r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15159
Expires: Wed, 30 Nov 2022 13:12:47 GMT
Date: Wed, 30 Nov 2022 09:00:08 GMT
Connection: keep-alive
tracking.dandeliontakeover.com/tracking/click?d=DLyP-zp4c_RRQRN0TOXrWJBTsplwRRdgw_3RAThOjBz_Wn906aJ1hl-faLkffO1rFqbvIKRUR9iqQOAKa4tL1EIXxpjU6jcip4RleTRkxi_nUbBswOUm4KHw-p7_wjnqObSsSlorlZXygq1dT0lDS3AwwAo186ULf6aBiWWBWIcj42RoU9YNaVu-gZOs8utzQNpSIGu0y0DTjkAJVTkNsWeOhL4F5g5F2sJp6bTclhbr1i3PO9fcME5IPA9Z9PA-kyaBgm9BN3xC8a2ImZ_Q3iY1
46.105.88.234302 Found 239 B URL HTTP/1.1 tracking.dandeliontakeover.com/tracking/click?d=DLyP-zp4c_RRQRN0TOXrWJBTsplwRRdgw_3RAThOjBz_Wn906aJ1hl-faLkffO1rFqbvIKRUR9iqQOAKa4tL1EIXxpjU6jcip4RleTRkxi_nUbBswOUm4KHw-p7_wjnqObSsSlorlZXygq1dT0lDS3AwwAo186ULf6aBiWWBWIcj42RoU9YNaVu-gZOs8utzQNpSIGu0y0DTjkAJVTkNsWeOhL4F5g5F2sJp6bTclhbr1i3PO9fcME5IPA9Z9PA-kyaBgm9BN3xC8a2ImZ_Q3iY1
IP 46.105.88.234:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 93955f0ca610b5996943b547b5a2d730
3d5a26e69a15959d1b787112c549b513bd7753c8
c041cc4133ec368af27fc3050ab2d83086f8424f6276420ce9937d1687bce08b
Analyzer Verdict Alert fortinet Phishing
GET /tracking/click?d=DLyP-zp4c_RRQRN0TOXrWJBTsplwRRdgw_3RAThOjBz_Wn906aJ1hl-faLkffO1rFqbvIKRUR9iqQOAKa4tL1EIXxpjU6jcip4RleTRkxi_nUbBswOUm4KHw-p7_wjnqObSsSlorlZXygq1dT0lDS3AwwAo186ULf6aBiWWBWIcj42RoU9YNaVu-gZOs8utzQNpSIGu0y0DTjkAJVTkNsWeOhL4F5g5F2sJp6bTclhbr1i3PO9fcME5IPA9Z9PA-kyaBgm9BN3xC8a2ImZ_Q3iY1 HTTP/1.1
Host: tracking.dandeliontakeover.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.dandeliontakeover.com/campaigns/de433x8jom486/track-url/hk398xegrcd47/c8a671e8927f7a20b50adb7843731fe1544ebfe5
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-ElasticEmail-ApiKey, X-ElasticEmail-BrowserToken, X-ElasticEmail-ImpersonateAs
Access-Control-Expose-Headers: X-ElasticEmail-BrowserToken, X-Total-Count, X-ElasticEmail-AccessToken
X-Robots-Tag: noindex, nofollow
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 30 Nov 2022 09:00:07 GMT
Content-Length: 239
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3492
Cache-Control: max-age=95355
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:08 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:29:23 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13039
Expires: Wed, 30 Nov 2022 12:37:27 GMT
Date: Wed, 30 Nov 2022 09:00:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 08:18:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2528
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jJs8YwsR744O1h4iScOfxgVeZXKb4Te/jT5HcLMP3ZbTrxg1Hr/2xreBD9NGUw/QzYwJscD8Ofo=
x-amz-request-id: 1WY2Y0XSECWXGCJ2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 08:45:48 GMT
age: 860
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 09:00:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf50282abbf58b7458f92db8cfd24349
93bf2f128a98044f58b8b3da72ca96bc05532d4f
8b105eb82ffa0f2d8a051435dfdb969c203787d0c7207ab12f73e48970282efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B105EB82FFA0F2D8A051435DFDB969C203787D0C7207AB12F73E48970282EFA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14412
Expires: Wed, 30 Nov 2022 13:00:20 GMT
Date: Wed, 30 Nov 2022 09:00:08 GMT
Connection: keep-alive
www.dandeliontakeover.com/campaigns/de433x8jom486/track-url/hk398xegrcd47/c8a671e8927f7a20b50adb7843731fe1544ebfe5
178.33.166.9301 Moved Permanently 0 B URL HTTP/1.1 www.dandeliontakeover.com/campaigns/de433x8jom486/track-url/hk398xegrcd47/c8a671e8927f7a20b50adb7843731fe1544ebfe5
IP 178.33.166.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /campaigns/de433x8jom486/track-url/hk398xegrcd47/c8a671e8927f7a20b50adb7843731fe1544ebfe5 HTTP/1.1
Host: www.dandeliontakeover.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.0
Date: Wed, 30 Nov 2022 09:00:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.27
X-XSS-Protection: 1; mode=block
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 30 Nov 2022 09:00:08 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://engage.freshmarketadvantage.com/aff_c?offer_id=299&aff_id=4&aff_sub=DLTTCS109&aff_sub2=edwin.wilson@vlses.com&aff_sub3=123&aff_sub4=4145&aff_sub5=perryfinances.com&email=edwin.wilson@vlses.com
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 08:11:14 GMT
