Report - ims-na1.adobelogin.com/ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING

Report Overview

Submitted URL
ims-na1.adobelogin.com/ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force
IP
52.30.25.175
ASN
#16509 AMAZON-02
Submitted
2023-01-27 13:44:41
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ims-na1.adobelogin.com	3078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.2 kB	18.203.174.165
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
dpm.demdex.net	204	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	3.1 kB	34.255.210.6
p.typekit.net	620	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	371 B	95.101.11.112
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	79 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.189.35.180
sstats.adobe.com	2253	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	3.1 kB	13.37.25.97
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.5 kB	93.184.220.29
use.typekit.net	494	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	98 kB	23.36.76.186
static.adobelogin.com	20744	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	453 B	3.9 kB	54.230.110.53
auth.services.adobe.com	4973	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	912 B	54.230.111.25
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-27 13:44:32	medium	Client IP	5.252.118.36	ET INFO Dotted Quad Host DLL Request
2023-01-27 13:44:32	high	Client IP	5.252.118.36	ThreatFox botnet C2 traffic (url - confidence level: 100%)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code	8.7 kB	2023-03-13	2023-03-13
Pretty URL auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code IP 54.230.111.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:32:36 Last Seen2023-03-13 12:01:07 Times Seen1 Hash 9661df2eb72e4735b045c6bc25efa6f3 6abddb0d851ff72e59d86ab2821c677bb075ca28 3b06b3f0a2911e0b65348a354530f79b101087faddc83116f9b7b6c08492fc84 Loading...

	auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code	184 B	2023-03-07	2023-03-26
Pretty URL auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code IP 54.230.111.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:24:58 Last Seen2023-03-26 06:14:54 Times Seen3 Hash 233d7c62cab9d4a213d6d2c520df1655 eba077db8395fe028db536052fd2d8423394563b 3dc14692178651ce5afdc20974f01849a2c1e45444246f5bf5a92403c03f4810 Loading...

	use.typekit.net/ecr2zvs.js	17 kB	2023-03-07	2023-03-17
Pretty URL use.typekit.net/ecr2zvs.js IP 23.36.76.186 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:24:58 Last Seen2023-03-17 12:39:40 Times Seen1 Hash 01e116fbbdf173bffb332b93272c03ce c0b1cc07bb3926e288cc7910831832befc3f1294 67da84211a48701bade47082224249505f91c4124eb028670366014a240fb891 Loading...

	auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code	1.2 kB	2023-03-09	2024-05-08
Pretty URL auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code IP 54.230.111.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:24:47 Last Seen2024-05-08 13:47:41 Times Seen281 Hash e54f6fd94f2dcb8c5b960140cf6bb984 04e4d8257bf01ec79b4b8e55373ec8fe0a91343c 97963fb69edbaaf62ed03be8862747782a23ba13657f5b8dca0254602455674a Loading...

	auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code	528 B	2023-03-13	2024-05-08
Pretty URL auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code IP 54.230.111.25 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:32:36 Last Seen2024-05-08 13:47:41 Times Seen252 Hash 5779b3ffd1bcde5a830af694be3b08ec cc0f267cd0905b332c935bb4d27d5a7dcd0d9dbb cae0c46aca6d039cac46699d686ed531159ca9369b9015783f46c6528cd3be55 Loading...

HTTP Transactions (41)

