mail.techsend.net/c/12XVrOfUVKjtTYWa45QZQvDinx
54.230.111.88301 Moved Permanently 167 B URL HTTP/1.1 mail.techsend.net/c/12XVrOfUVKjtTYWa45QZQvDinx
IP 54.230.111.88:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
Analyzer Verdict Alert fortinet Phishing
GET /c/12XVrOfUVKjtTYWa45QZQvDinx HTTP/1.1
Host: mail.techsend.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 30 Jan 2023 14:19:25 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://mail.techsend.net/c/12XVrOfUVKjtTYWa45QZQvDinx
X-Cache: Redirect from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: f5UMZeXUpl3OY3H4RnaCotxRtF1LaGA07UGUakeJw8afKV7aN-jBYw==
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13964
Expires: Mon, 30 Jan 2023 18:12:09 GMT
Date: Mon, 30 Jan 2023 14:19:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3137
Expires: Mon, 30 Jan 2023 15:11:42 GMT
Date: Mon, 30 Jan 2023 14:19:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 13:35:43 GMT
content-type: application/json
age: 2622
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2537
Expires: Mon, 30 Jan 2023 15:01:42 GMT
Date: Mon, 30 Jan 2023 14:19:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ljTHL/mc9aFl6Fm69wxS4YSDhmJjP1tDKH7lzvne2PCJyBj29ds91u3si3SUjWu3GxNv+sD0e7PrkAp/JsD3yw==
x-amz-request-id: D61RAG1BSJAAWNJ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 13:21:48 GMT
age: 3457
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ad6a88a0ac41e456c988efd2335ee895
6211b748e588dbd42335c01e863c7d61ec0e109e
488ff55b47e5a4b0b2a0a780117aea96dda1e2aa99f0c754f51cd564ae6c604e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=124027
Date: Mon, 30 Jan 2023 14:19:25 GMT
Etag: "63d7112f-1d7"
Expires: Wed, 01 Feb 2023 00:46:32 GMT
Last-Modified: Mon, 30 Jan 2023 00:37:03 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ewm0knuce0G8TRuVwKZO8te7czJJjXFjDALIr1-F0DOtTbcvGyQORg==
Age: 569
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 14:19:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 13:49:04 GMT
age: 1821
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1842903eaf96102079f084ea783f696f
723701e4a4376a8657c4065abf40004c48591923
22d937ebc45305fbb8a5ca69db309ef40081e74bab13f1a119a5f07cab0387ee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:26 GMT
Server: ECS (amb/6BAC)
Content-Length: 280
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7012
Expires: Mon, 30 Jan 2023 16:16:18 GMT
Date: Mon, 30 Jan 2023 14:19:26 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.143.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.143.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ahO24MPnOZ6bzoL43v/VeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SjAgvMpc4IOVFA/44205M+9VdDU=
mail.techsend.net/c/12XVrOfUVKjtTYWa45QZQvDinx
54.230.111.42302 Found 11 kB URL HTTP/2 mail.techsend.net/c/12XVrOfUVKjtTYWa45QZQvDinx
IP 54.230.111.42:0
Hash 2906a6c92bca3d0fa82ff957f896c0e6
48d138af595bb6b8ccf4eb2093674b6864b22959
8f457dc520cc6b2e014ca06c68741bce5532169213f6fdcb363823ff60aa8bfd
Analyzer Verdict Alert fortinet Phishing
GET /c/12XVrOfUVKjtTYWa45QZQvDinx HTTP/1.1
Host: mail.techsend.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
location: https://contentcrowd.com/?utm_campaign=DSG%20IBM%20-%20MKT%7CRTNR%7CNA%7CBTDWW%20Q1%20PSA%20Jan%20-%20Mar%202023%20Infrastructure%20ABM%20-%2042100%20-%20Valid%20-%2030.01.2023&utm_content=ContentCrowd&utm_term=&utm_medium=email&utm_source=Adestra
server: CloudFront
date: Mon, 30 Jan 2023 14:19:25 GMT
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b_o-A2Y_hC89GohwYax3tdJy1wMgvfrSljrR-8aAOkiRbSr9lKEZjQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NSCJZCM
172.217.21.168200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NSCJZCM
IP 172.217.21.168:0
File type ASCII text, with very long lines (6320)
Hash 96d0cbb7ee6bce6d4d8ec615d651b1d7
0dff3d567040a9dee7983ea8affc55c1469ea548
cbcc1fd34bd35dca902a25dfd56bcacbc04a40d22aae531f7b0c07d7a0d2e867
GET /gtm.js?id=GTM-NSCJZCM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 14:19:26 GMT
expires: Mon, 30 Jan 2023 14:19:26 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2jctdjx3g2rzn.cloudfront.net/61/615df923d6f36a5d36946f711252f84be19803b7/sm.jpg