cache-control: public,max-age=3600
age: 2934
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 2e772f288eeafe58b42f2c7cd373ab7a
66a9e57bab0e6ccab1d79cd97624e462c5ed376e
e4d9d1fe9e6a3b20e67da911fa559dfb959c1a66e2c339199064c16fb8d5d753
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135778
Date: Wed, 30 Nov 2022 09:00:08 GMT
Etag: "63868afa-1d7"
Expires: Thu, 01 Dec 2022 22:43:06 GMT
Last-Modified: Tue, 29 Nov 2022 22:43:06 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ppajUraeOloMAVsbAa6seS9bEbr2HQJPnJ71iiDlfzKnMNGq8TZGUw==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3492
Cache-Control: max-age=90291
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:09 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:05:00 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
engage.freshmarketadvantage.com/aff_c?offer_id=299&aff_id=4&aff_sub=DLTTCS109&aff_sub2=edwin.wilson@vlses.com&aff_sub3=123&aff_sub4=4145&aff_sub5=perryfinances.com&email=edwin.wilson@vlses.com
99.81.210.173302 Found 329 B URL HTTP/1.1 engage.freshmarketadvantage.com/aff_c?offer_id=299&aff_id=4&aff_sub=DLTTCS109&aff_sub2=edwin.wilson@vlses.com&aff_sub3=123&aff_sub4=4145&aff_sub5=perryfinances.com&email=edwin.wilson@vlses.com
IP 99.81.210.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f88871f3267b6c8ca91196fc34901e2b
9346d2537cb98e05f1991408df070205a80f4bbd
aedea03a25ebfd65d2e6b925b3bc0428d51f741a6502a4ba3126642cfd972df6
GET /aff_c?offer_id=299&aff_id=4&aff_sub=DLTTCS109&aff_sub2=edwin.wilson@vlses.com&aff_sub3=123&aff_sub4=4145&aff_sub5=perryfinances.com&email=edwin.wilson@vlses.com HTTP/1.1
Host: engage.freshmarketadvantage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 30 Nov 2022 09:00:09 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 329
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://dfgtrk5.com/geytmny?affid=1017&firstName=&lastName=&email=&zip=&s1=4&s2=102e26e366758e58625892eead8135&s3=299
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_299=ENC03365a63199f68cb859087df8e9ad5ca72d2782d76b6e694167c4e05599563f0694a8bc0b706146073632b2806f0f676346ac451e53e2e306e55442c57081a1bbd19e62daad9410ce8b6342320f773ee0fe5a02fc86015aa20ea44afb73678a0d2784692d2710c17830e129d70daf50e570942f3a48dec328922fcf349492aa9410c7ce645b8113f518f369aeb59f1c4f9146e181070ef791fd4c60630ce647a0e0cedfcb7; expires=Fri, 30 Dec 2022 09:00:09 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Fri, 24 Oct 2025 19:40:09 GMT; path=/; SameSite=None; Secure
Tracking_id: 102e26e366758e58625892eead8135
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: 701ddbab38c57b752a37c03dbf67e804
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.pki.goog/s/gts1d4/52c_cNxqLlY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/52c_cNxqLlY
IP 142.250.74.131:0
Hash 20c1328d0c82be714728f66a78109d08
a18634b1bd09967d89d976ce9e8dbd86487a9e30
dd41608408d14a925416a9ad68d740b165151d345b79bd6d453e27f2081c36fa
POST /s/gts1d4/52c_cNxqLlY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dfgtrk5.com/geytmny?affid=1017&firstName=&lastName=&email=&zip=&s1=4&s2=102e26e366758e58625892eead8135&s3=299
34.102.181.184302 Found 0 B URL HTTP/2 dfgtrk5.com/geytmny?affid=1017&firstName=&lastName=&email=&zip=&s1=4&s2=102e26e366758e58625892eead8135&s3=299
IP 34.102.181.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /geytmny?affid=1017&firstName=&lastName=&email=&zip=&s1=4&s2=102e26e366758e58625892eead8135&s3=299 HTTP/1.1
Host: dfgtrk5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
location: https://lincoln--financial.com/?affid=1017&cid=1167&email=&firstName=&lastName=&s1=4&s2=102e26e366758e58625892eead8135&s3=299&zip=
content-length: 0
date: Wed, 30 Nov 2022 09:00:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/52c_cNxqLlY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/52c_cNxqLlY
IP 142.250.74.131:0
Hash 20c1328d0c82be714728f66a78109d08
a18634b1bd09967d89d976ce9e8dbd86487a9e30
dd41608408d14a925416a9ad68d740b165151d345b79bd6d453e27f2081c36fa
POST /s/gts1d4/52c_cNxqLlY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:09 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.169.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.169.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: umSL/3vlly769otIjFhq8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TnCTM+zDksX2/MnArUHeXm7785E=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f75975a33707977fdd923278e0325d9
