go.curogram.com/solutions-covid-testing-and-vaccinations
301 Moved Permanently 0 B URL HTTP/1.1 go.curogram.com/solutions-covid-testing-and-vaccinations
IP
ASN #209242 Cloudflare London, LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
GET /solutions-covid-testing-and-vaccinations HTTP/1.1
Host: go.curogram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 13:42:51 GMT
Content-Length: 0
Connection: keep-alive
Location: https://go.curogram.com/solutions-covid-testing-and-vaccinations
Cache-Control: s-maxage=3600,max-age=120
Strict-Transport-Security: max-age=31536000
X-Hs-Https-Only: worker
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPz5K4VEyKuXgf%2F9C3H6nB0UjokVmH3fiULP0FsdamyxLu1aAS%2BXBQrDxARcAJZyPegO%2BhK%2FaLkVomCW6jDN10i48xLfLJnF41gAok6akk0LWdF4DiJBnM2uRNFriKXzyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Set-Cookie: __cf_bm=RRIer4hacsMjfirqftNxo_XZV2.OMhcuJJIgLKkBN5s-1673876571-0-AeWPu+8mYGN046/t6mL3Ti+sl9mo8wEtXGF1yYdXzvzgQ/ao6IJ5SRsnVxpDpbCpG+km2phzFJ0JeEGDKcSB850=; path=/; expires=Mon, 16-Jan-23 14:12:51 GMT; domain=.go.curogram.com; HttpOnly; SameSite=None
__cfruid=80324eea503fadda7d746d715bb1301932cac881-1673876571; path=/; domain=.go.curogram.com; HttpOnly
Server: cloudflare
CF-RAY: 78a746de08850b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15593
Expires: Mon, 16 Jan 2023 18:02:45 GMT
Date: Mon, 16 Jan 2023 13:42:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6979
Expires: Mon, 16 Jan 2023 15:39:11 GMT
Date: Mon, 16 Jan 2023 13:42:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 12:49:09 GMT
content-type: application/json
age: 3223
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11619
Expires: Mon, 16 Jan 2023 16:56:31 GMT
Date: Mon, 16 Jan 2023 13:42:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sVjT8Ftf/2K2pD4M3JMlVkYsKQeBAIYHA4PFrXexX2ajpyCrWDS02YQywJGKMXHIj2CwVhjmPyE=
x-amz-request-id: Y6RM7MB8A40DHACT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 12:55:49 GMT
age: 2823
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 13:42:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 13:33:46 GMT
age: 546
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2305
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:52 GMT
Last-Modified: Mon, 16 Jan 2023 13:04:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CBOeQvxGFc5iALZw/KtA1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: txLiw48FEGBV14swkjgQIWiiGV4=
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.js
200 OK 11 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.js
IP
Hash dce5b659f11b20e65072f5278db1a814
cab542e89d670590248b6c2f53944aabc9dcf9ff
ba3b377d73bacf7361f763b8f928ac17f2bb552ea8ebf57b26d2c1a5355a0916
GET /ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 10834
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed4-a302"
last-modified: Mon, 04 May 2020 16:12:04 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9497184
expires: Sat, 06 Jan 2024 13:42:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyKHU1fWC85SMV9%2BoJiOZUk2sLlncWFRVhugnROg8rshqW7eIzKPSti7VM7fV%2BNBmlnnGVMxM0k0j6%2BcqbZvB9jZgi4J3gYeJhEWxe0ZLHokigP%2FTP1i5PPxNfJzvlX6UgpXEu0g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78a746e70b9ab524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
200 OK 31 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.4.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 3195e7e20d5daf86f6c6f6107c7bad9d
f5dc59013bfc44a61d3379e5c2e0356935ccda0e
524f9b76882cacbfa2459d4e6464bd039da02db98a25dc29754c54ea4b2d8867
GET /ajax/jQuery/jquery-3.4.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 18691233
cache-control: public,max-age=31536000
content-type: application/javascript
date: Mon, 16 Jan 2023 13:42:53 GMT
etag: "808705b151d51:0"
last-modified: Thu, 02 May 2019 18:32:11 GMT
server: ECAcc (ska/F78D)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30737
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 00:07:51 GMT
expires: Tue, 16 Jan 2024 00:07:51 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 48902
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 1.4 kB IP
