login.mailingwork.de/-link2/8362/3325/71/2045/197377/s0vm7osT/TZ5kwvx0Sv/0
185.98.186.253302 Found 0 B URL HTTP/1.1 login.mailingwork.de/-link2/8362/3325/71/2045/197377/s0vm7osT/TZ5kwvx0Sv/0
IP 185.98.186.253:0
ASN #48173 The Unbelievable Machine Company GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /-link2/8362/3325/71/2045/197377/s0vm7osT/TZ5kwvx0Sv/0 HTTP/1.1
Host: login.mailingwork.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 16 Jan 2023 09:46:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=edm-registration&utm_campaign=show-opens-tomorrow-edm-registration
Cache-Control: max-age=0, private, must-revalidate
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Strict-Transport-Security: max-age=63072000
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10373
Expires: Mon, 16 Jan 2023 12:39:46 GMT
Date: Mon, 16 Jan 2023 09:46:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13574
Expires: Mon, 16 Jan 2023 13:33:07 GMT
Date: Mon, 16 Jan 2023 09:46:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12966
Expires: Mon, 16 Jan 2023 13:22:59 GMT
Date: Mon, 16 Jan 2023 09:46:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 08:49:09 GMT
content-type: application/json
age: 3464
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WQycZsT+auKs+haecvsGcFCdDUdC9kF5qkzL4s+Mgs6Yi/+QSTpRZ9xnuo0V14IU2+eYy1KPfFs=
x-amz-request-id: 7FEDNF83XKNCKJ1V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 09:44:32 GMT
age: 141
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:46:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 12c8f952e4aac8ab06f0b70b9d133770
8fdb6cc0e575f95ec00c8aa4a320670540d7f864
eb652ad33f27647680742f7b6bef51f5589f1ee78608c21db5494b67480187e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB652AD33F27647680742F7B6BEF51F5589F1EE78608C21DB5494B67480187E6"
Last-Modified: Mon, 16 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20004
Expires: Mon, 16 Jan 2023 15:20:18 GMT
Date: Mon, 16 Jan 2023 09:46:54 GMT
Connection: keep-alive
cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=edm-registration&utm_campaign=show-opens-tomorrow-edm-registration
52.28.28.73200 OK 8.3 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=edm-registration&utm_campaign=show-opens-tomorrow-edm-registration
IP 52.28.28.73:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (812)
Hash 27d7802a5e1c9e4b0a0a178696811a6b
ad50a27f6ab8cf5f35e11fe173fe598c1bb7debd
bf6f5178980fdd4ade3133b7c8462607f01025a8b59348aae0ce773a17d246d9
GET /reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=edm-registration&utm_campaign=show-opens-tomorrow-edm-registration HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
Set-Cookie: .AspNetCore.Mvc.CookieTempDataProvider=; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/reg/ISDU23DU; samesite=lax; httponly
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Mon, 16 Jan 2023 09:46:58 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cloudme02.infosalons.biz/reg/ISDU23DU/css/Visitor.css
52.28.28.73200 OK 168 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/css/Visitor.css
IP 52.28.28.73:0
File type ASCII text, with very long lines (526)
Size 168 kB (168318 bytes)
Hash 953008ae8f81645d0298b26897b6d8bc
c9dae64d03c7c6355f9104524643d99089f6e597
73961fec9e9f974e500e4d6c1d97d61cb8b45fbb2bcf65f3647fb97985a1fab0
GET /reg/ISDU23DU/css/Visitor.css HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=edm-registration&utm_campaign=show-opens-tomorrow-edm-registration
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 168318
Content-Type: text/css
Last-Modified: Thu, 12 Jan 2023 13:34:24 GMT
Accept-Ranges: bytes
ETag: "1d9268a9586617e"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Mon, 16 Jan 2023 09:46:58 GMT
cloudme02.infosalons.biz/reg/ISDU23DU/images/BannerVisitor.JPG
52.28.28.73200 OK 231 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/images/BannerVisitor.JPG
IP 52.28.28.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1450x250, components 3\012- data
Size 231 kB (231195 bytes)
Hash 34b341fe3e5625ad8e07808a54e4eb88
e8f295db3474578d0fc7beb25a1c11c1ac8cdfc0
3ace90cbd0b7fa203f5e7cf802fea81975a04dd6bb6554b4c57182f75a2c146e
GET /reg/ISDU23DU/images/BannerVisitor.JPG HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=edm-registration&utm_campaign=show-opens-tomorrow-edm-registration
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 231195
Content-Type: image/jpeg
Last-Modified: Thu, 12 Jan 2023 13:34:24 GMT
Accept-Ranges: bytes
ETag: "1d9268a9587771b"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Mon, 16 Jan 2023 09:46:58 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:34:08 GMT
expires: Thu, 11 Jan 2024 19:34:08 GMT
cache-control: public, max-age=31536000
age: 396766
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 14:07:32 GMT
expires: Thu, 11 Jan 2024 14:07:32 GMT
cache-control: public, max-age=31536000
age: 416362
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 09:33:46 GMT
age: 788