	URL	IP	Response	Size
	ims-na1.adobelogin.com/ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=https://secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force	18.203.174.165	301 Moved Permanently	0 B
URL HTTP/1.1 ims-na1.adobelogin.com/ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=https://secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force IP 18.203.174.165:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=https://secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force HTTP/1.1 Host: ims-na1.adobelogin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 `HTTP/1.1 301 Moved Permanently location: https://ims-na1.adobelogin.com/ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=https://secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force date: Fri, 27 Jan 2023 13:44:29 GMT server: adobe content-length: 0`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5fe582397f3003b225cb9058e02c2190 68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f 238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19038 Expires: Fri, 27 Jan 2023 19:01:47 GMT Date: Fri, 27 Jan 2023 13:44:29 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 58ffdcb539c3b250fdf31ed761627fc1 5b55b1522ef84c39b5c42f9bbfbc62b806c1269f eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6853 Expires: Fri, 27 Jan 2023 15:38:42 GMT Date: Fri, 27 Jan 2023 13:44:29 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 27 Jan 2023 13:42:59 GMT content-type: application/json age: 90 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 49049f3c92aad686cd7ff28ecd2a5a4f 9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57 02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6237 Expires: Fri, 27 Jan 2023 15:28:26 GMT Date: Fri, 27 Jan 2023 13:44:29 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: 0hwNtorbnYFp8wTrs7ayj/R0oiHjT6JIz/lZc9GMFT9mPdBAjPs/jCTYjLcapsMnL5f3Wgomy9Q= x-amz-request-id: J93Y4AVG9AN6G32Z content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 27 Jan 2023 13:20:33 GMT age: 1436 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash b21dc78c199b6c9ee6037328fc9c6828 380daec8e019be5090a1371d49f7e6acdeadf64c 046fcc9368cd412ae0522b5300ddac0d394f15766b3089f5e741b21d942ba0c0 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3753 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 13:44:29 GMT Last-Modified: Fri, 27 Jan 2023 12:41:56 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 27 Jan 2023 13:44:29 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ims-na1.adobelogin.com/ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=https://secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force	18.203.174.165	302 Found	0 B
URL HTTP/2 ims-na1.adobelogin.com/ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=https://secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force IP 18.203.174.165:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ims/authorize/v1?client_id=EchoSign2&scope=openid&puser=tcorbin@slurpmail.net&redirect_uri=https://secure.na4.echosign.com/public/acceptMigrationOptionForShardConflict?token=CBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY&optionSelected=ARCHIVE_EXISTING_USER&reauth=force HTTP/1.1 Host: ims-na1.adobelogin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found content-type: text/html;charset=UTF-8 cache-control: no-store set-cookie: relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84; Path=/; Secure; SameSite=None ftrset=603; Path=/; Secure; HttpOnly; SameSite=None ftrset=603; Path=/; Secure; HttpOnly; SameSite=None p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" server: adobe location: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code vary: Accept-Encoding x-newrelic-app-data: PxQFUlRUCQsTUlFbBgkBXlYAFB9AMQYAZBBZDEtZV0ZaClc9HjJDEA1YUCIJDUxBXwgNB0VtGAcRRV5cEA8ZBxBKfydsERYeA0sJTQFPA1JWDg9UUVcBHwBIQwNSBARSAQRSClBRV1sBAFlAFF5VXkAAZA== x-debug-id: 8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84 strict-transport-security: max-age=31536000; includeSubDomains; preload content-language: en- content-length: 0 x-via: g-irl1,e-ew1 date: Fri, 27 Jan 2023 13:44:29 GMT X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 27 Jan 2023 12:49:03 GMT age: 3327 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 88b282c131bbb3a8cc795b6e1b69dcb0 38f9dffa797d509f9fe75c7dace9bbec9b122a91 f7186f7813499abd9816a4511195f4901828e55cfb09d646ca676ad7fe3ffb81 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6589 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 13:44:30 GMT Last-Modified: Fri, 27 Jan 2023 11:54:41 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20778 Expires: Fri, 27 Jan 2023 19:30:48 GMT Date: Fri, 27 Jan 2023 13:44:30 GMT Connection: keep-alive`

	push.services.mozilla.com/	54.189.35.180	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.189.35.180:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: GhbBgpDhw6O6tTyMmIVL/g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: m97vPtj0Nan1JeKHfsikmKHCewQ=`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 70fea2303b4b3f329b899e8f1a1d2882 caf56910549d074d52149689d502695f9d28c749 5c97af584de9715f90bef870308b4754d3846854a9ebc2a1417b7e8d63041f8e HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3379 Cache-Control: max-age=148722 Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 13:44:31 GMT Etag: "63d369fe-1d7" Expires: Sun, 29 Jan 2023 07:03:13 GMT Last-Modified: Fri, 27 Jan 2023 06:06:54 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1674827071243	34.255.210.6	302 Found	0 B
URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1674827071243 IP 34.255.210.6:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1674827071243 HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Origin: https://auth.services.adobe.com Connection: keep-alive Referer: https://auth.services.adobe.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 302 Found Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://auth.services.adobe.com Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private DCS: dcs-prod-irl1-1-v045-06601d6e7.edge-irl1.demdex.com 0 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1674827071243 P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=64020257630332031144182165974118939657; Max-Age=15552000; Expires=Wed, 26 Jul 2023 13:44:31 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-TID: xoQczjuHRKs= Content-Length: 0 Connection: keep-alive