Hash 9fed9d9116d18d202538f1ea48376cab
9900676c79cf96d09496185c0bc4a0a41f79e362
75479d8c9b61333fe9538dc7a746ebb082d388a833e76f13439ab1bc4b3a3ea0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TD5MMX7
200 OK 82 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TD5MMX7
IP
File type ASCII text, with very long lines (8153), with no line terminators
Hash 492be3c845dd503fa36be383a98aab31
d1f46ed4271c2aa11fdeb69772f6583e2cdbdb5c
32ec9a05e4a726293be40e136b8b1628c8e3d9c007a005804a4bc77def88abfc
GET /gtm.js?id=GTM-TD5MMX7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 16 Jan 2023 13:42:54 GMT
expires: Mon, 16 Jan 2023 13:42:54 GMT
cache-control: private, max-age=900
last-modified: Mon, 16 Jan 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80925
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15470
Expires: Mon, 16 Jan 2023 18:00:44 GMT
Date: Mon, 16 Jan 2023 13:42:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15470
Expires: Mon, 16 Jan 2023 18:00:44 GMT
Date: Mon, 16 Jan 2023 13:42:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 801 B IP
ASN #20940 Akamai International B.V.
Hash 1b0e074a477db3baceefb3ea512f5caf
8b8c5d565fc02651c6baaf6283323ae40c7c96de
39c30ca02587c12e7924ccda886e7a74eb2994d039c706be7c7fb956e3ae412f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15470
Expires: Mon, 16 Jan 2023 18:00:44 GMT
Date: Mon, 16 Jan 2023 13:42:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15470
Expires: Mon, 16 Jan 2023 18:00:44 GMT
Date: Mon, 16 Jan 2023 13:42:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad1a79b09348c4959a8ac05513efcb78
10c0a66add63c868ff332022f588e65f4ac1ec15
8a123746389e6b480669b8d6882f7edce290f1c226cd6744e23bac94b8de6d32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdba5086-6c46-4cc7-9087-e85f89cbe947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9176
x-amzn-requestid: 1d5746ff-7de6-4a54-87d2-d15330d1bb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etlL8HiPoAMFrIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21be5-044d012445cf23c01cb07a89;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pfjURj_jUMCbuxIL46hNNw6BeY4YX4TDo-9Ch6R5y3CuWTyt1r3ttw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 03:52:01 GMT
age: 35453
etag: "10c0a66add63c868ff332022f588e65f4ac1ec15"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
IP
Hash d82687e56fbf5c99a7ff1e35b01f917d
ff82018a72e4f8cd0fe9d2e32351d9e1f26822c2
39c942e52d8decb35f050c4d2a24c7b7490d15eaa4e40dd78cacdd447b8fdf95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5766
x-amzn-requestid: b6a8d7ee-ff35-4720-8d2e-ba2b8db6edfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP4GDQIAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-6022a62f69d8f938458d18a0;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YcIDYSEtEIIfGauNxD9V1tuSCAPDq9OaaAATRTOC3Sjlb-72IA0ScQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:06:50 GMT
age: 56164
etag: "2259cdebacc4c9f07aad838eec494863d4273ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.usemessages.com/conversations-embed.js
200 OK 31 kB URL HTTP/2 js.usemessages.com/conversations-embed.js
IP
File type C source, ASCII text, with very long lines (65536), with no line terminators
Hash 158197e8cb9f610ecc97a6a4a13d8575
ccf3bc748cd98f85a9bccfe8cef890c90b67d4bc
c25cbeae4ec210c118ede259d006b365b883c284488f125853ca96732f937cd9
GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:54 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Fri, 13 Jan 2023 12:25:39 UTC
etag: W/"b7bd570cd2eaf6ea9eace36101424097"
x-amz-server-side-encryption: AES256
x-amz-version-id: PZ.VqJdb97Sg7li94POrAGz_HafqqY_T
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: klXqd2AZy8l9Yl9k5AYXsQtvsqf7lz68hsbzCfudJ2Y8RDrAdztbPg==
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11763/bundles/project.js&cfRay=788a0073ef9384ec-IAD
x-hs-target-asset: conversations-embed/static-1.11763/bundles/project.js
x-hs-cache-status: HIT
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 384
server: cloudflare
cf-ray: 78a746ec1be8b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0c1d929710bbf5d3a500cff064fa28e5
f76fade4eba5e5740d1261a2bce7776719ee477f
