Report - gbr01.safelinks.protection.outlook.com/?url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fahoy%2Fmessages%2Ff0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag%2Fclick%3Fsignature%3D0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4%26url%3Dhttps%253A%252F%252Frldglobal.ideas.aha.io%252Fportal_password_resets%252F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%253Finvited%253Dtrue%2526verify%253Dtrue%2526utm_source%253Didea_portals%25252Fportal_user_mailer%2526utm_medium%253Demail%2526utm_campaign%253Dinvitation&data=05%7C01%7Cdavid.hignett%40nhs.net%7C7afbaacac7a54b976a7a08dad867a501%7C37c354b285b047f5b22207b48d774ee3%7C0%7C0%7C638060236910822003%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ulAIsfyrgnkkAwiaCsqdLcW541uMSzR8TbboRmyK0Mo%3D&reserved=0

Report Overview

Submitted URL
gbr01.safelinks.protection.outlook.com/?url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fahoy%2Fmessages%2Ff0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag%2Fclick%3Fsignature%3D0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4%26url%3Dhttps%253A%252F%252Frldglobal.ideas.aha.io%252Fportal_password_resets%252F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%253Finvited%253Dtrue%2526verify%253Dtrue%2526utm_source%253Didea_portals%25252Fportal_user_mailer%2526utm_medium%253Demail%2526utm_campaign%253Dinvitation&data=05%7C01%7Cdavid.hignett%40nhs.net%7C7afbaacac7a54b976a7a08dad867a501%7C37c354b285b047f5b22207b48d774ee3%7C0%7C0%7C638060236910822003%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ulAIsfyrgnkkAwiaCsqdLcW541uMSzR8TbboRmyK0Mo%3D&reserved=0
IP
104.47.20.28
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-12-07 15:44:41
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	25 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.160.51.228
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.8 kB	104.18.32.68
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	95.101.11.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	1.6 kB	142.250.74.106
cdn.aha.io	109637	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	1.0 MB	54.230.111.76
gbr01.safelinks.protection.outlook.com	92590	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.5 kB	104.47.20.28
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	618 B	714 B	108.177.14.155
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.131
rldglobal.ideas.aha.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	20 kB	18.233.118.192
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	21 kB	142.250.74.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation	68 B	2023-03-08	2023-03-08
Pretty URL rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation IP 18.233.118.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:24 Last Seen2023-03-08 20:59:24 Times Seen1 Hash 4f04c1e50f949688f9d0891bb5256b1a 835d87b05d250b6991e7cf5c9c4bd46fe7dee4bb 176fc4da24287c323413875fad01e01eebb167d04cc0ff47496d815836bae323 Loading...

	cdn.aha.io/assets/runtime-6b37196ae2fa066eaab4ade2f68dae6d.js	22 kB	2023-03-08	2023-03-08
Pretty URL cdn.aha.io/assets/runtime-6b37196ae2fa066eaab4ade2f68dae6d.js IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:24 Last Seen2023-03-08 20:59:24 Times Seen1 Hash 2888fc80c953943c12ed37f151139178 ea9d1032096f83daae7f613ab3fd7cf89da77634 be5cf66e4838619381686de3811b62439f301621db5f0493e0344ec7f4d1e369 Loading...

	cdn.aha.io/assets/vendor-78452087c0bf22cbc522fcd8fb260ee9.js	7.0 MB	2023-03-08	2023-03-08
Pretty URL cdn.aha.io/assets/vendor-78452087c0bf22cbc522fcd8fb260ee9.js IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:24 Last Seen2023-03-08 20:59:24 Times Seen1 Hash cd3d5627525a9e27c8653f4f91b2ae37 3d994eb6f8a51236a0eacfea64a2ccbce3e5d624 7c14e3b1634809a895c232fbc49c5692fd1559eb714b8d33ebb42ca3bb5697d1 Loading...

	cdn.aha.io/assets/idea_portals_new-abcf24818f7725a4de77640896dd5e6a.js	3.7 MB	2023-03-08	2023-03-08
Pretty URL cdn.aha.io/assets/idea_portals_new-abcf24818f7725a4de77640896dd5e6a.js IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:25 Last Seen2023-03-08 20:59:25 Times Seen1 Hash 577750e0f0e5589c3a9e6df1147b4ae0 5ffb5c12ad74d06de1243d5039c42bcf0323a23e a6f6da5e352f4436a4a27ddcd76aa60f304b9c80c581a57506c6365a9fab2859 Loading...

	rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation	448 B	2023-03-08	2023-03-08
Pretty URL rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation IP 18.233.118.192 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:25 Last Seen2023-03-08 20:59:25 Times Seen1 Hash abf55c80f82f639851fa476d2c1182c9 00f9f6e1c5323d84cc22252a4dff77227ca4fc7a 087f7e3f3fe497315702dab8317ff17f699a2a273ba6dd7b97339af96ea12ee5 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (42)

	URL	IP	Response	Size
	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5ceaca9fd4ad000cb435820812fc69c8 8168397aaf7b572c89a9c83f46c0b65e4ac509f2 9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2778 Expires: Wed, 07 Dec 2022 16:30:48 GMT Date: Wed, 07 Dec 2022 15:44:30 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2630c6482aef4e822d6634e417f65ab6 6bd1264568eb9647d1665e51521b3bfc15d4df4a e00eaad18ffa9f5181fe540b156608df88565b09e98ca78b87eba97f3fbc6e79 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79" Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19535 Expires: Wed, 07 Dec 2022 21:10:05 GMT Date: Wed, 07 Dec 2022 15:44:30 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 07 Dec 2022 15:08:04 GMT content-type: application/json age: 2186 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0abf10fb7e96c1c98dacf2f013a68b4 acdd839bce85eadc78a8e821e32e00a958d5c0c8 b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4112 Expires: Wed, 07 Dec 2022 16:53:02 GMT Date: Wed, 07 Dec 2022 15:44:30 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: hI+wyXTvLbWEZFHgfVTzitJbM1be4EddTEACF96qVH/F/U0jcR+x0LR9+Cfab4u9z1Enb9wYA/s= x-amz-request-id: PMXKWK0TM5M9BDGG content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 07 Dec 2022 14:49:24 GMT age: 3306 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Wed, 07 Dec 2022 15:44:30 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 07 Dec 2022 15:07:58 GMT age: 2192 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 053aff7451e55d4269dd9610ab070f3f b3376256d11d159b0c7280ba1515b78d7d9e12ca 24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5526 Cache-Control: max-age=154466 Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 15:44:30 GMT Etag: "639057aa-1d7" Expires: Fri, 09 Dec 2022 10:38:56 GMT Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT Server: ECS (ska/F70A) X-Cache: HIT Content-Length: 471`

	push.services.mozilla.com/	35.160.51.228	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.160.51.228:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: sDbOVrrPl+4GitiTg0OLPA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 1Jhn7hWLNnupcKupLfnLfpTj5i0=`

	gbr01.safelinks.protection.outlook.com/?url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fahoy%2Fmessages%2Ff0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag%2Fclick%3Fsignature%3D0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4%26url%3Dhttps%253A%252F%252Frldglobal.ideas.aha.io%252Fportal_password_resets%252F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%253Finvited%253Dtrue%2526verify%253Dtrue%2526utm_source%253Didea_portals%25252Fportal_user_mailer%2526utm_medium%253Demail%2526utm_campaign%253Dinvitation&data=05%7C01%7Cdavid.hignett%40nhs.net%7C7afbaacac7a54b976a7a08dad867a501%7C37c354b285b047f5b22207b48d774ee3%7C0%7C0%7C638060236910822003%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ulAIsfyrgnkkAwiaCsqdLcW541uMSzR8TbboRmyK0Mo%3D&reserved=0	104.47.20.28	302 Found	521 B
URL HTTP/1.1 gbr01.safelinks.protection.outlook.com/?url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fahoy%2Fmessages%2Ff0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag%2Fclick%3Fsignature%3D0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4%26url%3Dhttps%253A%252F%252Frldglobal.ideas.aha.io%252Fportal_password_resets%252F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%253Finvited%253Dtrue%2526verify%253Dtrue%2526utm_source%253Didea_portals%25252Fportal_user_mailer%2526utm_medium%253Demail%2526utm_campaign%253Dinvitation&data=05%7C01%7Cdavid.hignett%40nhs.net%7C7afbaacac7a54b976a7a08dad867a501%7C37c354b285b047f5b22207b48d774ee3%7C0%7C0%7C638060236910822003%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ulAIsfyrgnkkAwiaCsqdLcW541uMSzR8TbboRmyK0Mo%3D&reserved=0 IP 104.47.20.28:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (449), with CRLF line terminators Size 521 B (521 bytes) Hash 704e5f7eb1b4c1b8fae714b5e2904108 2b029133d7669b3f019e5290a4422ccb16192db8 5c181b46b82ecc06ef567d59c1ae4b9f20f91c9dcd113501f86e1686b81b6db1 HTTP Headers GET /?url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fahoy%2Fmessages%2Ff0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag%2Fclick%3Fsignature%3D0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4%26url%3Dhttps%253A%252F%252Frldglobal.ideas.aha.io%252Fportal_password_resets%252F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%253Finvited%253Dtrue%2526verify%253Dtrue%2526utm_source%253Didea_portals%25252Fportal_user_mailer%2526utm_medium%253Demail%2526utm_campaign%253Dinvitation&data=05%7C01%7Cdavid.hignett%40nhs.net%7C7afbaacac7a54b976a7a08dad867a501%7C37c354b285b047f5b22207b48d774ee3%7C0%7C0%7C638060236910822003%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=ulAIsfyrgnkkAwiaCsqdLcW541uMSzR8TbboRmyK0Mo%3D&reserved=0 HTTP/1.1 Host: gbr01.safelinks.protection.outlook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 302 Found Cache-Control: private Content-Type: text/html; charset=utf-8 Location: https://rldglobal.ideas.aha.io/ahoy/messages/f0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag/click?signature=0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4&url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fportal_password_resets%2F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%3Finvited%3Dtrue%26verify%3Dtrue%26utm_source%3Didea_portals%252Fportal_user_mailer%26utm_medium%3Demail%26utm_campaign%3Dinvitation Server: Microsoft-IIS/10.0 X-AspNetMvc-Version: 4.0 X-SL-GetUrlReputation-Verdict: Good X-Robots-Tag: noindex, nofollow X-AspNet-Version: 4.0.30319 X-ServerName: CWLGBR01WS019 X-ServerVersion: 15.20.5901.014 X-ServerLat: 1038 X-SafeLinks-Tracking-Id: 969f4a34-9c3c-4c33-fcee-08dad869edd9 X-Powered-By: ASP.NET X-Content-Type-Options: nosniff X-UA-Compatible: IE=Edge Date: Wed, 07 Dec 2022 15:44:30 GMT Connection: close Content-Length: 521

	firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670425599656%22	35.241.9.150	200 OK	22 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670425599656%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (21675), with no line terminators Size 22 kB (21675 bytes) Hash 0f92b836f86a0036e21fa7a96923517d e12f0b970d1950426b2cb687f7e95f1748ce9e50 2b6b42b1eb42af0f2a16be6a47b95d170bb1f481b6f12b6b08982a6a919cb48a HTTP Headers `GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670425599656%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 21675 via: 1.1 google date: Wed, 07 Dec 2022 15:07:10 GMT last-modified: Wed, 07 Dec 2022 15:06:39 GMT content-type: application/json age: 2241 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash ecc935e8ec1cb0b44c2e0d2cb5c854bc 869192d99aa64d23dbd03116e1c48b1de5911e8f 55aecfa15e919ac268babc342fda19e5ff25e36a589a12bffb08001d7dfa3f7b HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 07 Dec 2022 15:44:31 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Sun, 04 Dec 2022 15:10:10 GMT Expires: Sun, 11 Dec 2022 15:10:09 GMT Etag: "869192d99aa64d23dbd03116e1c48b1de5911e8f" Cache-Control: max-age=342937,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775e62151df70b61-OSL`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15355 Expires: Wed, 07 Dec 2022 20:00:27 GMT Date: Wed, 07 Dec 2022 15:44:32 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1ab1615b2c8cc26b12fc0cf41734ff07 a7d54b3709ce75a20210e20013e6f06b0aa88e2d 22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1" Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15355 Expires: Wed, 07 Dec 2022 20:00:27 GMT Date: Wed, 07 Dec 2022 15:44:32 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg	34.120.237.76	200 OK	6.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.6 kB (6557 bytes) Hash 210b27f5f6310d8fad640acce3d9ae0e 08d241e56622cb900754d95bc5d58ed8826d9f32 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6557 x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cmcuMG6bIAMFUng= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 08:32:51 GMT age: 25901 etag: "08d241e56622cb900754d95bc5d58ed8826d9f32" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg	34.120.237.76	200 OK	6.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.8 kB (6846 bytes) Hash a7ee62c5e846e8ad4808f4724f15146d 6d55b299f906908309f91eaf0a720ad65866db04 0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6846 x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cdGx4E-mIAMFatg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fo3lMa6shsclTxMwkqU7b-FdfADL1J2vHt8BNpEImo0gsmmI01BNTQ== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 06:31:28 GMT age: 33184 etag: "6d55b299f906908309f91eaf0a720ad65866db04" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg	34.120.237.76	200 OK	8.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.4 kB (8438 bytes) Hash e95ebce9d79ba46cb96af9a45af1762f 985c6761675e6bcc0186f64d55f94cf09352f05c 5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8438 x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cvlqVGMjoAMFS6w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 21:53:40 GMT age: 64252 etag: "985c6761675e6bcc0186f64d55f94cf09352f05c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8701 bytes) Hash 604a4132da78a0c013b5818644adb121 ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566 eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8701 x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cm3-2HRWIAMFjfg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 22:01:53 GMT age: 63759 etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg	34.120.237.76	200 OK	8.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.4 kB (8351 bytes) Hash 98d2cf29c710d25bd2f03ff216fdd369 b8eb2e11f9655f19334befc036f21489a6473827 614c9b4a7ace908c1ef807964709cb292b33b48ce1d81ccbd2959c2c0ee156ac HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F079bc299-d390-4250-a91a-db3c535c9ca3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8351 x-amzn-requestid: 607d07ab-6833-4001-82ed-699ea91f84c9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cvlitFk9oAMFakQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638fb611-3e5f14f833b332647ef7358d;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:21 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 0w5Usq-LJMNHxw9UrwUqSslSVROXVHTmY_UhSHNaGh4k4xqh-FSa0A== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 21:57:19 GMT etag: "b8eb2e11f9655f19334befc036f21489a6473827" content-type: image/jpeg age: 64033 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11224 bytes) Hash b15136d60fd0a5e0f657a4f5c75d540f 36082b7329d473829178f280cb71a83b1531e486 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11224 x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUINEwdoAMFuOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT x-amz-cf-pop: YVR50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ== via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Tue, 06 Dec 2022 20:49:34 GMT age: 68098 etag: "36082b7329d473829178f280cb71a83b1531e486" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db 942e2c49b3848f11da966937f5914c62aed24bce 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 15:44:32 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.googleapis.com/css?family=Lato:400,700	142.250.74.106	200 OK	840 B
URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,700 IP 142.250.74.106:0 ASN #15169 GOOGLE File type data Size 840 B (840 bytes) Hash b5cda47833b267ac955577968dcffcc7 f2c04f09e5f9f58ead79472c01537d7a5a3daf13 76f2bf9a85fc0bc58502b2ede8aad9999c2dc759333f6516a69cc97969e88e79 HTTP Headers `GET /css?family=Lato:400,700 HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Wed, 07 Dec 2022 15:44:32 GMT date: Wed, 07 Dec 2022 15:44:32 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	rldglobal.ideas.aha.io/logo.jfif	18.233.118.192	200 OK	12 kB
URL HTTP/2 rldglobal.ideas.aha.io/logo.jfif IP 18.233.118.192:0 ASN #14618 AMAZON-AES File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 727x160, components 3\012- data Size 12 kB (12389 bytes) Hash 80248ed259cb9301c126da76990e798f d2e64b2fc9387921e18c596b071a102fb439350f c9bf4a3d3131868da33969136dbbe125ece4839e40aa1fb21d13bc23a456f990 HTTP Headers GET /logo.jfif HTTP/1.1 Host: rldglobal.ideas.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation Connection: keep-alive Cookie: _aha_t=7174433076296530645; _aha_app_2=An5sZfsz9AAgUo95XGlwsAcpMEvLJVIAaMKnFGfgqBYeR7bRZ68UzOMNw7bnQzi87h8ZbzzyMKe8gLrRfunvVJX7sqaexUrip%2BIZt4PJWxFzGSCEYEr5zQEk9ChYMzhADmI4mDl%2F8XLPyTxRu1RwnhQq7oSBlYwiNw5lQOxTALNg94Orma9MvB8nF5dgqBJ8Ab1DUvnN3Xm7jsfXbCfnuKPCjfqnUt2BiD7i0bKw5WrpcENQbg41gVIUMhTQMNb9jS6sUwabxsCAFKTJLJCJ2fzJ--8ZPi1NjrSSA7dOSO--yMzbjl0%2BqOZmK3DNvr2%2FtA%3D%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK server: openresty date: Wed, 07 Dec 2022 15:44:32 GMT content-type: image/jpeg content-length: 12389 cache-control: no-cache set-cookie: _aha_app_2=qzSh3zyA0lm91A%2BUv6ZWC6KY%2BnExJQjeeAVyGoC5IK2pib7ngIHA0y3gXc2f3iA7tcOUwgrqGCUKniDAJr%2FfigFDN962wjor33cTU6uRaSnvPuA3yteXXpFDvpzDM2miH7BqKTWIGH6IQawwDY%2F9q10rGjRNn9EbLXQuQPgapBaorUPkpRbvgXvT3fmnnRzpfDcaMnzPiQstm3zRAmKD1tnnah0ZkGu6K8fDxjXKJVpUmxy2ZyH%2FGUxXx6XcZFbVkNZM4%2F9Vnd%2F6FJUR9SsiLR1S--h%2FgPB1qeJocjOoC%2F--fiO9%2FVw2zeMKtSPTs5ylZA%3D%3D; path=/; secure; HttpOnly; SameSite=Lax x-amz-replication-status: FAILED last-modified: Tue, 20 Sep 2022 08:16:12 GMT x-amz-version-id: FcUx_3L5IsmJI1mYdRIHGDqlHObH5Fz7 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin etag: "80248ed259cb9301c126da76990e798f" X-Firefox-Spdy: h2

