4mYNwwW/FDkVTG9sVG; utm_source=direct; utm_campaign=none; utm_medium=none; utm_term=none; utm_content=none; _gcl_au=1.1.511948215.1670045774; _ga_21KBGVSV08=GS1.1.1670045774.1.0.1670045774.0.0.0; _ga=GA1.2.806545584.1670045774; notice_behavior=implied,eu; _hjSessionUser_759017=eyJpZCI6IjE1MjE4MzI1LWQ2OWYtNTNlZi1iOWFlLWY3MzA2MTgyYTljZiIsImNyZWF0ZWQiOjE2NzAwNDU3NzM5MDUsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjSession_759017=eyJpZCI6ImViYzcxZjViLTQxZjEtNGNmZS04ZTU5LTU1OTlmMTllYzRkOCIsImNyZWF0ZWQiOjE2NzAwNDU3NzQ0MDIsImluU2FtcGxlIjp0cnVlfQ==; _hjAbsoluteSessionInProgress=0; _uetsid=6748418072cc11edb9714d6ede5b0ea2; _uetvid=674829a072cc11edae2377d8085d258a; _gid=GA1.2.1454843452.1670045775; _gat_UA-86857159-2=1; _gat_UA-86857159-1=1; _mkto_trk=id:250-KMW-698&token:_mch-conduent.com-1670045775442-92686; _fbp=fb.1.1670045775601.1521589569; visid_incap_2682640=Y0rucvrLQRipkYWgr6oM5FLgimMAAAAAQUIPAAAAAACupNkf+Pr5vC8bOYqd5ckF; incap_ses_275_2682640=RWNOBjteOnU3v9ZplP/QA1LgimMAAAAARk8V1OK3C7RsqONUSiuevA==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-language: en-US
content-type: text/javascript;charset=UTF-8
date: Sat, 03 Dec 2022 05:36:19 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
referrer-policy: unsafe-url
set-cookie: ufcc_themesv2=1
_MGZ_=isa9c2qk347r3hatbfnchb71g5; path=/; secure; HttpOnly
nlbi_2682640=FaH6frHv1yEPDy5DTEjkwQAAAABRx7cJnmWGWcpPkLzCqH/M; path=/; Domain=.conduent.com; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-content-type-options: "nosniff"
x-xss-protection: 1; mode=block
content-encoding: gzip
x-iinfo: 14-194797496-194797534 NNYN CT(123 127 0) RT(1670045778442 627) q(0 0 3 -1) r(3 4) U1
X-Firefox-Spdy: h2
www.conduentassets.com/cwf/0.1.428/js/cwf_full.min.js
35.190.185.247200 OK 0 B URL HTTP/2 www.conduentassets.com/cwf/0.1.428/js/cwf_full.min.js
IP 35.190.185.247:0
GET /cwf/0.1.428/js/cwf_full.min.js HTTP/1.1
Host: www.conduentassets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 05:36:14 GMT
content-type: application/javascript
last-modified: Fri, 04 Jun 2021 19:51:39 GMT
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
etag: W/"60ba844b-36ae"
cache-control: public, max-age=31536000
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
app-sjqe.marketo.com/js/forms2/js/forms2.min.js
104.17.101.130200 OK 0 B URL HTTP/2 app-sjqe.marketo.com/js/forms2/js/forms2.min.js
IP 104.17.101.130:0
GET /js/forms2/js/forms2.min.js HTTP/1.1
Host: app-sjqe.marketo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 05:36:14 GMT
content-type: application/x-javascript; charset=utf-8
last-modified: Tue, 08 Nov 2022 19:16:09 GMT
etag: "462dd0-33e51-5ecfa5f55f040"
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63113904
x-content-type-options: nosniff
cf-cache-status: HIT
age: 48
expires: Sat, 03 Dec 2022 09:36:14 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 7739f189fc6db515-OSL
X-Firefox-Spdy: h2
leads-api.gonorth.io/api/v2/external/11239/clb7i4una0000289dknc0wnmt/97e3c887-2ee5-4213-92e0-9304f17c2966/visit
104.239.226.241200 OK 0 B URL HTTP/2 leads-api.gonorth.io/api/v2/external/11239/clb7i4una0000289dknc0wnmt/97e3c887-2ee5-4213-92e0-9304f17c2966/visit
IP 104.239.226.241:0
POST /api/v2/external/11239/clb7i4una0000289dknc0wnmt/97e3c887-2ee5-4213-92e0-9304f17c2966/visit HTTP/1.1