bb0b45ede28406534c236881abe011a1b8162a1bcb4cbe61320c613fec5d0010
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81e129b-3fb3-4b30-a6fc-04ac1926b5c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7986
x-amzn-requestid: 366be46e-97f4-4bdc-8341-5bf87438ad86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbPvEezoAMF6ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47264-7eef208b3ec703b82d792537;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _cMoPRYYqsc6B6TWFkmrfDMCleAW2jWn5FXGmjay279Bf3tppH60hQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:04:21 GMT
age: 56313
etag: "f76fade4eba5e5740d1261a2bce7776719ee477f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7917592de9f2ddbe7d3a7fa7f3d4d62
866b04ce93a30369d7cb0a6d2155a8b10292507f
da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 56985
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cff4cbad17919648f62b3582f49c404b
65b8056061916928e309bb983129353a577c2b89
f6ba13b6fd5a6a39f0a34b406b39471f02c6f5fd72813db64585a8e795ec44a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08647b23-df38-4ed1-bdbd-a4fba997c933.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: c14aa47a-3e94-491a-95ab-beae1f5bdb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbKtFrIoAMFt5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47244-3a6b3c4b4b35ba8f57aa449a;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: quy8cULp0c0o6cHatiXz8R9t9hvQyus52_hOWSReahePmcxb6hOT4A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:26 GMT
age: 56908
etag: "65b8056061916928e309bb983129353a577c2b89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 91813650fdc64b579e72e8319c52059a
85adbfc2a9f28447efaab2538887dc83a320eb8d
21969b630a439c93d6d15bc86565bfd2c66990d8fd8cee37c911e179e5e73afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:54 GMT
Last-Modified: Mon, 16 Jan 2023 13:35:39 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
200 OK 35 B URL HTTP/2 forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:54 GMT
content-type: image/gif
content-length: 35
x-trace: 2B743F27ED53C58BECABA006A4D8BEE2F17D363A54000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin
x-hubspot-correlation-id: 341bcdea-004e-4b80-8028-df7ddc67dc09
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78a746ee5b2f0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 91813650fdc64b579e72e8319c52059a
85adbfc2a9f28447efaab2538887dc83a320eb8d
21969b630a439c93d6d15bc86565bfd2c66990d8fd8cee37c911e179e5e73afa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:54 GMT
Last-Modified: Mon, 16 Jan 2023 13:35:39 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 280 B IP
Hash 886b7dc119c0c71c0c361e1271bc05f0
1b0fcd6c2a5fda1d6047ea8e6118ad0b116bb594
ea40cd895b242327f14316214a59ed39bd6b16c45eb6c2b08fb5544aa8bebc41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6241
Cache-Control: max-age=107426
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:54 GMT
Etag: "63c43c9f-118"
Expires: Tue, 17 Jan 2023 19:33:20 GMT
Last-Modified: Sun, 15 Jan 2023 17:49:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
200 OK 35 B URL HTTP/2 forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 HTTP/1.1
Host: forms-na1.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:54 GMT
content-type: image/gif
content-length: 35
x-trace: 2B6A9AFC472F1C31435CD7FDC2964028CC31FA7560000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin
x-hubspot-correlation-id: 3eb3ec44-1616-4e8a-9baf-2fd89d6b44bf
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78a746eeab790afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 886b7dc119c0c71c0c361e1271bc05f0
1b0fcd6c2a5fda1d6047ea8e6118ad0b116bb594
ea40cd895b242327f14316214a59ed39bd6b16c45eb6c2b08fb5544aa8bebc41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6241
Cache-Control: max-age=107426
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:54 GMT
Etag: "63c43c9f-118"
Expires: Tue, 17 Jan 2023 19:33:20 GMT
Last-Modified: Sun, 15 Jan 2023 17:49:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=48300
date: Mon, 16 Jan 2023 13:42:55 GMT
content-length: 4777
x-cdn: AKAM
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