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NMF9JV
142.250.74.40200 OK 87 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NMF9JV
IP 142.250.74.40:0
File type ASCII text, with very long lines (16512)
Hash 93eaeb22216b6e46f2c4887b16408149
3cf938dcd01e2a588b0518c22150ae88c01a85d6
e32db8005fb6ae4178563913248bc8adeb4a47a5314e8ef521c781e44b7eaa40
GET /gtm.js?id=GTM-NMF9JV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 09:46:54 GMT
expires: Mon, 16 Jan 2023 09:46:54 GMT
cache-control: private, max-age=900
last-modified: Mon, 16 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9442f1d8864feb84a623305a281e4c56
45250ab44f89bf1a0f665da8b47da06dc1af2af0
2086a32de0797aa6146b8fe1d7422342dbc9f1da0d81093915f42b69a5dcbc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash da406d911eebcea02f929b239218d696
09bf6f076ad7df32a88819e0ff7d0d50ea1e9ada
9bad461e91eb144504cf4ec7c235bb88e0c155af038c18c906a84c1eb30c1936
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96211
Date: Mon, 16 Jan 2023 09:46:54 GMT
Etag: "63c3e134-1d7"
Expires: Tue, 17 Jan 2023 12:30:25 GMT
Last-Modified: Sun, 15 Jan 2023 11:19:16 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qbU7I8KJAxIZJWO0czl70Id_U9kkk96FIPQxzKrr8uPoXsq-al-6kg==
Age: 4269
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash da406d911eebcea02f929b239218d696
09bf6f076ad7df32a88819e0ff7d0d50ea1e9ada
9bad461e91eb144504cf4ec7c235bb88e0c155af038c18c906a84c1eb30c1936
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 09:46:54 GMT
Last-Modified: Mon, 16 Jan 2023 08:11:54 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xD3DOucq88m7pFEjtvdmDaS9gDcgRmS8jbeSddA9FIg5KES0ZIeZww==
Age: 5700
static.infosalons.ae/ISDU23DU/js/app/welcome.js
54.230.111.122200 OK 1.2 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/app/welcome.js
IP 54.230.111.122:0
File type Unicode text, UTF-8 (with BOM) text
Hash 4d9448149a2dd8ece3a4a843d8e776c4
08e8a3a47f6ad103e0163a8dce63572803a348ca
9fb778be1a3c92e22244d7566d53349a416ad87ddb4dcb0d6c170e5890e1addc
GET /ISDU23DU/js/app/welcome.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1221
date: Mon, 16 Jan 2023 09:46:55 GMT
last-modified: Thu, 12 Jan 2023 13:33:53 GMT
etag: "4d9448149a2dd8ece3a4a843d8e776c4"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JTeTpHOVrKrPayylsDQsErg_AnPoP73afvTykHOc-Um4i4vgljtP1Q==
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/vendors/form-validation/Bootstrap3.min.js
54.230.111.122200 OK 2.2 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/form-validation/Bootstrap3.min.js
IP 54.230.111.122:0
File type ASCII text, with very long lines (2190), with no line terminators
Hash bdc791aecf2dd3bd9c9cf437ca1c82fd
b1bad54611ff8985d63c398ec7529f6ba32a8a24
f7a3ba3861a88f9cff01a6f76678f61e87cf314f35c6121072e46b3c8954a4c2
GET /ISDU23DU/js/vendors/form-validation/Bootstrap3.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 2190
date: Mon, 16 Jan 2023 09:46:55 GMT
last-modified: Thu, 12 Jan 2023 13:33:53 GMT
etag: "bdc791aecf2dd3bd9c9cf437ca1c82fd"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 41MgJo1L49tRqIrcZpiFb7JWfKYJ-23FYW9S9jXLI5U815iRSzruOw==
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/vendors/polyfill.min.js
54.230.111.122200 OK 29 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/polyfill.min.js
IP 54.230.111.122:0
Hash db8012fbe266725d632ab01dd7272d03
3f5d6cfc20f501af45c1d2f35ff5b1300f8f2cee
3dcfcead3ffa6d0a1ded15b59a588951e5a32681f7a536ed8a8f0b85de45b218
GET /ISDU23DU/js/vendors/polyfill.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 29063
date: Mon, 16 Jan 2023 09:46:55 GMT
last-modified: Thu, 12 Jan 2023 13:33:53 GMT
etag: "db8012fbe266725d632ab01dd7272d03"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -NF4mU-s683BcvvZ_pQAz3lwJc0gFDjbrBqfQnsmih7n0qD6UZgz8Q==
X-Firefox-Spdy: h2
static.infosalons.ae/ISDU23DU/js/vendors/bootstrap.min.js
54.230.111.122200 OK 37 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/bootstrap.min.js
IP 54.230.111.122:0
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /ISDU23DU/js/vendors/bootstrap.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 37045
date: Mon, 16 Jan 2023 09:46:55 GMT
last-modified: Thu, 12 Jan 2023 13:33:53 GMT
etag: "5869c96cc8f19086aee625d670d741f9"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jmv_-Sdprdv7O4dZodEZ9Gy3QUgun2Anxgq2fu3FO49nQrIWqjXauQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1346
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Last-Modified: Mon, 16 Jan 2023 09:24:28 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
static.infosalons.ae/ISDU23DU/js/vendors/jquery.min.js
54.230.111.122200 OK 96 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/jquery.min.js
IP 54.230.111.122:0
File type ASCII text, with very long lines (32038)
Hash f03e5a3bf534f4a738bc350631fd05bd
37b1db88b57438f1072a8ebc7559c909c9d3a682
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
GET /ISDU23DU/js/vendors/jquery.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 95992