8bc88a42d054bd75e36229d9f263f4ef0c49d660
f1056d9c9e39cfaba55c3c0b8b01c7039c2cd774692098e9ec9a2b21bb154445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1056D9C9E39CFABA55C3C0B8B01C7039C2CD774692098E9EC9A2B21BB154445"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21532
Expires: Wed, 30 Nov 2022 14:59:01 GMT
Date: Wed, 30 Nov 2022 09:00:09 GMT
Connection: keep-alive
lincoln--financial.com/?affid=1017&cid=1167&email=&firstName=&lastName=&s1=4&s2=102e26e366758e58625892eead8135&s3=299&zip=
34.121.35.39200 1.7 kB URL HTTP/1.1 lincoln--financial.com/?affid=1017&cid=1167&email=&firstName=&lastName=&s1=4&s2=102e26e366758e58625892eead8135&s3=299&zip=
IP 34.121.35.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5738), with no line terminators
Hash beb4d7c0a1ca2f6982556a3718ed91f7
d67fc040cea13e32ae33838ceabd6cec3b520884
d0276edffcd33252d3441a7213f550235b37fd2cf1fdafdde63092cc49e959ac
GET /?affid=1017&cid=1167&email=&firstName=&lastName=&s1=4&s2=102e26e366758e58625892eead8135&s3=299&zip= HTTP/1.1
Host: lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200
set-cookie: Authorization=AAG50KTUP140jnCifFgK-61foAfNBoM8Qlw6iZqPRh0hVuJlutP8Xyp7no2EVkOuyB4=; Max-Age=1800; Expires=Wed, 30-Nov-2022 09:30:09 GMT; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
vary: accept-encoding
content-encoding: gzip
content-type: text/html;charset=UTF-8
content-language: en-US
transfer-encoding: chunked
date: Wed, 30 Nov 2022 09:00:09 GMT
assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/polyfills-es2015.cd6e3c3b1a9cd4d4225c.js
35.244.158.48200 OK 22 kB URL HTTP/2 assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/polyfills-es2015.cd6e3c3b1a9cd4d4225c.js
IP 35.244.158.48:0
File type ASCII text, with very long lines (65307), with no line terminators
Hash b6d49bec1525de3153a78267b6f62d20
641c20d4d0130c28a2e3c2b58bd42c21db51fb79
93a0e328c8cc20640998534dbabac4ea7f79c1e47fcb458630018db5df4a8b34
GET /t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/polyfills-es2015.cd6e3c3b1a9cd4d4225c.js HTTP/1.1
Host: assets.lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduMrPVkNpQaoK0GycXUXrxdeQp8fuXItE1DdRIzN4SVw1Eqf2U6ibLRP-VCf_2n9oGrVx9Sp8iY5d-zCjjTjovoHQ
x-goog-generation: 1668703553729329
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 22110
content-encoding: gzip
x-goog-hash: crc32c=KEDNlQ==, md5=ttSb7BUl3jFTp4JntvYtIA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 22110
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 29 Nov 2022 22:16:08 GMT
expires: Wed, 29 Nov 2023 22:16:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Nov 2022 16:45:53 GMT
etag: "b6d49bec1525de3153a78267b6f62d20"
content-type: text/javascript
age: 38642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/style/style.css
35.244.158.48200 OK 24 kB URL HTTP/2 assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/style/style.css
IP 35.244.158.48:0
File type ASCII text, with very long lines (63482)
Hash bb68d3efa4a8c8264c708a89f737fa44
0883bba398c1580ead74a9946d24714659013bac
1c601bb6308649bd552596e96aef6bfb02ec78466be4c590106005a906ad3bc3
GET /t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/style/style.css HTTP/1.1
Host: assets.lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduFn2mz72xObOjIJhVudYkqRZ6s4lgymUmLvc1FW6J9RK-0dvd5to911zk6tQbpSmfkUBCQ8QPIJa6ImjeV9a6cw6qMP-K9
x-goog-generation: 1668703574469221
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 23959
content-encoding: gzip
x-goog-hash: crc32c=MN9BJA==, md5=u2jT76SoyCZMcIqJ9zf6RA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 23959
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
server: UploadServer
date: Tue, 29 Nov 2022 19:27:38 GMT
expires: Wed, 29 Nov 2023 19:27:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Nov 2022 16:46:14 GMT
etag: "bb68d3efa4a8c8264c708a89f737fa44"
content-type: text/css
age: 48752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f75975a33707977fdd923278e0325d9
8bc88a42d054bd75e36229d9f263f4ef0c49d660
f1056d9c9e39cfaba55c3c0b8b01c7039c2cd774692098e9ec9a2b21bb154445