200 OK 5.5 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP
File type ASCII text, with very long lines (17064), with no line terminators
Hash a846d48b346dbb36790da05d37c5c664
8459c596050371032448288b832e153e5a6f3adc
ce818f7c86f8500603081fc67ab8e47bf4f2d7b4512ff2950ee14a53bee09a02
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "2b39cf4b5b36810a615ee712f89afb45:1673520765.626306"
Last-Modified: Thu, 12 Jan 2023 07:20:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Mon, 16 Jan 2023 14:02:55 GMT
Date: Mon, 16 Jan 2023 13:42:55 GMT
Content-Length: 5512
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Last-Modified: Mon, 16 Jan 2023 11:55:20 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: n5VD3c6WCOpz2D5quDRLha5sRVYX6B2tnhWgU2I/EIAhXkKBXKOXxWrYeX79Bci3K9HoUssZp9hALSB/pjTNtw==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Mon, 16 Jan 2023 13:42:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 16 Jan 2023 12:21:54 GMT
expires: Mon, 16 Jan 2023 14:21:54 GMT
cache-control: public, max-age=7200
age: 4861
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.adroll.com/j/S46F35FZXVEQZEBQ4KQJ6K/roundtrip.js
200 OK 20 kB URL HTTP/1.1 s.adroll.com/j/S46F35FZXVEQZEBQ4KQJ6K/roundtrip.js
IP
File type ASCII text, with very long lines (1211)
Hash 331a11002587cf10206aa5514611fdf5
eda0c03d1e2950adcc46095d63d7dc2e42e49b7b
59a7f5f5dc97d590c702246940239497040f33f49ff946f9a67e3da49377d984
GET /j/S46F35FZXVEQZEBQ4KQJ6K/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 15 Jan 2023 05:41:40 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: Cng73p9cAFfkNfjqQguWYm5Drn7Fw5s3
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 16 Jan 2023 12:51:49 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"f5183d1558d7de1c0a05b189f839c062"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 3067
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oYZ7kipOHvfNPwhwf_uVi0jCp_HWsmX2PzzQe7YBDDcMO5pJJRArQw==
ocsp.digicert.com/
200 OK 471 B IP
Hash b5f0190d8fe5de30dace39e0050f6176
daf68b3b076b739ee0e668188b23e32c344f76db
8c760c2f726a661095ce9c9d744ae8206fe86f9aba5450d55d98e727a38f7e37
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Last-Modified: Mon, 16 Jan 2023 11:55:20 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 5d898b7227e2084ca62bf58fc26b8a3c
53991cdcd392d85299395e9d053c95f212fecd4a
364d3a23c9a516579975919bd26fdbf7fb02fb2cee9a0f5da4d02ad1a75d6985
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 16 Jan 2023 13:42:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 16 Jan 2023 04:04:23 GMT
Expires: Tue, 17 Jan 2023 04:04:23 GMT
ETag: "53991cdcd392d85299395e9d053c95f212fecd4a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
s.adroll.com/j/exp/S46F35FZXVEQZEBQ4KQJ6K/index.js
302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/S46F35FZXVEQZEBQ4KQJ6K/index.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/S46F35FZXVEQZEBQ4KQJ6K/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Mon, 16 Jan 2023 00:01:19 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 49296
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JYIb1QVUiVdRR7BSR4Av5YvLUCghFpcgmRlCCJP--20acBhXGYXi3A==
forms.hubspot.com/collected-forms/v1/config/json?portalId=4970424&utk=
200 OK 3.6 kB URL HTTP/2 forms.hubspot.com/collected-forms/v1/config/json?portalId=4970424&utk=
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 136eff075580fa547419a0f5a9cdb7e8
b717af0ae7e8bb8a07c93209555281b9df314b88
b46ab19ef2f2bab460d047dfbe636edd5cd516230bc0e46e24504ff1b7a73223
GET /collected-forms/v1/config/json?portalId=4970424&utk= HTTP/1.1
Host: forms.hubspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.curogram.com
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:54 GMT
content-type: application/json;charset=utf-8
vary: origin
x-hubspot-correlation-id: ecc388d5-02e7-44a3-9418-bb05520d1585
access-control-allow-credentials: false