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 7b2f92e474f417901460b2cf009f0f7c 195ce7cec8cd72750cf34230dcb3a85877766f84 6d44eb0a8a48295fdd709413cf96a9b9f9a4e695d2da822a6e20460073bbfb09 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 07 Dec 2022 15:44:32 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 06 Dec 2022 14:47:58 GMT Expires: Tue, 13 Dec 2022 14:47:57 GMT Etag: "195ce7cec8cd72750cf34230dcb3a85877766f84" Cache-Control: max-age=514404,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775e621b7b210b39-OSL`

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 7b2f92e474f417901460b2cf009f0f7c 195ce7cec8cd72750cf34230dcb3a85877766f84 6d44eb0a8a48295fdd709413cf96a9b9f9a4e695d2da822a6e20460073bbfb09 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 07 Dec 2022 15:44:32 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 06 Dec 2022 14:47:58 GMT Expires: Tue, 13 Dec 2022 14:47:57 GMT Etag: "195ce7cec8cd72750cf34230dcb3a85877766f84" Cache-Control: max-age=514404,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775e621b7817b51d-OSL`

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 7b2f92e474f417901460b2cf009f0f7c 195ce7cec8cd72750cf34230dcb3a85877766f84 6d44eb0a8a48295fdd709413cf96a9b9f9a4e695d2da822a6e20460073bbfb09 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 07 Dec 2022 15:44:32 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 06 Dec 2022 14:47:58 GMT Expires: Tue, 13 Dec 2022 14:47:57 GMT Etag: "195ce7cec8cd72750cf34230dcb3a85877766f84" Cache-Control: max-age=514404,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775e621b7cbdb4ee-OSL`