54.230.245.195200 OK 15 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/61/615df923d6f36a5d36946f711252f84be19803b7/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash 82d2ab863652143fa78edfacc2374218
d538e8340960b82e63b2f57ea3c5d26c00d67b90
3adfd9b096242f1f50c9e4351da36f6eedc517a882f43e9ba37df7aa57f31bf7
GET /61/615df923d6f36a5d36946f711252f84be19803b7/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 15315
last-modified: Mon, 23 Jan 2023 15:37:34 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 08:10:06 GMT
etag: "82d2ab863652143fa78edfacc2374218"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PhXAcnn5l9L6dTNy7IlQXqWvGTNAx3VXfUZQuTnzbZQk9u6bcc8HDw==
age: 22162
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.57200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.57:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=59399
date: Mon, 30 Jan 2023 14:19:27 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/1e/1e17a642ac10a74e53d572bc69dbca08bad14fea/sm.jpg
54.230.245.195200 OK 11 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/1e/1e17a642ac10a74e53d572bc69dbca08bad14fea/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash 41d22f0eabf999566eada485380e5d4e
53501ba05cf89e34b368e35bdcf058ad6d8945a9
bde279dcc36baaf7efcaa493647719a7ae4433f5bbeb926e3396de63d597e1a2
GET /1e/1e17a642ac10a74e53d572bc69dbca08bad14fea/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10566
last-modified: Mon, 23 Jan 2023 15:21:10 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 06:15:24 GMT
etag: "41d22f0eabf999566eada485380e5d4e"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 43rgzPHwmHR7whMKL5bXQZtvj2wjytiQUnugYelE_Zfs56Nsu78pjA==
age: 29044
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6248
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:27 GMT
Last-Modified: Mon, 30 Jan 2023 12:35:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
d2jctdjx3g2rzn.cloudfront.net/b5/b5d451ca657b91070b6230bbb7d11b9d476017e1/sm.jpg
54.230.245.195200 OK 6.5 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/b5/b5d451ca657b91070b6230bbb7d11b9d476017e1/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash eb387c18ade0f2b110dc060c0b84b03f
78026504d6652f2ec9f8b7b5d4d94179f88cc798
ac33d1dcd646a9cf8384e0487bc57bb3df4e3f74094f5a5d90c5f9acaf5a7a10
GET /b5/b5d451ca657b91070b6230bbb7d11b9d476017e1/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6462
last-modified: Mon, 23 Jan 2023 15:54:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 06:15:24 GMT
etag: "eb387c18ade0f2b110dc060c0b84b03f"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zXrqmCHEoJfwONCa-2U19GZgQVFMxpYabeok_LkgD5Jp0M0H432DEA==
age: 29044
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 13:46:59 GMT
expires: Mon, 30 Jan 2023 15:46:59 GMT
cache-control: public, max-age=7200
age: 1948
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/62/62ec415fe312f9397d81be0784c0d664c451119a/sm.jpg
54.230.245.195200 OK 7.0 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/62/62ec415fe312f9397d81be0784c0d664c451119a/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash a108160434fc9dc92fa0e64b10db0fe2
d32deb0f9e35ff23271f184e3dc527032868ace2
b1b16f90f9774284a27dff6abf2ef6d84b1782bc243013fc3864d907dcc7838c
GET /62/62ec415fe312f9397d81be0784c0d664c451119a/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6999
last-modified: Mon, 23 Jan 2023 15:29:09 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 06:15:24 GMT
etag: "a108160434fc9dc92fa0e64b10db0fe2"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ad3faNLoEXgdTFk7CVfc58uZNrlsW23U1Gjt_DhVzOd670ShFkm0jw==
age: 29044
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/0c/0c656e4f37e9d619bb57f0dcf9a78d51b4fb1831/sm.jpg
54.230.245.195200 OK 8.7 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/0c/0c656e4f37e9d619bb57f0dcf9a78d51b4fb1831/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 306x306, segment length 16, comment: "File source: http://commons.wikimedia.org/wiki/File:IBM_logo_in.jpg", baseline, precision 8, 135x190, components 3\012- data
Hash 5e1dbdad4046f14b631e950101e02331
86f149c7686ef2df00d90edad32ff5d5fb94001b
610e4028352bc7408b274be25887105cb4b8c21739630c4594e9f4bac858e0be