access-control-allow-origin: https://go.curogram.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=eUxI_fpKXiEautJW9vjy63ozS4PpGP.1M_l6LgXtz1g-1673876574-0-AcHZjpCL/zrKy1DgCmqXAT5yCLpre1BeNzmHAWtSnhzvrqo+65ovOmPsWhsXnySWFBYSuNo62Gq1FBHw5F3GHVs=; path=/; expires=Mon, 16-Jan-23 14:12:54 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STWVlv6xmMzUaJSop87iQzbqnDw%2FX3OGSHzB45gOyIfCI0kzpC0ldP%2Fv7h6PVUIbBCf%2BQQx25atqtfc1FTwsU%2BRFVuA4RSlqLFN%2B27P2vShIsT32nkxThT%2Fdmddq6XBRKM6%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78a746ef5de3b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s.adroll.com/j/exp/index.js
200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.curogram.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 00:29:34 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 15 Jan 2023 15:19:41 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 81484
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Xqb40xltIzcXifFaiO68IIVze0XnKVWZtDp0ATFw4j8KH4rmBfBavA==
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3236698&time=1673876575988&url=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3236698&time=1673876575988&url=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3236698&time=1673876575988&url=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3236698%26time%3D1673876575988%26url%3Dhttps%253A%252F%252Fgo.curogram.com%252Fsolutions-covid-testing-and-vaccinations%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIDxxIf3zhsxgAAAYW60ZSiLBfgojNGdSoq3--YI9yC-iONpmGvagqHkLbTz0CMka8IB3aVmkBa5g; Max-Age=2592000; Expires=Wed, 15 Feb 2023 13:42:55 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIjqj28gXusVAAAAYW60ZSiQoMuEVNQcDuJA55PTvqwv_okskd7XzOjbc6UemUOkuNh4OrpQhJJewKJ-GP72w; Max-Age=2592000; Expires=Wed, 15 Feb 2023 13:42:55 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&6b39f18f-5fe5-40d4-8990-649bba166f06"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 16-Jan-2024 13:42:55 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2445:u=1:x=1:i=1673876575:t=1673962975:v=2:sig=AQHXOlXEL_EcL8nuUNIYttV--Tjvd8ZC"; Expires=Tue, 17 Jan 2023 13:42:55 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyYcKseXlV1HgKtpQTTA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: AB979AF5D4D1400B855A0006790B319C Ref B: OSL30EDGE0515 Ref C: 2023-01-16T13:42:55Z
date: Mon, 16 Jan 2023 13:42:55 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.thawte.com/
200 OK 471 B IP
Hash 36f83f650ec26cc378c30ec8a45dc96e
516acb6175c556f1af853e94ea7392a5438eaeb8
ebcff91a909567a21f9641c87322248a7f17e2e91446444a9779af99791c1640
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4067
Cache-Control: max-age=117485
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Etag: "63c46c69-1d7"
Expires: Tue, 17 Jan 2023 22:21:00 GMT
Last-Modified: Sun, 15 Jan 2023 21:13:13 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&gjid=566321458&_gid=1599333676.1673876576&_u=IEBAAEAAAAAAACAAI~&z=1974809845
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&gjid=566321458&_gid=1599333676.1673876576&_u=IEBAAEAAAAAAACAAI~&z=1974809845
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&gjid=566321458&_gid=1599333676.1673876576&_u=IEBAAEAAAAAAACAAI~&z=1974809845 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://go.curogram.com
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://go.curogram.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 16 Jan 2023 13:42:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 36f83f650ec26cc378c30ec8a45dc96e
516acb6175c556f1af853e94ea7392a5438eaeb8
ebcff91a909567a21f9641c87322248a7f17e2e91446444a9779af99791c1640
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4067
Cache-Control: max-age=117485
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Etag: "63c46c69-1d7"
Expires: Tue, 17 Jan 2023 22:21:00 GMT
Last-Modified: Sun, 15 Jan 2023 21:13:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=3155473377803502&ev=PageView&dl=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&rl=&if=false&ts=1673876576396&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673876576394.76551197&it=1673876576068&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=3155473377803502&ev=PageView&dl=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&rl=&if=false&ts=1673876576396&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673876576394.76551197&it=1673876576068&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=3155473377803502&ev=PageView&dl=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&rl=&if=false&ts=1673876576396&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1673876576394.76551197&it=1673876576068&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 16 Jan 2023 13:42:55 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ce8d00c5fdc36c7feb7318020711d6c6