Host: leads-api.gonorth.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 59
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
cache-control: no-cache, private
content-type: application/json
content-encoding: gzip
strict-transport-security: max-age=31536000
date: Sat, 03 Dec 2022 05:36:17 GMT
x-ratelimit-limit: 100
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-content-type-options: nosniff
set-cookie: X-Mapping-fjhppofk=52329A96FC29EAA6FE35DA5FDE0D6877; path=/
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 96
X-Firefox-Spdy: h2
content.cdntwrk.com/themes/vanilla/1db39a2/public/embeds/js/template_sets_default_embeds_embed_tiles_page.8d835c890098deea0ada.js
54.230.111.72200 OK 0 B URL HTTP/2 content.cdntwrk.com/themes/vanilla/1db39a2/public/embeds/js/template_sets_default_embeds_embed_tiles_page.8d835c890098deea0ada.js
IP 54.230.111.72:0
GET /themes/vanilla/1db39a2/public/embeds/js/template_sets_default_embeds_embed_tiles_page.8d835c890098deea0ada.js HTTP/1.1
Host: content.cdntwrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 18:43:12 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: mT2q8jtBWKo4Hz2v5PKtl33BaCyd5xA.
server: AmazonS3
content-encoding: gzip
date: Sat, 03 Dec 2022 05:36:19 GMT
etag: W/"7c509f14bb4558b54fe68128c0502342"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: U2SYn5R8atKGc0c1Ta85P1KmoGOKrNV2lnd_dB8YUnKRWR5wflypsg==
X-Firefox-Spdy: h2
consent.trustarc.com/asset/trustarc_cookiepreferences.png
143.204.55.90200 OK 0 B URL HTTP/2 consent.trustarc.com/asset/trustarc_cookiepreferences.png
IP 143.204.55.90:0
GET /asset/trustarc_cookiepreferences.png HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Thu, 24 May 2018 00:46:39 GMT
pragma: public
timing-allow-origin: *
content-encoding: gzip
date: Sat, 03 Dec 2022 05:02:52 GMT
expires: Mon, 02 Jan 2023 05:01:58 GMT
cache-control: max-age=2592000
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jeQpHdlSse1o3Gb8MKHjhxmm-WZsmfjcLPG-oGfmD-Vqv-tggBjaZQ==
age: 2058
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.conduent.com%2F&page_title=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent
54.230.111.101200 OK 0 B URL HTTP/2 api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.conduent.com%2F&page_title=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent
IP 54.230.111.101:0
POST /api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.conduent.com%2F&page_title=Mission%20Critical%20Services%20and%20Solutions%20-%20Conduent HTTP/1.1
Host: api.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 63
Origin: https://www.conduent.com
Connection: keep-alive
Referer: https://www.conduent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json;charset=utf-8
date: Sat, 03 Dec 2022 05:36:17 GMT
server: nginx
access-control-allow-origin: https://www.conduent.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source: CACHE
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Fri, 02 Dec 2022 05:36:17 GMT
vary: Accept-Encoding, Origin
content-encoding: gzip
request-id: 4f8d64e7-297f-4b03-81e6-2768b1ec6265
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5IkodFn9g9C3bsxDh1OnWcD_O4rNqiAeHf3rvA2GYPsrIy8JHqCZRQ==
X-Firefox-Spdy: h2