date: Mon, 16 Jan 2023 09:46:55 GMT
last-modified: Thu, 12 Jan 2023 13:33:53 GMT
etag: "f03e5a3bf534f4a738bc350631fd05bd"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EEiQuLpY6u1jK0Nh-widLzCDhYsgxYU-wh4g80GY4TXJdGekHbEWrg==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash da406d911eebcea02f929b239218d696
09bf6f076ad7df32a88819e0ff7d0d50ea1e9ada
9bad461e91eb144504cf4ec7c235bb88e0c155af038c18c906a84c1eb30c1936
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 09:46:54 GMT
Server: ECS (dcb/7EEC)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Lz-BU4ri4BwPyP6-LuuYrZgR94DthPwRdJMRVjGb0JAkMUkq33_ixA==
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4ac39c8ee2583f836a6c40bc29abd389
a4ce5cd6dcb347d634b4acd135710d6e5b81005c
399250bc0c0f2a2929d03e37f460b84b9201d06b758e7bbc6c9ba482c3ed35b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
12243703.fls.doubleclick.net/activityi;src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration?
142.250.74.38200 OK 322 B URL HTTP/2 12243703.fls.doubleclick.net/activityi;src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (587), with no line terminators
Hash 63c30984aad3c94e23fa366f87dafffe
302df8251e6903197c3cc9737c8b2fe67c4ea3d7
de8b60895829b873137e78e43f7380bd7e0af9f481fa0ed59a6038ea1de0acfe
GET /activityi;src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration? HTTP/1.1
Host: 12243703.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 322
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Jan-2023 10:01:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4ac39c8ee2583f836a6c40bc29abd389
a4ce5cd6dcb347d634b4acd135710d6e5b81005c
399250bc0c0f2a2929d03e37f460b84b9201d06b758e7bbc6c9ba482c3ed35b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.infosalons.ae/ISDU23DU/js/vendors/form-validation/formValidation.min.js
54.230.111.122200 OK 76 kB URL HTTP/2 static.infosalons.ae/ISDU23DU/js/vendors/form-validation/formValidation.min.js
IP 54.230.111.122:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a9f8f55bd0c17edf54a47fa4be59241d
8e381b96dbe45c3e206c11f5c6272bdb86a78119
24872b6f4d95efb2133b4673e5535c672a0957995077c3c90ad3dbc4d51b934f
GET /ISDU23DU/js/vendors/form-validation/formValidation.min.js HTTP/1.1
Host: static.infosalons.ae
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 75561
date: Mon, 16 Jan 2023 09:46:55 GMT
last-modified: Thu, 12 Jan 2023 13:33:53 GMT
etag: "a9f8f55bd0c17edf54a47fa4be59241d"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FmK-b0xLDUT0z-2rikeGbsPUhqS-t7iYWr1QAw94zCaXEphdmDtJoQ==
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.166.172.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.172.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vedg5gRQmENbjBjLOr34Sw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3fvDho4dx/JGFso2Rhk6bEgiDwo=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63931ff97eb1381a053be3c3e3e15109
936c6ff2f38aa0533a06f3e86a83fda70fb55082
190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration
142.250.74.2200 OK 323 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (586), with no line terminators
Hash f87f6efec6f1a6007716d131db2b1aca
b2cc64f66541a0b6fd8592119d3c8522722f9942
bcb16a51f32ed2f2b391be2443518b6ccf9aa7e8771e5585562c1b671d0ad027
GET /ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12243703.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cloudme02.infosalons.biz/reg/ISDU23DU/favicon.ico
52.28.28.73200 OK 5.4 kB URL HTTP/1.1 cloudme02.infosalons.biz/reg/ISDU23DU/favicon.ico
IP 52.28.28.73:0
File type PNG image data, 50 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash 5b03c4655cd2fcdae7f454ebe78604be
9a2c3b4f792086c69f81daba285d056da7623c81
c14cc3f96f4d566e1f472324b4c989601df555d0e83895702a04596481b050f1
GET /reg/ISDU23DU/favicon.ico HTTP/1.1
Host: cloudme02.infosalons.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/reg/ISDU23DU/Visitor?utm_source=visprom&utm_medium=edm-registration&utm_campaign=show-opens-tomorrow-edm-registration
Cookie: _gcl_au=1.1.623625588.1673862415; _ga_D86YXF4B58=GS1.1.1673862415.1.0.1673862415.60.0.0; _ga=GA1.1.1440945827.1673862416
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 5387
Content-Type: image/x-icon
Last-Modified: Thu, 12 Jan 2023 13:34:24 GMT
Accept-Ranges: bytes
ETag: "1d9268a9584e50b"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
strict-transport-security: max-age=31536000; includeSubdomains
Date: Mon, 16 Jan 2023 09:46:59 GMT
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=62487
date: Mon, 16 Jan 2023 09:46:55 GMT
content-length: 4777
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4303
Cache-Control: max-age=136526
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Etag: "63c47e8f-1d7"
Expires: Tue, 17 Jan 2023 23:42:21 GMT
Last-Modified: Sun, 15 Jan 2023 22:30:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500&display=swap
142.250.74.106200 OK 21 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500&display=swap
IP 142.250.74.106:0
File type ASCII text, with very long lines (1490)