GET /0c/0c656e4f37e9d619bb57f0dcf9a78d51b4fb1831/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8691
last-modified: Mon, 23 Jan 2023 15:25:16 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 08:10:06 GMT
etag: "5e1dbdad4046f14b631e950101e02331"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wYRzLSL4r1566Ypk9_OFX9TTo-4dNBZHoHIW-nUkknc_fpzJTzOGLQ==
age: 22162
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
IP 216.58.211.3:0
Hash c9f838a0a92a7202d548525934573755
5387faaf5eca48c8e4e2c8a498f182552afe94b2
b18da9a14ff69e8bf399b93dc2b9891ad0d15672f9c96f4dfb91a7593e77456b
POST /s/gts1d4/EQKo1_W0fFc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d2jctdjx3g2rzn.cloudfront.net/dd/dd4be01b0ccd7b3b49c3c515a4a2d70c5ffb1475/sm.jpg
54.230.245.195200 OK 6.3 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/dd/dd4be01b0ccd7b3b49c3c515a4a2d70c5ffb1475/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 306x306, segment length 16, comment: "File source: http://commons.wikimedia.org/wiki/File:IBM_logo_in.jpg", baseline, precision 8, 135x190, components 3\012- data
Hash bd8a80f3422841466b393236f02dede1
aaf2ebfbf11d290be6f610466bfb3c997865c864
60a888f49b22c0d84a439b1c11193aa5dcf6efaf9bbed5f76b79f5d90e78d17e
GET /dd/dd4be01b0ccd7b3b49c3c515a4a2d70c5ffb1475/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6318
last-modified: Mon, 23 Jan 2023 15:28:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 08:10:06 GMT
etag: "bd8a80f3422841466b393236f02dede1"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G2jAV7smDLCcUqLHMxviUH-aVtlbKSKsj2Xl8BkYrqI2e3kAlLlglg==
age: 22162
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/06/065ebf6df3edd1871bf8f449df2ba04469db2dfa/sm.jpg
54.230.245.195200 OK 8.5 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/06/065ebf6df3edd1871bf8f449df2ba04469db2dfa/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash a4617b5a4bb928d8dc4b884d8776ad82
95ad8d5d740bd370b4526ce5bea1caab152ba214
b6a7f30d31655db22199f61c045ee107c4c3fb15725f11402a1e12af97609bf1
GET /06/065ebf6df3edd1871bf8f449df2ba04469db2dfa/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 8460
date: Sun, 29 Jan 2023 15:10:17 GMT
last-modified: Fri, 27 Jan 2023 23:55:12 GMT
etag: "a4617b5a4bb928d8dc4b884d8776ad82"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 747hbLszoH0DlVIKbzJinJ4xKqt2Jzy3sLu9pTo1TYgA4n_QPEVrxA==
age: 83351
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/22/22742b1871a2fe793dbc8fe16933cedc75a7ca46/sm.jpg
54.230.245.195200 OK 18 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/22/22742b1871a2fe793dbc8fe16933cedc75a7ca46/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash 6153f63a63bb1767f057e9c9e7bf93bb
533a1c22dba518ae9b4745319fe12107532d7615
c71ebc78a4d794be3cef3225622ea843203dc3ea713a4a2876affd3032d2c5ff
GET /22/22742b1871a2fe793dbc8fe16933cedc75a7ca46/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 17689
last-modified: Wed, 25 Jan 2023 16:46:05 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 06:15:24 GMT
etag: "6153f63a63bb1767f057e9c9e7bf93bb"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5npnh3ZU4iqPEZH0n-ktm7C6JZ5wYDwJYNUhuSgNck4pfRVf4ohWiQ==
age: 29044
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/6b/6b23630e227fe6f3d4ccd34c36eae1eb273c56e7/sm.jpg
54.230.245.195200 OK 13 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/6b/6b23630e227fe6f3d4ccd34c36eae1eb273c56e7/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash bafcba0f5af073585436b50b18b42c96
0270c2a6324092a3307e3e9223f88e43c5ed09cb
3d9cd170402a1778b6225634d22b36c61d93bbbae1b979704b9af7067906e66c
GET /6b/6b23630e227fe6f3d4ccd34c36eae1eb273c56e7/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13407
date: Sun, 29 Jan 2023 15:10:17 GMT
last-modified: Mon, 23 Jan 2023 16:21:49 GMT
etag: "bafcba0f5af073585436b50b18b42c96"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QfQBJeYtmtyQZKumAVCcXfSkPa676MECKsec85ERQTiO0lg1FWnKcw==
age: 83351
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/e2/e2ed97349675691364ce99ba35e2f52b0312bbf5/sm.jpg
54.230.245.195200 OK 7.2 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/e2/e2ed97349675691364ce99ba35e2f52b0312bbf5/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash de925ce31f973f1a075b9138bc849af9