	ocsp.sectigo.com/	104.18.32.68	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 104.18.32.68:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 7b2f92e474f417901460b2cf009f0f7c 195ce7cec8cd72750cf34230dcb3a85877766f84 6d44eb0a8a48295fdd709413cf96a9b9f9a4e695d2da822a6e20460073bbfb09 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 07 Dec 2022 15:44:32 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 06 Dec 2022 14:47:58 GMT Expires: Tue, 13 Dec 2022 14:47:57 GMT Etag: "195ce7cec8cd72750cf34230dcb3a85877766f84" Cache-Control: max-age=514404,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb5 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 775e621b7bc90b61-OSL`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8aa9320315b7fc787bfd0fd1baea8721 45328506883b22acc927b8038b73e5247b0a1679 c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 15:44:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/analytics.js	142.250.74.14	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.14:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1325) Size 20 kB (20039 bytes) Hash 47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Wed, 07 Dec 2022 14:46:55 GMT expires: Wed, 07 Dec 2022 16:46:55 GMT cache-control: public, max-age=7200 age: 3459 last-modified: Tue, 27 Sep 2022 22:01:05 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	rldglobal.ideas.aha.io/favicon.ico	18.233.118.192	200 OK	4.3 kB
URL HTTP/2 rldglobal.ideas.aha.io/favicon.ico IP 18.233.118.192:0 ASN #14618 AMAZON-AES File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size 4.3 kB (4286 bytes) Hash 14804ee4ebe32a8937a943b2e7a250d6 4ff2f3385837d76f3018b30be9d8415cc6a7c899 4caed642806d394ee83a1a12bef5176ba003516c4427cf88e8a4228a7fdb23a4 HTTP Headers GET /favicon.ico HTTP/1.1 Host: rldglobal.ideas.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation Connection: keep-alive Cookie: _aha_t=7174433076296530645; _aha_app_2=qzSh3zyA0lm91A%2BUv6ZWC6KY%2BnExJQjeeAVyGoC5IK2pib7ngIHA0y3gXc2f3iA7tcOUwgrqGCUKniDAJr%2FfigFDN962wjor33cTU6uRaSnvPuA3yteXXpFDvpzDM2miH7BqKTWIGH6IQawwDY%2F9q10rGjRNn9EbLXQuQPgapBaorUPkpRbvgXvT3fmnnRzpfDcaMnzPiQstm3zRAmKD1tnnah0ZkGu6K8fDxjXKJVpUmxy2ZyH%2FGUxXx6XcZFbVkNZM4%2F9Vnd%2F6FJUR9SsiLR1S--h%2FgPB1qeJocjOoC%2F--fiO9%2FVw2zeMKtSPTs5ylZA%3D%3D Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK server: openresty date: Wed, 07 Dec 2022 15:44:34 GMT content-type: image/vnd.microsoft.icon content-length: 4286 last-modified: Tue, 06 Dec 2022 18:52:21 GMT strict-transport-security: max-age=63072000; includeSubdomains; X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8aa9320315b7fc787bfd0fd1baea8721 45328506883b22acc927b8038b73e5247b0a1679 c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 15:44:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1418039148&t=pageview&_s=1&dl=https%3A%2F%2Frldglobal.ideas.aha.io%2Fportal_password_resets%2F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%3Finvited%3Dtrue%26verify%3Dtrue%26utm_source%3Didea_portals%252Fportal_user_mailer%26utm_medium%3Demail%26utm_campaign%3Dinvitation&ul=en-us&de=UTF-8&dt=Idea%20Portal&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAAABAAAAACAAI~&jid=1027036003&gjid=523852548&cid=170806895.1670427874&tid=UA-40594204-2&_gid=1346737207.1670427874&_r=1&_slc=1&z=1026149603	142.250.74.14	200 OK	4 B
URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1418039148&t=pageview&_s=1&dl=https%3A%2F%2Frldglobal.ideas.aha.io%2Fportal_password_resets%2F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%3Finvited%3Dtrue%26verify%3Dtrue%26utm_source%3Didea_portals%252Fportal_user_mailer%26utm_medium%3Demail%26utm_campaign%3Dinvitation&ul=en-us&de=UTF-8&dt=Idea%20Portal&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAAABAAAAACAAI~&jid=1027036003&gjid=523852548&cid=170806895.1670427874&tid=UA-40594204-2&_gid=1346737207.1670427874&_r=1&_slc=1&z=1026149603 IP 142.250.74.14:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash 9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 HTTP Headers POST /j/collect?v=1&_v=j98&aip=1&a=1418039148&t=pageview&_s=1&dl=https%3A%2F%2Frldglobal.ideas.aha.io%2Fportal_password_resets%2F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%3Finvited%3Dtrue%26verify%3Dtrue%26utm_source%3Didea_portals%252Fportal_user_mailer%26utm_medium%3Demail%26utm_campaign%3Dinvitation&ul=en-us&de=UTF-8&dt=Idea%20Portal&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAAABAAAAACAAI~&jid=1027036003&gjid=523852548&cid=170806895.1670427874&tid=UA-40594204-2&_gid=1346737207.1670427874&_r=1&_slc=1&z=1026149603 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Content-Type: text/plain Content-Length: 0 Origin: https://rldglobal.ideas.aha.io Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK access-control-allow-origin: https://rldglobal.ideas.aha.io date: Wed, 07 Dec 2022 15:44:34 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 6d7737802f93eeb14503d61c77c137bc fa6861c298d00f879b9f16af4f05470cecfc80af 6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 15:44:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40594204-2&cid=170806895.1670427874&jid=1027036003&gjid=523852548&_gid=1346737207.1670427874&_u=YEBAAAAAAAAAACAAI~&z=812555933	108.177.14.155	200 OK	1 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40594204-2&cid=170806895.1670427874&jid=1027036003&gjid=523852548&_gid=1346737207.1670427874&_u=YEBAAAAAAAAAACAAI~&z=812555933 IP 108.177.14.155:0 ASN #15169 GOOGLE File type very short file (no magic) Size 1 B (1 bytes) Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-40594204-2&cid=170806895.1670427874&jid=1027036003&gjid=523852548&_gid=1346737207.1670427874&_u=YEBAAAAAAAAAACAAI~&z=812555933 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Content-Type: text/plain Content-Length: 0 Origin: https://rldglobal.ideas.aha.io Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: https://rldglobal.ideas.aha.io strict-transport-security: max-age=10886400; includeSubDomains; preload date: Wed, 07 Dec 2022 15:44:34 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 1e181f9ed09fb72bf80535f26ad7b91a df966a15abb5b870e71527d73592f7d977011eb2 741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 07 Dec 2022 15:44:34 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	cdn.aha.io/assets/Inter-SemiBold.a553f44ac2c2f8ffdb1290d33b7c2425.woff2	54.230.111.76	200 OK	106 kB
URL HTTP/2 cdn.aha.io/assets/Inter-SemiBold.a553f44ac2c2f8ffdb1290d33b7c2425.woff2 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 105992, version 1.0\012- data Size 106 kB (105992 bytes) Hash a553f44ac2c2f8ffdb1290d33b7c2425 79fd2e20f8798683ec9af33159f72d793f5b20b3 77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414 HTTP Headers `GET /assets/Inter-SemiBold.a553f44ac2c2f8ffdb1290d33b7c2425.woff2 HTTP/1.1 Host: cdn.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rldglobal.ideas.aha.io Connection: keep-alive Referer: https://cdn.aha.io/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: binary/octet-stream content-length: 105992 date: Wed, 07 Dec 2022 15:44:35 GMT access-control-allow-origin: * access-control-allow-methods: GET, HEAD last-modified: Tue, 06 Dec 2022 20:00:40 GMT etag: "a553f44ac2c2f8ffdb1290d33b7c2425" x-amz-server-side-encryption: AES256 accept-ranges: bytes server: AmazonS3 vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Miss from cloudfront via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: yGNKipCYs9wZDEfKT1ttQ2qJ59TyC0iEWeBYUbm1nRBt3kZgo_EC8g== X-Firefox-Spdy: h2