Hash fb2059829c9b2ee4f3a53e08b2620043
34fae309a1450fc92b5987a9c0236d4034be1b40
52801c278f36b0a28272400d85ea4c10ad9d9cce720e873ba3afe03c6f585eac
GET /css2?family=Roboto:ital,wght@0,400;0,500;0,700;1,400;1,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 16 Jan 2023 09:46:54 GMT
date: Mon, 16 Jan 2023 09:46:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2HMClOYcqaxYYuM3moUw6A7OyQUuQ+Kt7zhSXtAB6lk3aVsBWfjzL9J2Sx5PM2ccILtxN6tyHQJ/3ZztylEX5Q==
content-length: 27815
x-fb-trip-id: 1904183273
date: Mon, 16 Jan 2023 09:46:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=10BBD7E76E2F660120A3C57C6F7867DA; domain=.bing.com; expires=Sat, 10-Feb-2024 09:46:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5E24479430AF46F8A7C511E1DB3495AF Ref B: OSL30EDGE0416 Ref C: 2023-01-16T09:46:55Z
date: Mon, 16 Jan 2023 09:46:54 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 16 Jan 2023 09:46:55 GMT
x-served-by: cache-iad-kiad7000089-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/784880074/?random=1673862415472&cv=11&fst=1673862415472&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=623625588.1673862415&rfmt=3&fmt=4
216.58.207.194200 OK 955 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/784880074/?random=1673862415472&cv=11&fst=1673862415472&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=623625588.1673862415&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2083), with no line terminators
Hash 92078e36a2f97939d1090f00d48d258b
05a392015584922a28cdace1302663c0b40650ff
63cc6ab471eb9fd8b17c89905349c0b64171d64b5dd467174cb1bb93636265b1
GET /pagead/viewthroughconversion/784880074/?random=1673862415472&cv=11&fst=1673862415472&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=623625588.1673862415&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 955
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Jan-2023 10:01:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/837157113/?random=1673862415469&cv=11&fst=1673862415469&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=623625588.1673862415&rfmt=3&fmt=4
216.58.207.194200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/837157113/?random=1673862415469&cv=11&fst=1673862415469&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=623625588.1673862415&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (2083), with no line terminators
Hash 2703e217f4615a480a61da219919db01
9e94763ca43b295fee00a013a71f0bb89ee2883f
4b2dea0f08bf7e6895cc42665359e181e806eaa667bb9ec8ca338504494321bf
GET /pagead/viewthroughconversion/837157113/?random=1673862415469&cv=11&fst=1673862415469&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&auid=623625588.1673862415&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 16-Jan-2023 10:01:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 63931ff97eb1381a053be3c3e3e15109
936c6ff2f38aa0533a06f3e86a83fda70fb55082
190074a5719a32e42ef57a8a5a2f68c70f0f67204e0fc18bf77afad64a7d418f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=688832724&t=pageview&_s=1&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&ul=en-us&de=UTF-8&dt=Welcome%20%7C%20Intersec%202023&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACEABBAAAACAAI~&jid=307466694&gjid=1972322252&cid=1440945827.1673862416&tid=UA-329521-7&_gid=835421692.1673862416&_r=1&_slc=1>m=2wg1a1NMF9JV&z=1198876173
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=688832724&t=pageview&_s=1&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&ul=en-us&de=UTF-8&dt=Welcome%20%7C%20Intersec%202023&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACEABBAAAACAAI~&jid=307466694&gjid=1972322252&cid=1440945827.1673862416&tid=UA-329521-7&_gid=835421692.1673862416&_r=1&_slc=1>m=2wg1a1NMF9JV&z=1198876173
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=688832724&t=pageview&_s=1&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&ul=en-us&de=UTF-8&dt=Welcome%20%7C%20Intersec%202023&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YCDACEABBAAAACAAI~&jid=307466694&gjid=1972322252&cid=1440945827.1673862416&tid=UA-329521-7&_gid=835421692.1673862416&_r=1&_slc=1>m=2wg1a1NMF9JV&z=1198876173 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://cloudme02.infosalons.biz
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D86YXF4B58&cid=1440945827.1673862416>m=2oe1a1&aip=1&z=1900792586
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D86YXF4B58&cid=1440945827.1673862416>m=2oe1a1&aip=1&z=1900792586
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D86YXF4B58&cid=1440945827.1673862416>m=2oe1a1&aip=1&z=1900792586 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration
142.250.74.130200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12243703;type=inter0;cat=allpa0;ord=677970550705;gtm=2wg1a1;auiddc=623625588.1673862415;~oref=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
expires: Mon, 16 Jan 2023 09:46:55 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f9f0807ec0823fe53635830143234305
db2630a0f154906a926bbd6f1b47008b4f2368a9