	use.typekit.net/ecr2zvs.js	23.36.76.186	200 OK	6.6 kB
URL HTTP/2 use.typekit.net/ecr2zvs.js IP 23.36.76.186:0 ASN #20940 Akamai International B.V. File type Unicode text, UTF-8 text, with very long lines (2258) Size 6.6 kB (6643 bytes) Hash 7ace7490e2c27d9175b970ea696afde7 7f76b9abe397f6779a7cf84af6ee53fbc4f64454 cebbe8edf6c49026e176218f9dd81706d9115a07950138e220f2a317e3ff212a HTTP Headers `GET /ecr2zvs.js HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://auth.services.adobe.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx content-type: text/javascript;charset=utf-8 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; cache-control: public, max-age=600, stale-while-revalidate=604800 timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin content-encoding: gzip content-length: 6643 date: Fri, 27 Jan 2023 13:44:31 GMT X-Firefox-Spdy: h2`

	dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1674827071243	34.255.210.6	200 OK	1.4 kB
URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1674827071243 IP 34.255.210.6:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with very long lines (4122), with no line terminators Size 1.4 kB (1387 bytes) Hash a73e3b2c1550f641b7839376a1268379 eafc8a7237dd821692fbafd6819714f849cb90de 148b145b5d724549067796d667438fda01e23650ded71da2a66bb84d78431689 HTTP Headers GET /id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1674827071243 HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://auth.services.adobe.com Content-Type: application/x-www-form-urlencoded Referer: https://auth.services.adobe.com/ Connection: keep-alive Cookie: demdex=64020257630332031144182165974118939657 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://auth.services.adobe.com Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip Content-Type: application/json;charset=utf-8 DCS: dcs-prod-irl1-1-v045-048420acf.edge-irl1.demdex.com 2 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=64020257630332031144182165974118939657; Max-Age=15552000; Expires=Wed, 26 Jul 2023 13:44:31 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Origin X-TID: 4RqpKZWbR+4= Content-Length: 1387 Connection: keep-alive

	use.typekit.net/af/cb695f/000000000000000000017701/27/l?subset_id=2&fvd=n4&v=3	23.36.76.186	200 OK	30 kB
URL HTTP/2 use.typekit.net/af/cb695f/000000000000000000017701/27/l?subset_id=2&fvd=n4&v=3 IP 23.36.76.186:0 ASN #20940 Akamai International B.V. File type Web Open Font Format (Version 2), CFF, length 29924, version 1.0\012- data Size 30 kB (29924 bytes) Hash fcfe600fe9bf0239a8c3cd48738ec2da c735edeb5ac056f41e063a46b2f508057c9dbdab 62517736e6872fb13ce951c67d689def5f6ac4ac222299bfe1e37ac5f05c37ad HTTP Headers `GET /af/cb695f/000000000000000000017701/27/l?subset_id=2&fvd=n4&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://auth.services.adobe.com Connection: keep-alive Referer: https://auth.services.adobe.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 29924 etag: "fae41ba404dda76663c7e537ab5cab2de69de329" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Fri, 27 Jan 2023 13:44:31 GMT X-Firefox-Spdy: h2`

	use.typekit.net/af/eaf09c/000000000000000000017703/27/l?subset_id=2&fvd=n7&v=3	23.36.76.186	200 OK	30 kB
URL HTTP/2 use.typekit.net/af/eaf09c/000000000000000000017703/27/l?subset_id=2&fvd=n7&v=3 IP 23.36.76.186:0 ASN #20940 Akamai International B.V. File type Web Open Font Format (Version 2), CFF, length 29980, version 1.0\012- data Size 30 kB (29980 bytes) Hash 864fc6d95444fd085441968a712f6c9f 7e54f060df28a16e146ab1eb15ab3a59d3d9be06 371f06319fa71de555aebefcffbe3c1f755e5761d90aacd9bba0c64c6cf40090 HTTP Headers `GET /af/eaf09c/000000000000000000017703/27/l?subset_id=2&fvd=n7&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://auth.services.adobe.com Connection: keep-alive Referer: https://auth.services.adobe.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 29980 etag: "43c835b2f5dd7a9e7fea805e0e9631e337d18a90" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Fri, 27 Jan 2023 13:44:31 GMT X-Firefox-Spdy: h2`