56b42148698741cd32886b0e8c8c164c1afa77f5
249817acd224df79d872906a1e7d1e63c08553520701a06106cce166421a2759
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash 80da883a1386f667df455f7dfb950534
b416dcd104aaacd43ced31fa12f28fb1bfec0c5e
7c6916978782fdd9c1cd9511489caa40fd221aaac55eaf914b6e61362690892b
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 13:42:55 GMT
Last-Modified: Mon, 16 Jan 2023 12:39:44 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G3uHlZj5xMoVkQlG7ae855usUZG6toXVcgHdp8-9A1QV5SFQOsNIPg==
Age: 3791
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3236698%26time%3D1673876575988%26url%3Dhttps%253A%252F%252Fgo.curogram.com%252Fsolutions-covid-testing-and-vaccinations%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3236698%26time%3D1673876575988%26url%3Dhttps%253A%252F%252Fgo.curogram.com%252Fsolutions-covid-testing-and-vaccinations%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3236698%26time%3D1673876575988%26url%3Dhttps%253A%252F%252Fgo.curogram.com%252Fsolutions-covid-testing-and-vaccinations%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.curogram.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3236698&time=1673876575988&url=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&c4058ac1-29e5-47b2-8b49-e8cd06af1a40"; Domain=.linkedin.com; Expires=Tue, 16-Jan-2024 13:42:55 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202301161342559b41ee66-3738-43f8-88de-1d71da95b600AQGPj9pqa035OOgPE9LO5dlLvHpUBA-N"; Domain=.www.linkedin.com; Expires=Tue, 16-Jan-2024 13:42:55 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzM4NzY1NzU7MjswMjHn1uvKI1Gjm+rPAMcVGKKYgRZFVcOs7GO6C5un0oBdwg==; Domain=.linkedin.com; Expires=Sat, 15 Jul 2023 13:42:55 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2411:u=1:x=1:i=1673876575:t=1673962975:v=2:sig=AQFh-j0949IrD71H0svTBGXeTznsgcEb"; Expires=Tue, 17 Jan 2023 13:42:55 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXyYcKvgSSflLtdlSX1GA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 237148432E9C49D8A5474DEB385550FC Ref B: OSL30EDGE0515 Ref C: 2023-01-16T13:42:55Z
date: Mon, 16 Jan 2023 13:42:55 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6db0ab20925a64068987b60dd6f72f9a
38d0bea36fbf16ec63bec71cb3bbe743541458b1
74082ea963e7afe8094d2e187e40309b5848948822467c62f1ef0852ae688564
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d.adroll.com/consent/check/S46F35FZXVEQZEBQ4KQJ6K?pv=76416158927.98526&arrfrr=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&_s=2d9820b58139fc4f15ee158188d4c483&_b=2
200 OK 462 B URL HTTP/2 d.adroll.com/consent/check/S46F35FZXVEQZEBQ4KQJ6K?pv=76416158927.98526&arrfrr=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&_s=2d9820b58139fc4f15ee158188d4c483&_b=2
IP
File type ASCII text, with very long lines (462), with no line terminators
Hash 459e0000763c89f59425fd31fe55a394
903b5cc031035a0077dfa010ac92c5c3eea36102
493715d2353ce34ffbaf7d57c3912eba46a27b207d8b6a00e1310191d006fe43
GET /consent/check/S46F35FZXVEQZEBQ4KQJ6K?pv=76416158927.98526&arrfrr=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&_s=2d9820b58139fc4f15ee158188d4c483&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:55 GMT
content-type: application/javascript
content-length: 462
server: nginx/1.22.0
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&_u=IEBAAEAAAAAAACAAI~&z=636587352
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&_u=IEBAAEAAAAAAACAAI~&z=636587352
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&_u=IEBAAEAAAAAAACAAI~&z=636587352 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 13:42:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&_u=IEBAAEAAAAAAACAAI~&z=636587352