dde03284de3f3ebf44bb709378e5b5d38d56ff26caad45a9373e8c74fcd04ecf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDE03284DE3F3EBF44BB709378E5B5D38D56FF26CAAD45A9373E8C74FCD04ECF"
Last-Modified: Mon, 16 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 16 Jan 2023 15:46:55 GMT
Date: Mon, 16 Jan 2023 09:46:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4303
Cache-Control: max-age=136526
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Etag: "63c47e8f-1d7"
Expires: Tue, 17 Jan 2023 23:42:21 GMT
Last-Modified: Sun, 15 Jan 2023 22:30:39 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
www.google.no/pagead/1p-user-list/784880074/?random=1673862415472&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=2953577610&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/784880074/?random=1673862415472&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=2953577610&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/784880074/?random=1673862415472&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=2953577610&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/837157113/?random=1673862415469&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=1428264816&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/837157113/?random=1673862415469&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=1428264816&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/837157113/?random=1673862415469&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=1428264816&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=11003046&Ver=2&mid=8f973c8d-2f32-4ba2-9701-49dad0a24590&sid=b69e1500958211edbb4099adf8ee4101&vid=b69e22e0958211eda4ee5bcbc9e07b89&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Welcome%20%7C%20Intersec%202023&p=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&r=<=1629&evt=pageLoad&sv=1&rn=901341
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=11003046&Ver=2&mid=8f973c8d-2f32-4ba2-9701-49dad0a24590&sid=b69e1500958211edbb4099adf8ee4101&vid=b69e22e0958211eda4ee5bcbc9e07b89&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Welcome%20%7C%20Intersec%202023&p=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&r=<=1629&evt=pageLoad&sv=1&rn=901341
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=11003046&Ver=2&mid=8f973c8d-2f32-4ba2-9701-49dad0a24590&sid=b69e1500958211edbb4099adf8ee4101&vid=b69e22e0958211eda4ee5bcbc9e07b89&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Welcome%20%7C%20Intersec%202023&p=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&r=<=1629&evt=pageLoad&sv=1&rn=901341 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=1EEA3FD0D70E67432A082D4BD6596681; domain=.bing.com; expires=Sat, 10-Feb-2024 09:46:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22CEF82C188646379CF7A62E4E4B874D Ref B: OSL30EDGE0416 Ref C: 2023-01-16T09:46:55Z
date: Mon, 16 Jan 2023 09:46:54 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6db0ab20925a64068987b60dd6f72f9a
38d0bea36fbf16ec63bec71cb3bbe743541458b1
74082ea963e7afe8094d2e187e40309b5848948822467c62f1ef0852ae688564
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6db0ab20925a64068987b60dd6f72f9a
38d0bea36fbf16ec63bec71cb3bbe743541458b1
74082ea963e7afe8094d2e187e40309b5848948822467c62f1ef0852ae688564
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/11003046.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/11003046.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/11003046.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=221621D5B8486CD3266A334EB91F6D20; domain=.bing.com; expires=Sat, 10-Feb-2024 09:46:55 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5947891C16C4A44B9CBB61F91641719 Ref B: OSL30EDGE0416 Ref C: 2023-01-16T09:46:55Z
date: Mon, 16 Jan 2023 09:46:54 GMT
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/784880074/?random=1673862415472&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=2953577610&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/784880074/?random=1673862415472&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=2953577610&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/784880074/?random=1673862415472&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=2953577610&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/837157113/?random=1673862415469&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=1428264816&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/837157113/?random=1673862415469&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=1428264816&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/837157113/?random=1673862415469&cv=11&fst=1673859600000&bg=ffffff&guid=ON&async=1>m=2wg1a1&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tiba=Welcome%20%7C%20Intersec%202023&fmt=3&is_vtc=1&random=1428264816&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 477a4b3fa011eaa475e88b59d1ad7047
99384d7a1995805b2a323f9a21f56ded8be0aec1
26da77cb427771024f422fcef8ad0ae4600407413a06ff3673f60ad5d65fe97e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5447