0c8224248dea10634c37f8dd96ae5620132d8af8
cca8542bdb7427ae7c416fd382dde1ece413796b3b686b35e0a351855ce67a40
GET /e2/e2ed97349675691364ce99ba35e2f52b0312bbf5/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 7212
date: Sun, 29 Jan 2023 15:10:26 GMT
last-modified: Fri, 27 Jan 2023 23:35:44 GMT
etag: "de925ce31f973f1a075b9138bc849af9"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: exkOUt5DpxdixVc1p-kDYPXLKIBSZbeNv2fC_p83zI9tdfFuWwGfFg==
age: 83342
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/logo/dark.png
54.230.245.195200 OK 8.3 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/logo/dark.png
IP 54.230.245.195:0
File type PNG image data, 275 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b90a90014a11850b3a621f0ef58ef08
3ba346420685a28be559274c4ba10b83f659e8ab
037ec1945f001bf27d217cab2c07ded4e0968f8d12bd9d328f4285b4f359cc1a
GET /logo/dark.png HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 8342
last-modified: Fri, 21 Jun 2019 07:29:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 07:25:24 GMT
etag: "0b90a90014a11850b3a621f0ef58ef08"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tUXqNmOtQ5wCSwpdedtcC3ygLIbFc9Vme4MeyJZLsMX0GODjYGy4UA==
age: 24844
X-Firefox-Spdy: h2
ml314.com/tag.aspx?3002023
34.111.234.236200 OK 10 kB URL HTTP/2 ml314.com/tag.aspx?3002023
IP 34.111.234.236:0
File type ASCII text, with very long lines (31861)
Hash af24cee700eeb0b2de5065f6cf910717
b623890382c26aa125c92230175b8c5dae27ec42
3de6d12bdc0703f3f58f7f4516ca72fda17269afc7c7a66721219ae71773ea10
GET /tag.aspx?3002023 HTTP/1.1
Host: ml314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsY9l8ATCd0I9tzPotOXkLZEQmS0q7PTf2UsOsVBwh_0e50Ji8dEXNAGtj9EkwvgyYOY4QVgxbKwNsOWlQ3qn8t6g
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32025
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
x-goog-storage-class: STANDARD
accept-ranges: none
server: UploadServer
content-encoding: br
content-length: 10464
date: Mon, 30 Jan 2023 14:15:11 GMT
age: 256
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
etag: W/"fe36d3317b1b052708eb2260e253aa63"
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
cache-id: ARN-26bba172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/63/63b29e6345087850f4d1ef15925c158b9ae30bd2/sm.jpg
54.230.245.195200 OK 6.1 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/63/63b29e6345087850f4d1ef15925c158b9ae30bd2/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 306x306, segment length 16, comment: "File source: http://commons.wikimedia.org/wiki/File:IBM_logo_in.jpg", baseline, precision 8, 135x190, components 3\012- data
Hash 8a69e812754207c44329983a357d2e6e
4da6488d3125ab1af2a5e5debfac72f9e4fa5029
4fe01476a2be77ae66d806e10f44478c1b204d4ad65f41f49645d5c483e3b77d
GET /63/63b29e6345087850f4d1ef15925c158b9ae30bd2/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6134
date: Sun, 29 Jan 2023 15:10:17 GMT
last-modified: Fri, 27 Jan 2023 23:09:18 GMT
etag: "8a69e812754207c44329983a357d2e6e"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5-Ur09wzdK3Hv7iUBWDs40ZRQGqPYI4E9lSOUsaK8hMdpkpWXAWNyw==
age: 83351
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.205.11200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 0zum2SIww9ph8tejqOcWbFCSyhdD2fG7EummHXD+qdbbjvhX2nv8Arw4j6h0HflgKnOtfEVOlzTL0eo22q2yiw==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 14:19:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
d2jctdjx3g2rzn.cloudfront.net/49/49d4245f9a985c69e6a44113d8035afbfe4ec8f0/sm.jpg
54.230.245.195200 OK 10 kB URL HTTP/2 d2jctdjx3g2rzn.cloudfront.net/49/49d4245f9a985c69e6a44113d8035afbfe4ec8f0/sm.jpg
IP 54.230.245.195:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: " Image generated by GPL Ghostscript (device=ppmraw)", baseline, precision 8, 135x190, components 3\012- data
Hash 64b4ffe25eb5c8ac13d30496d066b798
3eb23e32962af25fcbdf0a98297da080f12224ef
a1e6de3a0031bd3f43164645f695a0a9145242a14aa0beb6bf2b4a1ac948835b
GET /49/49d4245f9a985c69e6a44113d8035afbfe4ec8f0/sm.jpg HTTP/1.1
Host: d2jctdjx3g2rzn.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10103
last-modified: Mon, 23 Jan 2023 15:23:59 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 07:25:25 GMT