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&_u=IEBAAEAAAAAAACAAI~&z=636587352
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37377953-11&cid=188260921.1673876576&jid=1825922433&_u=IEBAAEAAAAAAACAAI~&z=636587352 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 16 Jan 2023 13:42:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tr.outbrain.com/unifiedPixel?marketerId=00efcd0919f1a8c32385b91bec19f63830&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&optOut=false&bust=031900620862849804&referrer=
200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=00efcd0919f1a8c32385b91bec19f63830&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&optOut=false&bust=031900620862849804&referrer=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=00efcd0919f1a8c32385b91bec19f63830&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&optOut=false&bust=031900620862849804&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 13:42:55 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 59da0ead5952b9a48bc009306c574aaa
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.hs-analytics.net/analytics/1673876400000/4970424.js
200 OK 21 kB URL HTTP/2 js.hs-analytics.net/analytics/1673876400000/4970424.js
IP
File type ASCII text, with very long lines (64715)
Hash 3d0ca8335df1c50c2a0718addfcb79d1
b9eab727674048fdd910fd45162421cfcefe5d78
32d3b088895d7c38f4473cbd182a758fe2b8133a4413d7fce418518d2d07251e
GET /analytics/1673876400000/4970424.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:55 GMT
content-type: text/javascript
x-amz-id-2: tOuPF7DMH2WfjH17lUaIJTRMgmKMD864W2tWc3GOvkPMmLJmiSNhnupqU46vnDeh/aXbcD/ixzY=
x-amz-request-id: YWJCSV172W7RG4BV
last-modified: Sat, 07 Jan 2023 02:16:13 GMT
etag: W/"9e3df94323ca9024fb17657647523527"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Mon, 16 Jan 2023 13:47:55 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 78a746f2486fb527-OSL
content-encoding: br
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3236698&time=1673876575988&url=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3236698&time=1673876575988&url=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3236698&time=1673876575988&url=https%3A%2F%2Fgo.curogram.com%2Fsolutions-covid-testing-and-vaccinations&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://go.curogram.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&9b964d7f-704b-4433-82cb-f1544f8cb9d3"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 16-Jan-2024 13:42:55 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2445:u=1:x=1:i=1673876575:t=1673962975:v=2:sig=AQHXOlXEL_EcL8nuUNIYttV--Tjvd8ZC"; Expires=Tue, 17 Jan 2023 13:42:55 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXyYcKyd0ZEg+tS3Gkhvg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 29689109730B4AF286E71C61684EAD88 Ref B: OSL30EDGE0515 Ref C: 2023-01-16T13:42:55Z
date: Mon, 16 Jan 2023 13:42:55 GMT
content-length: 0
X-Firefox-Spdy: h2
s.adroll.com/j/roundtrip.js
200 OK 18 kB URL HTTP/1.1 s.adroll.com/j/roundtrip.js
IP
File type ASCII text, with very long lines (1139)
Hash b412d434bb00b5f2bbd6122e81ed2316
bb441865849fd9f6924bf49a522d40fee3131c97
0ee56a3fd135b671fc20b9b3f1422fee39f0bb0566dd7a13b7dc056383feda9c
GET /j/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 23:42:59 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: c46bE.9L1VPpk_2fDbiTiDKy4ZYsGJxp
Server: AmazonS3
Content-Encoding: gzip
Date: Mon, 16 Jan 2023 13:30:24 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"921666262b2234d4a4d129d30750823f"
Vary: Accept-Encoding
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
Age: 790
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nslhjM6NR4ItP0OVBwZpKU31AwSdYXcdYIpa9sRnS1GSekX0F9sW6Q==
js.hscollectedforms.net/collectedforms.js
200 OK 0 B URL HTTP/2 js.hscollectedforms.net/collectedforms.js
IP
GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.curogram.com
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:54 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 02:49:13 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: SN4HXBautbT5xHa4DdPckLpyluwLE8QR