Cache-Control: max-age=99522
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Etag: "63c3e98a-13a"
Expires: Tue, 17 Jan 2023 13:25:37 GMT
Last-Modified: Sun, 15 Jan 2023 11:54:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673862415955&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673862415955&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673862415955&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673862415955%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dedm-registration%2526utm_campaign%253Dshow-opens-tomorrow-edm-registration%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLPo5OkwLwQHQAAAYW5-YQHjedmx15fJcVTPTmKICshJtyRamta6hNShBLXicYKOOpcTRT9sCogvw; Max-Age=2592000; Expires=Wed, 15 Feb 2023 09:46:55 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQItkDCg-j-iTAAAAYW5-YQHJN2_-FWj23s5jSOInMWEjfoUUtXYThJtnCYjDUEz_7xigyq0447ocsjMGi-Wiw; Max-Age=2592000; Expires=Wed, 15 Feb 2023 09:46:55 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&de5e606b-a761-4cc9-8f4b-b205fd500ee7"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 16-Jan-2024 09:46:55 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2445:u=1:x=1:i=1673862415:t=1673948815:v=2:sig=AQHuLhzWS0hzQ0_icBZ_SuKIBA0JOWtm"; Expires=Tue, 17 Jan 2023 09:46:55 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyXnarncDh3NBsi34quw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A489FF9568FA467BADCB238554CE5819 Ref B: OSL30EDGE0519 Ref C: 2023-01-16T09:46:55Z
date: Mon, 16 Jan 2023 09:46:55 GMT
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-329521-7&cid=1440945827.1673862416&jid=307466694&gjid=1972322252&_gid=835421692.1673862416&_u=YCDACEAABAAAACAAI~&z=120230914
173.194.222.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-329521-7&cid=1440945827.1673862416&jid=307466694&gjid=1972322252&_gid=835421692.1673862416&_u=YCDACEAABAAAACAAI~&z=120230914
IP 173.194.222.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-329521-7&cid=1440945827.1673862416&jid=307466694&gjid=1972322252&_gid=835421692.1673862416&_u=YCDACEAABAAAACAAI~&z=120230914 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://cloudme02.infosalons.biz
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 79c7e8f1dba83a668aba9915d401d155
5cbd1004b4f1b13e7b183c9da9cc7766cd4da0fe
f5d6f5b41fa3adb987ae07affb3068a21d0279425595a2b9b9d33192e7dd73c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5713
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:46:55 GMT
Last-Modified: Mon, 16 Jan 2023 08:11:42 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 312
t.co/i/adsct?bci=3&eci=2&event_id=3ccf0a7f-3c97-4e27-ab1c-9a4966052656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f643f73-5370-4b3b-a6d7-d39dd8d1ae3e&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=3ccf0a7f-3c97-4e27-ab1c-9a4966052656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f643f73-5370-4b3b-a6d7-d39dd8d1ae3e&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=3ccf0a7f-3c97-4e27-ab1c-9a4966052656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f643f73-5370-4b3b-a6d7-d39dd8d1ae3e&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:46:54 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=b0ce40ce-279c-4950-8d27-cc8c80fa781a; Max-Age=63072000; Expires=Wed, 15 Jan 2025 09:46:55 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 1af27236f62b2ff9
strict-transport-security: max-age=0
x-response-time: 103
x-connection-hash: ee0baaf7248287aec58ddecfdc6dd93f31e4ae0e2361d09268660ccb7dd783e8
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673862415955%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dedm-registration%2526utm_campaign%253Dshow-opens-tomorrow-edm-registration%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673862415955%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dedm-registration%2526utm_campaign%253Dshow-opens-tomorrow-edm-registration%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D34867%252C1474348%252C1917433%26time%3D1673862415955%26url%3Dhttps%253A%252F%252Fcloudme02.infosalons.biz%252Freg%252FISDU23DU%252FVisitor%253Futm_source%253Dvisprom%2526utm_medium%253Dedm-registration%2526utm_campaign%253Dshow-opens-tomorrow-edm-registration%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudme02.infosalons.biz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673862415955&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&3c22d52c-6fc6-4d98-82dc-b2f08cfc5ab2"; Domain=.linkedin.com; Expires=Tue, 16-Jan-2024 09:46:55 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2023011609465577b26384-8925-4b9a-851a-9c2de896fbaeAQFI2wBtgJ1WM_g7J8k0UShGk59aFA3u"; Domain=.www.linkedin.com; Expires=Tue, 16-Jan-2024 09:46:55 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzM4NjI0MTU7MjswMjHW/ZxxhEuY+ktaJmRWZ8mgLRGuC2eIzQ6BBO1D6ybSBQ==; Domain=.linkedin.com; Expires=Sat, 15 Jul 2023 09:46:55 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2445:u=1:x=1:i=1673862415:t=1673948815:v=2:sig=AQHuLhzWS0hzQ0_icBZ_SuKIBA0JOWtm"; Expires=Tue, 17 Jan 2023 09:46:55 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyXnauR+Seh+tf92Nqmg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: DEB64521CBAC47E0AABFD92F438CBFD7 Ref B: OSL30EDGE0519 Ref C: 2023-01-16T09:46:55Z