etag: "64b4ffe25eb5c8ac13d30496d066b798"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rgemr9IXcZbWafQS-IyiXhgPQZ655u4gii9P5SlrWv1yYVT0p8_ZuQ==
age: 24843
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c239475b53a2314c43c5922ef55e73f8
e30168fe4daa7e6ebe19591863e7175bf9ad784d
2f985a21771f800b54258c8b1e70a38c9249ef7b9bf2ec61e01d5717c2e204d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6248
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:27 GMT
Last-Modified: Mon, 30 Jan 2023 12:35:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Mon, 30 Jan 2023 15:28:42 GMT
Date: Mon, 30 Jan 2023 14:19:27 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EQKo1_W0fFc
IP 216.58.211.3:0
Hash c9f838a0a92a7202d548525934573755
5387faaf5eca48c8e4e2c8a498f182552afe94b2
b18da9a14ff69e8bf399b93dc2b9891ad0d15672f9c96f4dfb91a7593e77456b
POST /s/gts1d4/EQKo1_W0fFc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-902796.js?sv=7
54.230.111.113200 OK 13 kB URL HTTP/2 static.hotjar.com/c/hotjar-902796.js?sv=7
IP 54.230.111.113:0
File type ASCII text, with very long lines (7534)
Hash 337378e4c65000a56c964d69bf297a2a
5aaa5ab51dedaed3d8f2f902648ff5b964700dd7
e40f6dee3735ff3bc8620f30fafdba9121681b00601b48fe2daa5b9d8ecc64e8
GET /c/hotjar-902796.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 30 Jan 2023 14:19:27 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/1c1e46c509aaa33399152e15fbd29309
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EXoLEaIO4JW7spra0ebiiPuwb9DvS8BlerVMzh0wa6dyCBEH9p4MpQ==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyA7JoIHpcBuMaoGjSH3XdUZ0PmHYITS4606WbOLHitdOmLbIPpxJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 15:39:26 GMT
age: 81601
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
script.hotjar.com/modules.a67d611ae12d5430b0d8.js
54.230.111.93200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.a67d611ae12d5430b0d8.js
IP 54.230.111.93:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 32f2d01b085556c0d4a7f61b1d769e22
ab03c43019010344f0aa11e2debf38429bc552de
57a6800c7d919e3b0e42b214b44edf04b353c7c48e1800fd85d0fc0150a82365
GET /modules.a67d611ae12d5430b0d8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68283
date: Mon, 30 Jan 2023 11:42:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "32f2d01b085556c0d4a7f61b1d769e22"
last-modified: Mon, 30 Jan 2023 11:41:10 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59-GVvzLs_h0ShTMtfDhwHXDxMfU91hMX9pX0mkGrdq5ih2l9qzS6Q==
age: 9441
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Mon, 30 Jan 2023 15:28:42 GMT
Date: Mon, 30 Jan 2023 14:19:27 GMT
Connection: keep-alive
vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
54.230.111.85200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
IP 54.230.111.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash c34915675a9e912c93dac934322be7d1
1d0c20a805821d76fdef8b95eace30ac659a9454
091ab4e6d3f86a5e7bc8c7c3e9805df420c13f77627902dd204abc1f28b6336d
GET /box-fc6c0cda90900662e5160cde908b3e86.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 27 Jan 2023 09:04:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "c34915675a9e912c93dac934322be7d1"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WMDv5EVOxke05ksJGqm8fujSNhnkBGMdrkKhu3oyBK4xdmaJGQV59g==
age: 278121
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Mon, 30 Jan 2023 15:28:42 GMT
Date: Mon, 30 Jan 2023 14:19:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:32 GMT
age: 59095
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 58230
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1852188&time=1675088379986&url=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1852188&time=1675088379986&url=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1852188&time=1675088379986&url=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1852188%26time%3D1675088379986%26url%3Dhttps%253A%252F%252Fcontentcrowd.com%252F%253Futm_campaign%253DDSG%252520IBM%252520-%252520MKT%25257CRTNR%25257CNA%25257CBTDWW%252520Q1%252520PSA%252520Jan%252520-%252520Mar%2525202023%252520Infrastructure%252520ABM%252520-%25252042100%252520-%252520Valid%252520-%25252030.01.2023%2526utm_content%253DContentCrowd%2526utm_term%253D%2526utm_medium%253Demail%2526utm_source%253DAdestra%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQK9yYzbp58CcwAAAYYDDBC9S4BDQve9SQ_ISDHcK3fLI4xcLoZLIa-r9xQx5RpK5Lp-mYYS4nBMbg; Max-Age=2592000; Expires=Wed, 