	use.typekit.net/af/40207f/0000000000000000000176ff/27/l?subset_id=2&fvd=n3&v=3	23.36.76.186	200 OK	30 kB
URL HTTP/2 use.typekit.net/af/40207f/0000000000000000000176ff/27/l?subset_id=2&fvd=n3&v=3 IP 23.36.76.186:0 ASN #20940 Akamai International B.V. File type Web Open Font Format (Version 2), CFF, length 29752, version 1.0\012- data Size 30 kB (29752 bytes) Hash b45f7b0b58ea5cd543323a5e4ba4724b 03e815a2fa7461f31fc8ecc18a7063930fc87475 9aba873d54c84d8d56cfe572ab802bb34322de6fd945c286d278fabe29a9f3f0 HTTP Headers `GET /af/40207f/0000000000000000000176ff/27/l?subset_id=2&fvd=n3&v=3 HTTP/1.1 Host: use.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://auth.services.adobe.com Connection: keep-alive Referer: https://auth.services.adobe.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx content-type: application/font-woff2 content-length: 29752 etag: "fd4970a0ef1a58daf4039ec623a0f43c55c4f6d2" timing-allow-origin: * access-control-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: public, max-age=31536000 date: Fri, 27 Jan 2023 13:44:31 GMT X-Firefox-Spdy: h2`