date: Mon, 16 Jan 2023 09:46:55 GMT
content-length: 0
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-D86YXF4B58>m=2oe1a1&_p=688832724&_gaz=1&cid=1440945827.1673862416&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1673862415&sct=1&seg=0&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&dt=Welcome%20%7C%20Intersec%202023&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-D86YXF4B58>m=2oe1a1&_p=688832724&_gaz=1&cid=1440945827.1673862416&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1673862415&sct=1&seg=0&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&dt=Welcome%20%7C%20Intersec%202023&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-D86YXF4B58>m=2oe1a1&_p=688832724&_gaz=1&cid=1440945827.1673862416&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1673862415&sct=1&seg=0&dl=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&dt=Welcome%20%7C%20Intersec%202023&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://cloudme02.infosalons.biz
date: Mon, 16 Jan 2023 09:46:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3ccf0a7f-3c97-4e27-ab1c-9a4966052656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f643f73-5370-4b3b-a6d7-d39dd8d1ae3e&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=3ccf0a7f-3c97-4e27-ab1c-9a4966052656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f643f73-5370-4b3b-a6d7-d39dd8d1ae3e&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=3ccf0a7f-3c97-4e27-ab1c-9a4966052656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=0f643f73-5370-4b3b-a6d7-d39dd8d1ae3e&tw_document_href=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvc8p&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:46:55 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_+EtwQzkJFr9/J2GooaDPwQ=="; Max-Age=63072000; Expires=Wed, 15 Jan 2025 09:46:55 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 2954d1307fa50be9
strict-transport-security: max-age=631138519
x-response-time: 104
x-connection-hash: 79d163b6b2d3651809efaf1609b3b23c5e732ac07eee1b10d1607b7f9e008dbb
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673862415955&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673862415955&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=34867%2C1474348%2C1917433&time=1673862415955&url=https%3A%2F%2Fcloudme02.infosalons.biz%2Freg%2FISDU23DU%2FVisitor%3Futm_source%3Dvisprom%26utm_medium%3Dedm-registration%26utm_campaign%3Dshow-opens-tomorrow-edm-registration&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cloudme02.infosalons.biz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&79dae1d7-04a7-4d16-8f20-d6bb49adc960"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 16-Jan-2024 09:46:55 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2468:u=1:x=1:i=1673862415:t=1673948815:v=2:sig=AQENOx8IJZmuwOKxo6sOsyAlKeECo4r3"; Expires=Tue, 17 Jan 2023 09:46:55 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXyXnaw538lbs+M51/6UQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 14FD21E927974D6BA003DA26F49EFD5F Ref B: OSL30EDGE0519 Ref C: 2023-01-16T09:46:55Z
date: Mon, 16 Jan 2023 09:46:55 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10041
Expires: Mon, 16 Jan 2023 12:34:17 GMT
Date: Mon, 16 Jan 2023 09:46:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10041
Expires: Mon, 16 Jan 2023 12:34:17 GMT
Date: Mon, 16 Jan 2023 09:46:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a14364fe2ad784ef5db2ea66dcf18dba
3274bc2a0b6e41d6f44e31ab0e233f79677079d3
40ffbf3dd157214eb918c6babf69b94f657f354337001f0b7e06930bf6a47aae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7291
x-amzn-requestid: 153fdafd-e094-4261-8202-065208ed543e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOMGuxoAMFkJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725a-68ba19037f23dae033513080;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dCzcLSv-R9QxYnx_d6iQJBWnYuZIIsHlwdKj4N_8yNlNHiSQ7RDDVQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:45:02 GMT
age: 43314
etag: "3274bc2a0b6e41d6f44e31ab0e233f79677079d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f0659c5-1455-4203-aa61-f1bb301688cd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f0659c5-1455-4203-aa61-f1bb301688cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9768b1bb9048d23c6a631e153b47ab04
741da16203215f9d52e476214b1bdef332961a35
750b57d8c95b025da617f005eef0e3bf685f7778e8e039f70015d7bfb810cb3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f0659c5-1455-4203-aa61-f1bb301688cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11040