01 Mar 2023 14:19:27 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQKjQvoaKYRXeQAAAYYDDBC9icOMcfD-bIr0c4J8MCS0KR92nyHqECch2wDtDbjGCMmTfKhazXjbAjhFCMSNng; Max-Age=2592000; Expires=Wed, 01 Mar 2023 14:19:27 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&015f2b26-4de2-4c67-8956-d0512026c4fe"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 14:19:27 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1675088367:t=1675174767:v=2:sig=AQHG_OmutTWM-l4SMtiX4DU3e5sRItvA"; Expires=Tue, 31 Jan 2023 14:19:27 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXze+chTPhBq8WqcoWipg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C601DF897D0B4CD6B7B7A4161736CF6C Ref B: OSL30EDGE0119 Ref C: 2023-01-30T14:19:27Z
date: Mon, 30 Jan 2023 14:19:27 GMT
content-length: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 58800
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 59285
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50172&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&pv=1675088380067_zvnvgcmna&bl=en-us&cb=4816458&return=&ht=&d=&dc=&si=1675088380067_zvnvgcmna&cid=&s=1280x1024&rp=&v=2.5.2.2
34.111.234.236200 OK 62 B URL HTTP/2 ml314.com/utsync.ashx?pub=&adv=&et=0&eid=50172&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&pv=1675088380067_zvnvgcmna&bl=en-us&cb=4816458&return=&ht=&d=&dc=&si=1675088380067_zvnvgcmna&cid=&s=1280x1024&rp=&v=2.5.2.2
IP 34.111.234.236:0
File type ASCII text, with no line terminators
Hash 3ad086df595c07595182b36a7f3c7320
f3aa368bdfc6a4d7d2682e22d03bbca2b1d4bf7d
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
GET /utsync.ashx?pub=&adv=&et=0&eid=50172&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&pv=1675088380067_zvnvgcmna&bl=en-us&cb=4816458&return=&ht=&d=&dc=&si=1675088380067_zvnvgcmna&cid=&s=1280x1024&rp=&v=2.5.2.2 HTTP/1.1
Host: ml314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript; charset=utf-8
date: Mon, 30 Jan 2023 14:19:27 GMT
expires: 0
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 62
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&gjid=389881993&_gid=491282421.1675088380&_u=YEBAAAAAAAAAAC~&z=204123360
173.194.73.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&gjid=389881993&_gid=491282421.1675088380&_u=YEBAAAAAAAAAAC~&z=204123360
IP 173.194.73.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&gjid=389881993&_gid=491282421.1675088380&_u=YEBAAAAAAAAAAC~&z=204123360 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://contentcrowd.com
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://contentcrowd.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 14:19:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1852188%26time%3D1675088379986%26url%3Dhttps%253A%252F%252Fcontentcrowd.com%252F%253Futm_campaign%253DDSG%252520IBM%252520-%252520MKT%25257CRTNR%25257CNA%25257CBTDWW%252520Q1%252520PSA%252520Jan%252520-%252520Mar%2525202023%252520Infrastructure%252520ABM%252520-%25252042100%252520-%252520Valid%252520-%25252030.01.2023%2526utm_content%253DContentCrowd%2526utm_term%253D%2526utm_medium%253Demail%2526utm_source%253DAdestra%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1852188%26time%3D1675088379986%26url%3Dhttps%253A%252F%252Fcontentcrowd.com%252F%253Futm_campaign%253DDSG%252520IBM%252520-%252520MKT%25257CRTNR%25257CNA%25257CBTDWW%252520Q1%252520PSA%252520Jan%252520-%252520Mar%2525202023%252520Infrastructure%252520ABM%252520-%25252042100%252520-%252520Valid%252520-%25252030.01.2023%2526utm_content%253DContentCrowd%2526utm_term%253D%2526utm_medium%253Demail%2526utm_source%253DAdestra%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1852188%26time%3D1675088379986%26url%3Dhttps%253A%252F%252Fcontentcrowd.com%252F%253Futm_campaign%253DDSG%252520IBM%252520-%252520MKT%25257CRTNR%25257CNA%25257CBTDWW%252520Q1%252520PSA%252520Jan%252520-%252520Mar%2525202023%252520Infrastructure%252520ABM%252520-%25252042100%252520-%252520Valid%252520-%25252030.01.2023%2526utm_content%253DContentCrowd%2526utm_term%253D%2526utm_medium%253Demail%2526utm_source%253DAdestra%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://contentcrowd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1852188&time=1675088379986&url=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&c36fa437-a066-48c0-8f5b-89aa050d8330"; Domain=.linkedin.com; Expires=Tue, 