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1056D9C9E39CFABA55C3C0B8B01C7039C2CD774692098E9EC9A2B21BB154445"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21531
Expires: Wed, 30 Nov 2022 14:59:01 GMT
Date: Wed, 30 Nov 2022 09:00:10 GMT
Connection: keep-alive
assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/main-es2015.83438bf88429b0f2b00a.js
35.244.158.48200 OK 241 kB URL HTTP/2 assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/main-es2015.83438bf88429b0f2b00a.js
IP 35.244.158.48:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 241 kB (240933 bytes)
Hash 16c7d3c07a1d55647a63d6436c7fdc18
4581e060b71ef2973fa55384a910325f18c27742
3f11d79bcbb3ab0faafa170286095668bb7aa465d4369c1075a8410e0f7db416
GET /t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/main-es2015.83438bf88429b0f2b00a.js HTTP/1.1
Host: assets.lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtIdPL9F7z0E1rbcVHyJAB9L7RwDYQyNPsuwB1ZEJkmk_j8ogNjkSI0N5wxjZF7TyW3-sqd24JLhHtFY1N39bTJNrAPdAMo
x-goog-generation: 1668703554040466
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 240933
content-encoding: gzip
x-goog-hash: crc32c=RTHw8w==, md5=FsfTwHodVWR6Y9ZDbH/cGA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 240933
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 29 Nov 2022 22:16:08 GMT
expires: Wed, 29 Nov 2023 22:16:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Nov 2022 16:45:54 GMT
etag: "16c7d3c07a1d55647a63d6436c7fdc18"
content-type: text/javascript
age: 38642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/runtime-es2015.af4f109700b3d26f5654.js
35.244.158.48200 OK 1.4 kB URL HTTP/2 assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/runtime-es2015.af4f109700b3d26f5654.js
IP 35.244.158.48:0
File type ASCII text, with very long lines (2657), with no line terminators
Hash 1e499468f326f2897ec8957b7b0f113e
739089c7178997adc658ffb75fad45961f49fea0
978c4570eef330a901388532ba889e2addf5912d73aed440c7e97dbd57a85927
GET /t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/runtime-es2015.af4f109700b3d26f5654.js HTTP/1.1
Host: assets.lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvCzdpCZFRIDlQUDs5CnLhe74J_HxXz1zlGsQPcynhgyvav8bo50G9rtEXkvF2Fk_GggClkKobl97pSYRw8xzXGTQ
x-goog-generation: 1668703553001118
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1423
content-encoding: gzip
x-goog-hash: crc32c=mMyKzg==, md5=HkmUaPMm8ol+yJV7ew8RPg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1423
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 29 Nov 2022 22:16:08 GMT
expires: Wed, 29 Nov 2023 22:16:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Nov 2022 16:45:53 GMT
etag: "1e499468f326f2897ec8957b7b0f113e"
content-type: text/javascript
age: 38642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/style.css
35.244.158.48200 OK 26 kB URL HTTP/2 assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/style.css
IP 35.244.158.48:0
File type ASCII text, with very long lines (63386)
Hash 1284bf675a7535d9144d723760d2013f
da1ce36670bbe4ebf4b7cd966b23f9d31213f83f
2923fb76f9b5edac5474fa2aa1429051eab135c33be1dee233ac28f709474f4a
GET /t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/style.css HTTP/1.1
Host: assets.lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtCRDkntnSld71bI0eOe10XSSSlr7x5C1CJakY6MiHtEDXO1joVrNeM78bhQ67_1ynRKH2PP4Q00D8T6YvD1G_a5kgGPb_8
date: Wed, 30 Nov 2022 09:00:10 GMT
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 09:00:10 GMT
last-modified: Thu, 17 Nov 2022 16:39:35 GMT
etag: "1284bf675a7535d9144d723760d2013f"
x-goog-generation: 1668703175421056
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 25815
content-type: text/css
content-encoding: gzip
x-goog-hash: crc32c=gjY8FA==, md5=EoS/Z1p1NdkUTXI3YNIBPw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 25815
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:00:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:00:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:00:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:00:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12222
Expires: Wed, 30 Nov 2022 12:23:52 GMT
Date: Wed, 30 Nov 2022 09:00:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f621857774e4b4adda95f58081644859