	p.typekit.net/p.gif?s=1&k=ecr2zvs&ht=tk&h=auth.services.adobe.com&f=7180.7182.7184&a=1164490&js=1.21.0&app=typekit&e=js&_=1674827071505	95.101.11.112	200 OK	35 B
URL HTTP/2 p.typekit.net/p.gif?s=1&k=ecr2zvs&ht=tk&h=auth.services.adobe.com&f=7180.7182.7184&a=1164490&js=1.21.0&app=typekit&e=js&_=1674827071505 IP 95.101.11.112:0 ASN #20940 Akamai International B.V. File type GIF image data, version 89a, 1 x 1\012- data Size 35 B (35 bytes) Hash 81144d75b3e69e9aa2fa3e9d83a64d03 f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39 HTTP Headers `GET /p.gif?s=1&k=ecr2zvs&ht=tk&h=auth.services.adobe.com&f=7180.7182.7184&a=1164490&js=1.21.0&app=typekit&e=js&_=1674827071505 HTTP/1.1 Host: p.typekit.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://auth.services.adobe.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * cache-control: public, max-age=604800 content-type: image/gif cross-origin-resource-policy: cross-origin etag: "61c32ad2-23" last-modified: Wed, 22 Dec 2021 13:40:34 GMT server: nginx content-length: 35 date: Fri, 27 Jan 2023 13:44:31 GMT X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash e768ab72f501a125bf1e7eeb64582b78 d31b3105a2270013c4ef065337beafe2ae0bd232 f18d79880f5c4fb6d267a03b5b804430c75ec1f8a49d0b8d1248ccc89599769b HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4015 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 13:44:31 GMT Last-Modified: Fri, 27 Jan 2023 12:37:36 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	sstats.adobe.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=63817343924999426924198165015556114567&ts=1674827071545	13.37.25.97	200 OK	48 B
URL HTTP/2 sstats.adobe.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=63817343924999426924198165015556114567&ts=1674827071545 IP 13.37.25.97:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 48 B (48 bytes) Hash d3ec4e17d28c3f4e9ef8aab828e986ee 7b80ae489292a6861bed3bc324c464ec8f03072b f8de90b3092e9c73e8900891cc21350dd30f9a325a74bc7250b5f4b8988a3318 HTTP Headers GET /id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=9E1005A551ED61CA0A490D45%40AdobeOrg&mid=63817343924999426924198165015556114567&ts=1674827071545 HTTP/1.1 Host: sstats.adobe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code Content-Type: application/x-www-form-urlencoded Origin: https://auth.services.adobe.com Connection: keep-alive Cookie: sat_domain=A; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C63817343924999426924198165015556114567%7CMCAAMLH-1675431871%7C6%7CMCAAMB-1675431871%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1674834271s%7CNONE%7CvVersion%7C5.4.0; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site HTTP/2 200 OK access-control-allow-origin: https://auth.services.adobe.com access-control-allow-credentials: true date: Fri, 27 Jan 2023 13:44:31 GMT p3p: CP="This is not a P3P policy" server: jag set-cookie: s_ecid=MCMID%7C63817343924999426924198165015556114567; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Sun, 26 Jan 2025 13:44:44 GMT; SameSite=Lax; vary: Origin content-type: application/x-javascript;charset=utf-8 content-length: 48 cross-origin-resource-policy: cross-origin strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash f2f5772a6bad17b32ead0a4e83776088 c55d5e5f60d02a35cbfb4f29b35cdfc9c2f1f221 cf83584c2c6ed2f4063cdfce17b9cea9b6d3c3c7e4d74ec9d737916ab08f4118 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5637 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 13:44:31 GMT Etag: "63d27997-1d7" Last-Modified: Fri, 27 Jan 2023 12:10:35 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	static.adobelogin.com/clients/document-cloud-2020/4x_dadff291353fcc70cae932954e12aa73.png	54.230.110.53	200 OK	3.4 kB
URL HTTP/2 static.adobelogin.com/clients/document-cloud-2020/4x_dadff291353fcc70cae932954e12aa73.png IP 54.230.110.53:0 ASN #16509 AMAZON-02 File type PNG image data, 176 x 168, 8-bit/color RGBA, non-interlaced\012- data Size 3.4 kB (3403 bytes) Hash 897d4a272d908e2be4f0175d26247591 c21f076fab23dda4ef7f2b37ad226278afda2585 678b56c3f124a9cea355f38dd15b89e54a03e80ad0c484a60e3360bf187d6e73 HTTP Headers `GET /clients/document-cloud-2020/4x_dadff291353fcc70cae932954e12aa73.png HTTP/1.1 Host: static.adobelogin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://auth.services.adobe.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: image/png content-length: 3403 date: Fri, 27 Jan 2023 06:25:04 GMT last-modified: Thu, 10 Jun 2021 12:31:10 GMT etag: "897d4a272d908e2be4f0175d26247591" x-amz-version-id: null accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: FAKc77nfhgj8G6rds-YzQVCel_aA0phNyP00E1AbvmDRIYfyrmO04Q== age: 26368 X-Firefox-Spdy: h2`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash f2f5772a6bad17b32ead0a4e83776088 c55d5e5f60d02a35cbfb4f29b35cdfc9c2f1f221 cf83584c2c6ed2f4063cdfce17b9cea9b6d3c3c7e4d74ec9d737916ab08f4118 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5638 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Fri, 27 Jan 2023 13:44:32 GMT Etag: "63d27997-1d7" Last-Modified: Fri, 27 Jan 2023 12:10:35 GMT Server: ECS (ska/F712) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9467 Expires: Fri, 27 Jan 2023 16:22:19 GMT Date: Fri, 27 Jan 2023 13:44:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9467 Expires: Fri, 27 Jan 2023 16:22:19 GMT Date: Fri, 27 Jan 2023 13:44:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9467 Expires: Fri, 27 Jan 2023 16:22:19 GMT Date: Fri, 27 Jan 2023 13:44:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9467 Expires: Fri, 27 Jan 2023 16:22:19 GMT Date: Fri, 27 Jan 2023 13:44:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bd56ce22720c6e6072efdabae64669fd 29194390d12177fe0d88e1bd2fb4436509366a1c c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404" Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9467 