30-Jan-2024 14:19:27 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230130141927301a3e95-e493-4df8-8868-548636d59e67AQHSXL-Nd3I0NRp3blT7Hiv8wP9v0Dsl"; Domain=.www.linkedin.com; Expires=Tue, 30-Jan-2024 14:19:27 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzUwODgzNjc7MjswMjGjbuLgu2DDYr4Jcl9Jy+kzdbo0awph/5wKORsBLWCzXg==; Domain=.linkedin.com; Expires=Sat, 29 Jul 2023 14:19:27 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2423:u=1:x=1:i=1675088367:t=1675174767:v=2:sig=AQGXMUwZHPA8JK56GgyAm0zSrS6pvpGc"; Expires=Tue, 31 Jan 2023 14:19:27 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXze+cj3MXacjxW4qClng==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 71022F96905146BF8FCE84189176B371 Ref B: OSL30EDGE0119 Ref C: 2023-01-30T14:19:27Z
date: Mon, 30 Jan 2023 14:19:27 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 8c01f1ef75001562b440a5a4900f7509
0c40c893757400bfdf5a81584b7e9d0e23a752f9
c4f8d6f8834d1b7b44b6348971d23a45ea250df84724de31d8bedfa1bf379005
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 30 Jan 2023 14:19:28 GMT
Last-Modified: Mon, 30 Jan 2023 13:42:16 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ylQ5BKm2gr0Q0HUWnFRliaMUuEbLzxsdQwMrJ36y6LmfOJ_Rh6WSrQ==
Age: 2232
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 5f33996f825ccff5149d48f8e26d3b28
133a06ed1c03dc457487a9d49f11904aa86e4d1e
0b54c88b1dd42e4e68630a8ff5d110ac1267294e47d3884d42a742601bdd2d2f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95594
Date: Mon, 30 Jan 2023 14:19:28 GMT
Etag: "63d68fdf-1d7"
Expires: Tue, 31 Jan 2023 16:52:42 GMT
Last-Modified: Sun, 29 Jan 2023 15:25:19 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iGcsekwRQX4lh1Xjf1X8mDh_C2sfgp0QYYn9htuR6gDjbhx2qad6HQ==
Age: 5243
www.facebook.com/tr/?id=2491011177894541&ev=PageView&dl=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&rl=&if=false&ts=1675088380476&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675088380476.448722657&it=1675088380086&coo=false&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=2491011177894541&ev=PageView&dl=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&rl=&if=false&ts=1675088380476&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675088380476.448722657&it=1675088380086&coo=false&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=2491011177894541&ev=PageView&dl=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&rl=&if=false&ts=1675088380476&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675088380476.448722657&it=1675088380086&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 30 Jan 2023 14:19:28 GMT
X-Firefox-Spdy: h2
in.ml314.com/ud.ashx?topiclimit=&cb=3002023&v=2.5.2.2
3.223.196.18200 OK 157 B URL HTTP/1.1 in.ml314.com/ud.ashx?topiclimit=&cb=3002023&v=2.5.2.2
IP 3.223.196.18:0
File type ASCII text, with no line terminators
Hash 46e2a31e1fa9b113da850f1058690891
240592f58574f9d15cb4bfcb59e43c06e2b8260b
cf445de83e39d32d7864a5680cb68eae4997f091441cb1d2d461d3a5b81a4d67
GET /ud.ashx?topiclimit=&cb=3002023&v=2.5.2.2 HTTP/1.1
Host: in.ml314.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Date: Mon, 30 Jan 2023 14:19:27 GMT
Expires: Tue, 31 Jan 2023 14:19:28 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Length: 157
Connection: keep-alive
px.ads.linkedin.com/collect?v=2&fmt=js&pid=1852188&time=1675088379986&url=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=1852188&time=1675088379986&url=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=1852188&time=1675088379986&url=https%3A%2F%2Fcontentcrowd.com%2F%3Futm_campaign%3DDSG%2520IBM%2520-%2520MKT%257CRTNR%257CNA%257CBTDWW%2520Q1%2520PSA%2520Jan%2520-%2520Mar%25202023%2520Infrastructure%2520ABM%2520-%252042100%2520-%2520Valid%2520-%252030.01.2023%26utm_content%3DContentCrowd%26utm_term%3D%26utm_medium%3Demail%26utm_source%3DAdestra&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://contentcrowd.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&180e896e-6ca3-4eba-8207-7cccdd99f61d"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 14:19:28 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2451:u=1:x=1:i=1675088368:t=1675174768:v=2:sig=AQFvJuvquIjsSSq517ukHJIui9XVw6ZS"; Expires=Tue, 31 Jan 2023 14:19:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXze+cniCgFyxpq1pMG1g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B6DE5BD3D10041459CF71903EB106DB6 Ref B: OSL30EDGE0119 Ref C: 2023-01-30T14:19:28Z