639165dc66d171b8266f22cd495181427112bc80
341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ec2HkhHmHE2ddGBpLsJ5Rn7SCMjyR5kzaTyrguDoI9xOohgsCi08CQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 40544
etag: "639165dc66d171b8266f22cd495181427112bc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 23:32:45 GMT
age: 34045
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8825a2c5c0d98323f489e0b816b7f1d8
05f46985ea4ace57460120876da8e19db08857b3
1d12590a78b32146d6f1d107fb93bdb6cb45228d15babd087c0111495d7138e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48df8a6f-5803-4ce0-ab84-1efc8ca3e251.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 67e1ba67-b4fb-42c8-985d-f34164101c7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhIGGtloAMFxjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcd-295995bb1123430c55659fe3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d64lSE184IwrwZKVC8KOUINEBclth9b7xRGV9T1uNfAptgXz0bxKhw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:14:25 GMT
age: 38745
etag: "05f46985ea4ace57460120876da8e19db08857b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 38918
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rtfl896JX35oFFEVmqyH9Nm62iSY6rqwzkLwZMcM45p_ySF6J2QwEQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:47 GMT
age: 40523
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 40524
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.pushnami.com/scripts/v1/pushnami-adv/5c82d7a1e6a9e91b9f3985a3
54.230.111.113200 OK 49 kB URL HTTP/2 api.pushnami.com/scripts/v1/pushnami-adv/5c82d7a1e6a9e91b9f3985a3
IP 54.230.111.113:0
Hash 7ec55df6a3e2e2c2636a777523271c16
0c6fdc2ec25336c426ce70e56a46c46a02a6434a
f109d56616e9ee40666c685ad9edfc1e65ec58a0cdb7a094a491056a474e2e18
GET /scripts/v1/pushnami-adv/5c82d7a1e6a9e91b9f3985a3 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 09:00:10 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5G399JlnuOk-2OzDNlGB2dC0peOEeEnyPC0zWDbQOC6HJ_PjL4hUkQ==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:08:51 GMT
expires: Tue, 28 Nov 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 129079
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lincoln--financial.com/service-worker.js
34.121.35.39200 90 B URL HTTP/1.1 lincoln--financial.com/service-worker.js
IP 34.121.35.39:0
File type ASCII text, with no line terminators
Hash ef830c565b5153fb21ca77577398dca8
33a0ab6e04a017ac67e2447b5ebfd38b38b9db23
ace45e9380d1dbaaa7e57860e1334e0cdd963e3345f6681ca6e7327acf27683a
GET /service-worker.js HTTP/1.1
Host: lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: Authorization=AAG50KTUP140jnCifFgK-61foAfNBoM8Qlw6iZqPRh0hVuJlutP8Xyp7no2EVkOuyB4=
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Thu, 17 Nov 2022 16:42:54 GMT
accept-ranges: bytes
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
content-type: application/javascript;charset=UTF-8
content-language: en-US
content-length: 90
date: Wed, 30 Nov 2022 09:00:10 GMT
assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/env.json
35.244.158.48200 OK 384 B URL HTTP/2 assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/env.json
IP 35.244.158.48:0
File type JSON data\012- , ASCII text
Hash c89155a24e8eaf505fc7d45b6234c406
136ee75842b19931486d585d75fa6c7fb3a5be66
d3c934318b247006b665079d34cfb634af75d2dbc279d5a9a6ae2bd2e457c90b
GET /t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/env.json HTTP/1.1
Host: assets.lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvIxIbdDoBnt7J92weJZDofNY2NK3FIrjYJ6qSGzN_WrNOwZHLhh-mPPPkt6VgXzr3V1G-xP-WSH4f7v5WSnjy6TQxd_mOy
date: Wed, 30 Nov 2022 09:00:10 GMT
cache-control: public, max-age=31536000
expires: Thu, 30 Nov 2023 09:00:10 GMT
last-modified: Thu, 17 Nov 2022 16:39:39 GMT
etag: "c89155a24e8eaf505fc7d45b6234c406"
x-goog-generation: 1668703179515846
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 384
content-type: application/json
content-encoding: gzip
x-goog-hash: crc32c=2lgQrQ==, md5=yJFVok6Or1Bfx9RbYjTEBg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 384
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/env.json
35.244.158.48200 OK 384 B URL HTTP/2 assets.lincoln--financial.com/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/env.json