etag: W/"349cabd549e2249f8fb6ac3ac6f08e00"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: 8P-ZTACMaQvReWXtsc6GHadAHVU4TRWLfnoHeEc1966nGkAW8-Q0Sw==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.312/bundles/project.js&cfRay=78a746ec2f261c06-ARN
x-hs-target-asset: collected-forms-embed-js/static-1.312/bundles/project.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: MISS
server: cloudflare
cf-ray: 78a746ec2f261c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
js.hsleadflows.net/leadflows.js
200 OK 0 B URL HTTP/2 js.hsleadflows.net/leadflows.js
IP
GET /leadflows.js HTTP/1.1
Host: js.hsleadflows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.curogram.com
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 12 Jan 2023 01:15:58 UTC
etag: W/"81f94bb71da5bf7e447ae1cd97c54e62"
x-amz-server-side-encryption: AES256
x-amz-version-id: cBWlZpBPNqCcN4.OsLoqDE.Qz8k.oCDt
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: UVxBkQn1zSHh2tEC80T0_mcoYaAebBSPbZeLdYpjOA54eBBYSrFCfA==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1126/bundle/main/lead-flows-release.js&cfRay=78a746ec2a03b4f9-IAD
x-hs-target-asset: lead-flows-js/static-1.1126/bundle/main/lead-flows-release.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
cf-cache-status: MISS
server: cloudflare
cf-ray: 78a746ec2a03b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3236698/domain/go.curogram.com/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3236698/domain/go.curogram.com/token
IP
GET /partner/3236698/domain/go.curogram.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://go.curogram.com
Connection: keep-alive
Referer: https://go.curogram.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 16 Jan 2023 13:42:55 GMT
access-control-allow-origin: *
cache-control: public, max-age=18648
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O1rJJHyWBiUZkRe2YKFIKC3fvDaaxDvEoGCUPRc0YuyfrOIpmnbBsw==
X-Firefox-Spdy: h2
go.curogram.com/solutions-covid-testing-and-vaccinations
200 OK 0 B URL HTTP/2 go.curogram.com/solutions-covid-testing-and-vaccinations
IP
ASN #209242 Cloudflare London, LLC
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1
GET /solutions-covid-testing-and-vaccinations HTTP/1.1
Host: go.curogram.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 16 Jan 2023 13:42:53 GMT
content-type: text/html; charset=UTF-8
cache-control: s-maxage=10800, max-age=0
etag: W/"ccf1ee46854bbf26562c48aab37a0a97"
last-modified: Sun, 15 Jan 2023 07:11:53 GMT
link: </hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
edge-cache-tag: CT-60187487038,P-4970424,CW-56666339867,CW-56666577947,CW-56755710592,CW-56791550465,E-56664277824,E-56664277858,E-56664277862,E-56666503553,E-56666576289,E-56666576292,E-58132442262,MENU-56747501078,PGS-ALL,SW-2,GC-56839361059,GC-58771150373,GC-58775231292,TS-56664277814
referrer-policy: no-referrer-when-downgrade
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-content-id: 60187487038
x-hs-hub-id: 4970424
x-hs-prerendered: Sun, 15 Jan 2023 07:11:53 GMT
x-powered-by: HubSpot
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxhxSJd4Qyfhzt3PgKrdth1gLBHFodBgLfVHfti%2FCOLQLoGrwbsv7RD9ibbnQmQ8SeIFVDEZNz512DA9XKAglrbwe9w5N70pnRV64%2BwNS6llXXkkCiKJpOc0dv70H%2BL16A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cf_bm=Tmr.k8.UXZ6JcmNiNDF0tCK0HSl5vDveaXXIE4VEG24-1673876573-0-Acv2vhnkYNggPu+0ayJnDX8QRyhmoR5JE6W6wYXkcf8AF5L8WNFLT0HhZbbzhSLEIRqVB09QsmhIXULQ1EpBBFs=; path=/; expires=Mon, 16-Jan-23 14:12:53 GMT; domain=.go.curogram.com; HttpOnly; Secure; SameSite=None
__cfruid=4cec4af26ccb9325e962ff4af77208204e5b99fb-1673876573; path=/; domain=.go.curogram.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 78a746e029ccb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </hs/hsstatic/HubspotToolsMenu/static-1.143/js/index.js>,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>,</_hcms/forms/v2.js>
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 0 B IP
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 13:42:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
199.60.103.254
104.17.67.176
95.101.11.57
54.74.252.81
93.184.220.29
31.13.72.36