x-amzn-requestid: 8d0ff3db-efbc-41ff-abd9-4f328129cfd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eroNIFEtIAMFS8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c153ed-138d582e22acee7017e9d4e9;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 12:51:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gyoizb63vbxozvOs7WjPmHHB-O1iGBA_xBzTEoHqp9XGiqnPyQImGg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:03:42 GMT
age: 42194
etag: "741da16203215f9d52e476214b1bdef332961a35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7917592de9f2ddbe7d3a7fa7f3d4d62
866b04ce93a30369d7cb0a6d2155a8b10292507f
da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 42827
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 542f87ebb35e170451b610e4b700bcb1
2259cdebacc4c9f07aad838eec494863d4273ad1
85001f2cf33f3fc98d4cdcc7aef38611e34aea3a791d8acb0a5946c4619398eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5766
x-amzn-requestid: b6a8d7ee-ff35-4720-8d2e-ba2b8db6edfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP4GDQIAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-6022a62f69d8f938458d18a0;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YcIDYSEtEIIfGauNxD9V1tuSCAPDq9OaaAATRTOC3Sjlb-72IA0ScQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:02:24 GMT
age: 42272
etag: "2259cdebacc4c9f07aad838eec494863d4273ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4fcbed1f27bccb1f8b6fe4c9efde16f
2b2b272f1712319a5de86f8fac3f73b23e5ef4b0
d33384b6a4f1f5a5ee73643dd86161fe59dfe9d27af4483ffef2e28693e62ee6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3845
x-amzn-requestid: 4b8fa830-dad5-4f44-addd-2fcee42f417e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: excEMFt1oAMFeOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a6e7-703ffebe0297428c35eabdb6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:10:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wMmYR9yEPelW_Q5_tnImorkseC1tr0EcDvNHeYBpNWB6l47og9HC5Q==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 04:54:34 GMT
age: 17542
etag: "2b2b272f1712319a5de86f8fac3f73b23e5ef4b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f9856e4a4461fb58b07a0202bded19e
8ff627a2fe99aaf07ec035d4a1efbf85835491e4
013181b036009effe9e2cf8e43965aa34ac68f8d1fcfcaac620441b00b26759f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6559
x-amzn-requestid: 2077d9af-6d78-4811-9526-2be067f54bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbLfE0pIAMFS7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47249-66bae56324858b0778530aeb;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7U9q5ecOsAOG_pyzfc4kThdaTReeTP_MRP0CH5eRj6a1Pqts6Oki3w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:19 GMT
age: 42757
etag: "8ff627a2fe99aaf07ec035d4a1efbf85835491e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
143.204.55.87200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 143.204.55.87:0
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 16 Jan 2023 00:12:40 GMT
access-control-allow-origin: *
cache-control: public, max-age=39344
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4JU16m07D50vQOk-UtrG-XfPRQwjf_gL72zuy4rMHX4zVV2ogPckNA==
age: 34455
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
143.204.55.87200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 143.204.55.87:0
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 16 Jan 2023 00:12:40 GMT
access-control-allow-origin: *
cache-control: public, max-age=39344
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bPqRafXw8M24bwFECkz0xTapQliuI1LYx4aNeHOwcpjsMNyBq6qt1A==
age: 34455
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
143.204.55.87200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 143.204.55.87:0
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 16 Jan 2023 00:12:40 GMT
access-control-allow-origin: *
cache-control: public, max-age=39344
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ezE-IVoSKd9ckyXus-12c9-_2l2wE97AcUeXmDcgIlFsijW6KCxorw==
age: 34455
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
143.204.55.87200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token
IP 143.204.55.87:0
GET /partner/1474348,1917433,34867/domain/cloudme02.infosalons.biz/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cloudme02.infosalons.biz
Connection: keep-alive
Referer: https://cloudme02.infosalons.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 16 Jan 2023 00:12:40 GMT
access-control-allow-origin: *
cache-control: public, max-age=39344
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xJuZPE0EaG1y_l1sY3h02DY1u-FuKh5PmW66IdF8wk7Ael3i3sJRDg==
age: 34455
X-Firefox-Spdy: h2
quarkphysics.ca/ICS3U1/javaprogs/EclipsePortable-oxygen.zip
52.86.248.232200 OK 0 B URL HTTP/1.1 quarkphysics.ca/ICS3U1/javaprogs/EclipsePortable-oxygen.zip
IP 52.86.248.232:0
GET /ICS3U1/javaprogs/EclipsePortable-oxygen.zip HTTP/1.1
Host: quarkphysics.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:46:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 08 May 2020 23:37:43 GMT
ETag: "95cb592-5a52b7bd09fc0"
Accept-Ranges: bytes
Content-Length: 157070738
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/zip