IP 35.244.158.48:0
File type JSON data\012- , ASCII text
Hash c89155a24e8eaf505fc7d45b6234c406
136ee75842b19931486d585d75fa6c7fb3a5be66
d3c934318b247006b665079d34cfb634af75d2dbc279d5a9a6ae2bd2e457c90b
GET /t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/env.json HTTP/1.1
Host: assets.lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvIxIbdDoBnt7J92weJZDofNY2NK3FIrjYJ6qSGzN_WrNOwZHLhh-mPPPkt6VgXzr3V1G-xP-WSH4f7v5WSnjy6TQxd_mOy
x-goog-generation: 1668703179515846
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 384
content-encoding: gzip
x-goog-hash: crc32c=2lgQrQ==, md5=yJFVok6Or1Bfx9RbYjTEBg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 384
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Wed, 30 Nov 2022 09:00:10 GMT
expires: Thu, 30 Nov 2023 09:00:10 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Nov 2022 16:39:39 GMT
etag: "c89155a24e8eaf505fc7d45b6234c406"
content-type: application/json
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-128685315-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-128685315-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 3d6493c4b96a58b6015e082b2ac1f391
4f2bca2e0923d0693071c37c9afafd76b85d0357
effdbdf790a1eb7afba03f4c7d32c3bb0cfc91f4ea88724743aa2f1a28fde806
GET /gtag/js?id=UA-128685315-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 09:00:11 GMT
expires: Wed, 30 Nov 2022 09:00:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44718
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.pushnami.com/api/push/track
35.170.173.209204 No Content 0 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 35.170.173.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Referer: https://lincoln--financial.com/
Origin: https://lincoln--financial.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 30 Nov 2022 09:00:11 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments//lincoln--financial.com/images/lm-desk
151.101.193.137200 OK 3.7 kB URL HTTP/2 res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments//lincoln--financial.com/images/lm-desk
IP 151.101.193.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 47844cb5443dc5aba09a1c049bb2f44b
e90e51b74b397f75ddd358007b24cfa89ea30351
4a1fc69553d0d8137f28320b07f8fd5be40f6d1cfaaa9b99f27458db35d8c985
GET /dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments//lincoln--financial.com/images/lm-desk HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.lincoln--financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="lm-desk.webp"
content-type: image/webp
etag: "47844cb5443dc5aba09a1c049bb2f44b"
last-modified: Thu, 17 Nov 2022 17:32:00 GMT
date: Wed, 30 Nov 2022 09:00:11 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-11-30T09:00:11.334Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 3742
X-Firefox-Spdy: h2
res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments//lincoln--financial.com/images/bg-desktop
151.101.193.137200 OK 63 kB URL HTTP/2 res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments//lincoln--financial.com/images/bg-desktop
IP 151.101.193.137:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2048x1365, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df3be45f058e4cd80fa75805bae0f9e6
63a4ad1cdaeaa7d95849e2c6a45c40fc05d7b85c
674d1a4e32009e57fc23a34eaab25299303c1d91998448cf56457f63a9cac317
GET /dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments//lincoln--financial.com/images/bg-desktop HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.lincoln--financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="bg-desktop.webp"
content-type: image/webp
etag: "df3be45f058e4cd80fa75805bae0f9e6"
last-modified: Thu, 17 Nov 2022 17:32:02 GMT
date: Wed, 30 Nov 2022 09:00:11 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-11-30T09:00:11.337Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 62670
X-Firefox-Spdy: h2
res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/images/logo-form
151.101.193.137200 OK 2.0 kB URL HTTP/2 res.cloudinary.com/dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/images/logo-form
IP 151.101.193.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e82280f9f110a7309b70e0363f48a364
6f3e0468808f36678d49b32fb1c45514bb6d9611