Expires: Fri, 27 Jan 2023 16:22:19 GMT Date: Fri, 27 Jan 2023 13:44:32 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg	34.120.237.76	200 OK	4.3 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.3 kB (4272 bytes) Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2 f90c205f370a2426dffe3c21b24bfa551b385556 6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4272 x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fRz28G13oAMFeeQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 3BquvYOvgBWY2JeuOjZH9t1bunnj5yAXmMqyqZKuD6v2xMm8BAG3lw== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 12:35:00 GMT age: 4172 etag: "f90c205f370a2426dffe3c21b24bfa551b385556" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11689 bytes) Hash 06130c82b0c12aabc0cc9f920114e1c5 c2137e969f6eb3790923e1bc30d4288105fd1296 70b50dc9f7e76372b557da8d5188e86b4307e3d855619c5974d7830ab187cec1 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11689 x-amzn-requestid: c72f71e2-e235-4611-826b-94b55c1a6a17 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fR1YDGl8oAMF2Lw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d09c33-3e8a69900c1267e102d2c2bc;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:19 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Nsm2GhqSll0LCoSNRA6KjKZbee7frV0mgbS4z0yO9-DGrXvdZIM_2A== via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 03:11:18 GMT age: 37994 etag: "c2137e969f6eb3790923e1bc30d4288105fd1296" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg	34.120.237.76	200 OK	20 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type gzip compressed data, from Unix\012- data Size 20 kB (20538 bytes) Hash 8c2cd4483c02dd985752c0bfa68fac6b f92a801148e97677db684d6b268105b4f90b8699 3274b29df51ca0e00b1ee1bdc6ba565b7a9b6b8b78c8a906f899df7b36160e63 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5943 x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fUXxNF2UIAMFlYw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 21:49:48 GMT age: 57284 etag: "4d825b74865effa4a858ddcad1d0969671facc07" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7538 bytes) Hash 131eb343c5abd61939457d69bd371348 ffb2035cf64fc83f01db5c6f26ffa264b6aac95b 8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7538 x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3fobF-ZoAMFjjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 05:20:00 GMT age: 30272 etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type gzip compressed data, from Unix\012- data Size 10 kB (10153 bytes) Hash 205186dcc9dea48e3ab206feee1b7e1c c5fd2b55ff4ccd4722040a40bfde34accb58179f b395d87cdfdfde50d48546a3960d00ccd447999caf6ff829877daac6ee6438f2 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9056 x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fB4COHTlIAMFtRg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0 x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MApUIVJ9KiOB34nLWUtMNmA8deQVoQ9xyNqSUYXlzdLlGoP9n78C5A== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 06:24:42 GMT age: 26390 etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg	34.120.237.76	200 OK	5.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.7 kB (5737 bytes) Hash 5e7158416f60576804ccff03307319fe a342f94625e913fa6b8d862a59979f1e3ad80dd1 5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5737 x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVzDbEacIAMFZtA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: -_8PZoms7W6Lvw__KsoTwL_CzjfyWChzoSWDc9yCk9zCR8cTs87oNA== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 16:31:35 GMT age: 76377 etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	sstats.adobe.com/b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s67592182251008	13.37.25.97	200 OK	43 B
URL HTTP/2 sstats.adobe.com/b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s67592182251008 IP 13.37.25.97:0 ASN #16509 AMAZON-02 File type GIF image data, version 89a, 2 x 2\012- data Size 43 B (43 bytes) Hash ad480fd0732d0f6f1a8b06359e3a42bb a544538683a2dfe574eeb2e358ac8fcc78289d50 a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 HTTP Headers POST /b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s67592182251008 HTTP/1.1 Host: sstats.adobe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code Content-Type: text/plain;charset=UTF-8 Content-Length: 4459 Origin: https://auth.services.adobe.com Connection: keep-alive Cookie: sat_domain=A; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C63817343924999426924198165015556114567%7CMCAAMLH-1675431871%7C6%7CMCAAMB-1675431871%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1674834271s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C63817343924999426924198165015556114567; gpv=Account:IMS:GetStarted:OnLoad; s_cc=true Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK access-control-allow-origin: https://auth.services.adobe.com access-control-allow-credentials: true date: Fri, 27 Jan 2023 13:44:32 GMT expires: Thu, 26 Jan 2023 13:44:32 GMT last-modified: Sat, 28 Jan 2023 13:44:32 GMT pragma: no-cache p3p: CP="This is not a P3P policy" server: jag set-cookie: s_ecid=MCMID%7C63817343924999426924198165015556114567; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Sun, 26 Jan 2025 13:44:44 GMT; s_ecid=MCMID%7C63817343924999426924198165015556114567; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Sun, 26 Jan 2025 13:44:44 GMT; s_ecid=MCMID%7C63817343924999426924198165015556114567; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Sun, 26 Jan 2025 13:44:44 GMT; etag: 3596663751783186432-4619757565370530466 vary: * content-type: image/gif;charset=utf-8 content-length: 43 cross-origin-resource-policy: cross-origin strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff X-Firefox-Spdy: h2