date: Mon, 30 Jan 2023 14:19:27 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&_u=YEBAAAAAAAAAAC~&z=934736659
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&_u=YEBAAAAAAAAAAC~&z=934736659
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&_u=YEBAAAAAAAAAAC~&z=934736659 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:19:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&_u=YEBAAAAAAAAAAC~&z=934736659
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&_u=YEBAAAAAAAAAAC~&z=934736659
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-124844446-2&cid=1508194059.1675088380&jid=992983711&_u=YEBAAAAAAAAAAC~&z=934736659 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:19:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:19:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 61804df310309c7e6b01adc833a7b1dd
f0f860a93303e8fd1c264ccb7e3d23c46649cce5
79328c53d125e5d85cd179211ceae96050f17026fbdf5f428fca7abbbf12fee2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111438
Date: Mon, 30 Jan 2023 14:19:28 GMT
Etag: "63d6cf25-1d7"
Expires: Tue, 31 Jan 2023 21:16:46 GMT
Last-Modified: Sun, 29 Jan 2023 19:55:17 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 64XR0UyxvTOPGE2vIWRaI1LkqtDNG-b_oSyQmG5EUD0O9CezKFaENg==
Age: 4889
content.hotjar.io/
34.252.123.111200 OK 56 B IP 34.252.123.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f2a516adaaaee8f2d892347d35ea3a64
9e788eff661510afa3758183aeafe622b753f4ee
38d7e1c092c2580cdc7061e56e0ff62fb9ec7d62cdc7f8fdb8d66acc38aad0a9
POST / HTTP/1.1
Host: content.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 183109
Origin: https://contentcrowd.com
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:19:28 GMT
content-type: application/json
content-length: 56
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
ws3.hotjar.com/api/v2/client/ws
54.77.139.200101 Switching Protocols 0 B URL HTTP/1.1 ws3.hotjar.com/api/v2/client/ws
IP 54.77.139.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws3.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://contentcrowd.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qKV9W74nvgzVTZSpau0j8Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 30 Jan 2023 14:19:28 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tkv/hmrxzQwSrYey4p8ZsHlOUq4=
Sec-WebSocket-Extensions: permessage-deflate
cdn.linkedin.oribi.io/partner/1852188/domain/contentcrowd.com/token
54.230.111.8200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/1852188/domain/contentcrowd.com/token
IP 54.230.111.8:0
GET /partner/1852188/domain/contentcrowd.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://contentcrowd.com
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 30 Jan 2023 14:19:27 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gTpQSJsjtOdG-qroa9BeJprRmj3ROrWaksWXybreYGFfrAAhzF7lnA==
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/902796/visit-data?sv=7
54.76.190.65200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/902796/visit-data?sv=7
IP 54.76.190.65:0
POST /api/v2/client/sites/902796/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 115
Origin: https://contentcrowd.com
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:19:28 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/2491011177894541?v=2.9.92&r=stable
157.240.205.11200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/2491011177894541?v=2.9.92&r=stable
IP 157.240.205.11:0
GET /signals/config/2491011177894541?v=2.9.92&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://contentcrowd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: qtH0h3mkmAUS8mB06br2h3HS0elh6ssuaSCsVMi2UYVqJAU3LiDlpHv3c6PCrwaZOnEBBNFdHtNaY82F52jhKQ==
x-fb-trip-id: 1679558926
date: Mon, 30 Jan 2023 14:19:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2