32d120a3c229d06e80f31ec233798f8c47000aa8311b2458517fa8b44c4c69c0
GET /dbtcg826q/image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/environments/lincoln--financial.com/images/logo-form HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="logo-form.webp"
content-type: image/webp
etag: "e82280f9f110a7309b70e0363f48a364"
last-modified: Thu, 17 Nov 2022 17:32:01 GMT
date: Wed, 30 Nov 2022 09:00:11 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-11-30T09:00:11.340Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 2008
X-Firefox-Spdy: h2
res.cloudinary.com/dbtcg826q//image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/defaultImages/seal-ola
151.101.193.137200 OK 6.2 kB URL HTTP/2 res.cloudinary.com/dbtcg826q//image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/defaultImages/seal-ola
IP 151.101.193.137:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2b7deec9097a2ce2e324b836e7c06d90
4ed7c7ad6b60d1561e6eb998161eb45b47201539
d2d1aff262fa609da293127959bdb5bb415cbaa722165b612ab53a13e44d8812
GET /dbtcg826q//image/upload/q_auto,f_auto/t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/defaultImages/seal-ola HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-disposition: inline; filename="seal-ola.webp"
content-type: image/webp
etag: "2b7deec9097a2ce2e324b836e7c06d90"
last-modified: Thu, 17 Nov 2022 17:30:47 GMT
date: Wed, 30 Nov 2022 09:00:11 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2022-11-30T09:00:11.344Z;desc=hit,rtt;dur=10
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 6216
X-Firefox-Spdy: h2
res.cloudinary.com/dbtcg826q//image/upload//t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/defaultImages/logo-ola
151.101.193.137200 OK 11 kB URL HTTP/2 res.cloudinary.com/dbtcg826q//image/upload//t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/defaultImages/logo-ola
IP 151.101.193.137:0
File type PNG image data, 175 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 79c49bbf1ebb397f9bdfac62c84ff457
12b00bf60796e164f4d5b8cded5f44f400e51aec
e774d5f44935441113829bba2ee81777c401e2d5fac92607a2b5b9965518e723
GET /dbtcg826q//image/upload//t7/d8ded721-b855-4cb8-a3ba-3dfe16a372e9/dist/dynamic/shared/defaultImages/logo-ola HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
etag: "79c49bbf1ebb397f9bdfac62c84ff457"
last-modified: Thu, 17 Nov 2022 17:30:47 GMT
date: Wed, 30 Nov 2022 09:00:11 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2022-11-30T09:00:11.371Z;desc=hit,rtt;dur=8
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 10608
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
216.58.207.227200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 27120, version 1.0\012- data
Hash 43e7d3f1dec74478587a2b3cfa272631
c065f24ac428353854ebd6715c49966fc4f4c762
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:15:32 GMT
expires: Wed, 29 Nov 2023 17:15:32 GMT
cache-control: public, max-age=31536000
age: 56679
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 27976, version 1.0\012- data
Hash 22907ce040431644b934b72a7c431a36
78863dfb62414fe1a73f64d7f7fbff63ebccb322
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
GET /s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:16:42 GMT
expires: Wed, 29 Nov 2023 17:16:42 GMT
cache-control: public, max-age=31536000
age: 56609
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
trc.pushnami.com/api/push/track
35.170.173.209200 OK 2 B URL HTTP/2 trc.pushnami.com/api/push/track
IP 35.170.173.209:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/push/track HTTP/1.1
Host: trc.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lincoln--financial.com/
content-type: application/x-www-form-urlencoded
key: 5c82d7a1e6a9e91b9f3985a3
Origin: https://lincoln--financial.com
Content-Length: 136
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:00:11 GMT
content-type: text/html; charset=utf-8
content-length: 2
access-control-allow-origin: *
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 08:41:08 GMT
expires: Wed, 30 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 1143
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lincoln--financial.com/favicon.ico
34.121.35.39404 136 B URL HTTP/1.1 lincoln--financial.com/favicon.ico
IP 34.121.35.39:0