	sstats.adobe.com/b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s67622042345926	13.37.25.97	200 OK	43 B
URL HTTP/2 sstats.adobe.com/b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s67622042345926 IP 13.37.25.97:0 ASN #16509 AMAZON-02 File type GIF image data, version 89a, 2 x 2\012- data Size 43 B (43 bytes) Hash ad480fd0732d0f6f1a8b06359e3a42bb a544538683a2dfe574eeb2e358ac8fcc78289d50 a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 HTTP Headers POST /b/ss/adbims,adbadobenonacdcprod,adbadobeprototype/1/JS-2.22.4-LCS4/s67622042345926 HTTP/1.1 Host: sstats.adobe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code Content-Type: text/plain;charset=UTF-8 Content-Length: 4678 Origin: https://auth.services.adobe.com Connection: keep-alive Cookie: sat_domain=A; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=1176715910%7CMCMID%7C63817343924999426924198165015556114567%7CMCAAMLH-1675431871%7C6%7CMCAAMB-1675431871%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1674834271s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0; AMCVS_9E1005A551ED61CA0A490D45%40AdobeOrg=1; s_ecid=MCMID%7C63817343924999426924198165015556114567; gpv=Account:IMS:GetStarted:OnLoad; s_cc=true Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK access-control-allow-origin: https://auth.services.adobe.com access-control-allow-credentials: true date: Fri, 27 Jan 2023 13:44:32 GMT expires: Thu, 26 Jan 2023 13:44:32 GMT last-modified: Sat, 28 Jan 2023 13:44:32 GMT pragma: no-cache p3p: CP="This is not a P3P policy" server: jag set-cookie: s_ecid=MCMID%7C63817343924999426924198165015556114567; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Sun, 26 Jan 2025 13:44:44 GMT; s_ecid=MCMID%7C63817343924999426924198165015556114567; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Sun, 26 Jan 2025 13:44:44 GMT; s_ecid=MCMID%7C63817343924999426924198165015556114567; Path=/; Domain=adobe.com; Max-Age=63072000; Expires=Sun, 26 Jan 2025 13:44:44 GMT; etag: 3596663752024391680-4619767768065941492 vary: * content-type: image/gif;charset=utf-8 content-length: 43 cross-origin-resource-policy: cross-origin strict-transport-security: max-age=31536000; includeSubDomains cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11372 bytes) Hash ed3df3868d4a13270faf944f911637a7 1b69b2433956c79510bc4a013648a5fb12882884 e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 11372 x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPAw_E_rIAMF0hQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 7AecnloBAOZbROe_gGLZL8AcwRb1rrSIo577CwGZpzyDdtRa-Ae_9Q== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Thu, 26 Jan 2023 21:47:08 GMT age: 57450 etag: "1b69b2433956c79510bc4a013648a5fb12882884" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code	54.230.111.25	200 OK	0 B
URL HTTP/2 auth.services.adobe.com/en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code IP 54.230.111.25:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /en_US/deeplink.html?deeplink=ssofirst&callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fadobeid%2FEchoSign2%2FAdobeID%2Fcode%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26code_challenge_method%3Dplain%26use_ms_for_expiry%3Dtrue&client_id=EchoSign2&scope=openid%2Creauthenticated%2CAdobeID&denied_callback=https%3A%2F%2Fims-na1.adobelogin.com%2Fims%2Fdenied%2FEchoSign2%3Fredirect_uri%3Dhttps%253A%252F%252Fsecure.na4.echosign.com%252Fpublic%252FacceptMigrationOptionForShardConflict%253Ftoken%253DCBNCKBAAHBCAABAAR5R9S3KIFbc7vVgoG8r2BgDbXjfrB9rY%26response_type%3Dcode&relay=8b8102c0-9c5f-47f0-b7a7-f3bc8e1d5b84&locale=en_US&flow_type=code&puser=tcorbin%40slurpmail.net&dctx_id=adobe_document_cloud&idp_flow_type=login&reauthenticate=force&s_p=google%2Cfacebook%2Capple&response_type=code HTTP/1.1 Host: auth.services.adobe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK content-type: text/html last-modified: Thu, 26 Jan 2023 09:44:17 GMT x-amz-version-id: StetogVCUEhTMis7Vf4BnjGDy3sMFbmy server: AmazonS3 content-encoding: gzip date: Fri, 27 Jan 2023 13:44:31 GMT cache-control: no-cache etag: W/"7d95ce6371a1f50af16b508a71a9bb2d" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 alt-svc: h3=":443"; ma=86400 x-amz-cf-id: gNQPIeK8CbowXqZ0XkhLoTWjSIjVkw7yXIqoDda5MYkpSvU1KYiVXA== x-xss-protection: 1; mode=block x-frame-options: DENY referrer-policy: no-referrer-when-downgrade content-security-policy: report-uri https://adobeid-na1.services.adobe.com/renga-idprovider/pages/csp-violation-report x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload x-robots-tag: noindex X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (41)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type