File type JSON data\012- , ASCII text
Hash 1c1fbc89e1523c764881bbff58f4dbdb
e9e5722ef95a59e0968ce4f88352593e2993fc7f
57b1b4b62ff8e141781bdbf2a2f5a307d671edce55be773d18b7da6a8a25a0d7
GET /favicon.ico HTTP/1.1
Host: lincoln--financial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/?affid=1017&cid=1167&email=&firstName=&lastName=&s1=4&s2=102e26e366758e58625892eead8135&s3=299&zip=
Cookie: Authorization=AAG50KTUP140jnCifFgK-61foAfNBoM8Qlw6iZqPRh0hVuJlutP8Xyp7no2EVkOuyB4=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
expires: 0
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: application/json
transfer-encoding: chunked
date: Wed, 30 Nov 2022 09:00:10 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-128685315-1&cid=1575012551.1669798810&jid=339342117&gjid=1796374354&_gid=1794677697.1669798810&_u=YADAAUAAAAAAACAAI~&z=1017682130
74.125.131.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-128685315-1&cid=1575012551.1669798810&jid=339342117&gjid=1796374354&_gid=1794677697.1669798810&_u=YADAAUAAAAAAACAAI~&z=1017682130
IP 74.125.131.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-128685315-1&cid=1575012551.1669798810&jid=339342117&gjid=1796374354&_gid=1794677697.1669798810&_u=YADAAUAAAAAAACAAI~&z=1017682130 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lincoln--financial.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 09:00:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 09:00:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-Z1EMQ8T80Q>m=2oebs0&_p=1710850674&cid=1575012551.1669798810&ul=en-us&sr=1280x1024&_s=1&sid=1669798810&sct=1&seg=0&dl=https%3A%2F%2Flincoln--financial.com%2F&dt=Lincoln%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-Z1EMQ8T80Q>m=2oebs0&_p=1710850674&cid=1575012551.1669798810&ul=en-us&sr=1280x1024&_s=1&sid=1669798810&sct=1&seg=0&dl=https%3A%2F%2Flincoln--financial.com%2F&dt=Lincoln%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Z1EMQ8T80Q>m=2oebs0&_p=1710850674&cid=1575012551.1669798810&ul=en-us&sr=1280x1024&_s=1&sid=1669798810&sct=1&seg=0&dl=https%3A%2F%2Flincoln--financial.com%2F&dt=Lincoln%20Financial&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lincoln--financial.com
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lincoln--financial.com
date: Wed, 30 Nov 2022 09:00:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Libre+Baskerville:400,700|Raleway:500,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Baskerville:400,700|Raleway:500,700
IP 142.250.74.106:0
GET /css?family=Libre+Baskerville:400,700|Raleway:500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.lincoln--financial.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 09:00:10 GMT
date: Wed, 30 Nov 2022 09:00:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v1/hub
54.230.111.113200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v1/hub
IP 54.230.111.113:0
GET /scripts/v1/hub HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Wed, 30 Nov 2022 08:29:57 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z5EjP2DCgDgFDw01KizK8N4KvJ4QqBl9V7BLRbe7c-Ks6Gpf5S_iXA==
age: 1813
X-Firefox-Spdy: h2
api.pushnami.com/scripts/v2/pushnami-sw/59c9615ee0a569339ab972b7
54.230.111.113200 OK 0 B URL HTTP/2 api.pushnami.com/scripts/v2/pushnami-sw/59c9615ee0a569339ab972b7
IP 54.230.111.113:0
GET /scripts/v2/pushnami-sw/59c9615ee0a569339ab972b7 HTTP/1.1
Host: api.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lincoln--financial.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 30 Nov 2022 08:56:31 GMT
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MJFxhSIEiaQt_sS8njsktDRDXVDnpewbxD8irRrXRqdm_iyqjDn5uw==
age: 220
X-Firefox-Spdy: h2
psp.pushnami.com/api/psp
34.199.183.99200 OK 0 B IP 34.199.183.99:0
POST /api/psp HTTP/1.1
Host: psp.pushnami.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lincoln--financial.com/
content-type: application/x-www-form-urlencoded
key: 5c82d7a1e6a9e91b9f3985a3
Origin: https://lincoln--financial.com
Content-Length: 46
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 30 Nov 2022 09:00:11 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://lincoln--financial.com
access-control-allow-credentials: true
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2