	cdn.aha.io/assets/idea_portals_new-abcf24818f7725a4de77640896dd5e6a.js	54.230.111.76	200 OK	896 kB
URL HTTP/2 cdn.aha.io/assets/idea_portals_new-abcf24818f7725a4de77640896dd5e6a.js IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type data Size 896 kB (895648 bytes) Hash 6bba58ac10345e40cc2f3eff36275ff6 0329824b8a3fb1cd056244b53584d33dfad43d0c fe9a48e7151c1352f39093aa11d79f0c6cffda1ae4878c916a211b9d9f164c66 HTTP Headers `GET /assets/idea_portals_new-abcf24818f7725a4de77640896dd5e6a.js HTTP/1.1 Host: cdn.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Connection: keep-alive Cookie: _aha_t=7174433076296530645 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/2 200 OK content-type: application/javascript last-modified: Thu, 01 Dec 2022 20:36:04 GMT x-amz-server-side-encryption: AES256 server: AmazonS3 content-encoding: gzip date: Wed, 07 Dec 2022 15:44:32 GMT etag: W/"577750e0f0e5589c3a9e6df1147b4ae0" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: HkAQeXtlnlHKsCFddPhKRG6z7fwmJscOW2yyh_32_JV1E9hvgNQqaQ== age: 2520 X-Firefox-Spdy: h2`

	rldglobal.ideas.aha.io/ahoy/messages/f0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag/click?signature=0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4&url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fportal_password_resets%2F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%3Finvited%3Dtrue%26verify%3Dtrue%26utm_source%3Didea_portals%252Fportal_user_mailer%26utm_medium%3Demail%26utm_campaign%3Dinvitation	18.233.118.192	302 Found	0 B
URL HTTP/2 rldglobal.ideas.aha.io/ahoy/messages/f0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag/click?signature=0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4&url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fportal_password_resets%2F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%3Finvited%3Dtrue%26verify%3Dtrue%26utm_source%3Didea_portals%252Fportal_user_mailer%26utm_medium%3Demail%26utm_campaign%3Dinvitation IP 18.233.118.192:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers GET /ahoy/messages/f0k3GZsnTfDZvFuCjhjIxHn2BGnbGxag/click?signature=0085d0f4f372548643d2ae9f3dc36ea1f74ca1b4&url=https%3A%2F%2Frldglobal.ideas.aha.io%2Fportal_password_resets%2F18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d%3Finvited%3Dtrue%26verify%3Dtrue%26utm_source%3Didea_portals%252Fportal_user_mailer%26utm_medium%3Demail%26utm_campaign%3Dinvitation HTTP/1.1 Host: rldglobal.ideas.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: openresty date: Wed, 07 Dec 2022 15:44:31 GMT content-type: text/html; charset=utf-8 location: https://rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cache-control: no-cache x-request-id: 8485d062-aa61-4455-8476-4c3c0a02b2ab x-runtime: 0.023535 strict-transport-security: max-age=63072000; includeSubdomains; X-Firefox-Spdy: h2

	rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation	18.233.118.192	200 OK	0 B
URL HTTP/2 rldglobal.ideas.aha.io/portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation IP 18.233.118.192:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers GET /portal_password_resets/18057e2d36310b20a8e823f1826b2c99d8bd3cc4042b112e362fbd41c770035d?invited=true&verify=true&utm_source=idea_portals%2Fportal_user_mailer&utm_medium=email&utm_campaign=invitation HTTP/1.1 Host: rldglobal.ideas.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 200 OK server: openresty date: Wed, 07 Dec 2022 15:44:32 GMT content-type: text/html; charset=utf-8 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin p3p: CP="Aha! does not have a P3P policy. http://www.aha.io/legal/privacy_policy" cache-control: no-store pragma: no-cache expires: Fri, 01 Jan 1970 00:00:00 GMT feature-policy: geolocation 'none'; microphone 'none'; payment 'none' link: <https://cdn.aha.io/assets/idea_portals_new-5edc2134f38279cb2667890c8f758fa6.css>; rel=preload; as=style; nopush,<https://cdn.aha.io/assets/runtime-6b37196ae2fa066eaab4ade2f68dae6d.js>; rel=preload; as=script; nopush,<https://cdn.aha.io/assets/vendor-78452087c0bf22cbc522fcd8fb260ee9.js>; rel=preload; as=script; nopush,<https://cdn.aha.io/assets/idea_portals_new-abcf24818f7725a4de77640896dd5e6a.js>; rel=preload; as=script; nopush etag: W/"657f532d0b1cf71e868768a5801b384a" set-cookie: _aha_t=7174433076296530645; domain=aha.io; path=/; expires=Sat, 07 Dec 2024 15:44:31 GMT; secure; SameSite=Lax _aha_app_2=An5sZfsz9AAgUo95XGlwsAcpMEvLJVIAaMKnFGfgqBYeR7bRZ68UzOMNw7bnQzi87h8ZbzzyMKe8gLrRfunvVJX7sqaexUrip%2BIZt4PJWxFzGSCEYEr5zQEk9ChYMzhADmI4mDl%2F8XLPyTxRu1RwnhQq7oSBlYwiNw5lQOxTALNg94Orma9MvB8nF5dgqBJ8Ab1DUvnN3Xm7jsfXbCfnuKPCjfqnUt2BiD7i0bKw5WrpcENQbg41gVIUMhTQMNb9jS6sUwabxsCAFKTJLJCJ2fzJ--8ZPi1NjrSSA7dOSO--yMzbjl0%2BqOZmK3DNvr2%2FtA%3D%3D; path=/; secure; HttpOnly; SameSite=Lax x-request-id: d8bf53a3-ce40-4309-8298-21e09eec4713 x-runtime: 0.156658 strict-transport-security: max-age=63072000; includeSubdomains; content-encoding: gzip X-Firefox-Spdy: h2

	cdn.aha.io/assets/idea_portals_new-5edc2134f38279cb2667890c8f758fa6.css	54.230.111.76	200 OK	0 B
URL HTTP/2 cdn.aha.io/assets/idea_portals_new-5edc2134f38279cb2667890c8f758fa6.css IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /assets/idea_portals_new-5edc2134f38279cb2667890c8f758fa6.css HTTP/1.1 Host: cdn.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Connection: keep-alive Cookie: _aha_t=7174433076296530645 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/2 200 OK content-type: text/css last-modified: Wed, 23 Nov 2022 15:13:36 GMT x-amz-server-side-encryption: AES256 server: AmazonS3 content-encoding: gzip date: Wed, 07 Dec 2022 15:44:32 GMT etag: W/"5edc2134f38279cb2667890c8f758fa6" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: oQG16XdQzMj5rpDr7629d_VMRuRsrTfsf27HF9AU9QTXymUu7Ncuww== age: 2489 X-Firefox-Spdy: h2`

	cdn.aha.io/assets/runtime-6b37196ae2fa066eaab4ade2f68dae6d.js	54.230.111.76	200 OK	0 B
URL HTTP/2 cdn.aha.io/assets/runtime-6b37196ae2fa066eaab4ade2f68dae6d.js IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /assets/runtime-6b37196ae2fa066eaab4ade2f68dae6d.js HTTP/1.1 Host: cdn.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Connection: keep-alive Cookie: _aha_t=7174433076296530645 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 06 Dec 2022 20:01:08 GMT x-amz-server-side-encryption: AES256 server: AmazonS3 content-encoding: gzip date: Wed, 07 Dec 2022 15:25:47 GMT etag: W/"2888fc80c953943c12ed37f151139178" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: ehYTPvITwXTBeNW5_WiVL8p9SgV3VD0rfHHcLj4e3U9VngIywDi_Cw== age: 1835 X-Firefox-Spdy: h2`

	cdn.aha.io/assets/vendor-78452087c0bf22cbc522fcd8fb260ee9.js	54.230.111.76	200 OK	0 B
URL HTTP/2 cdn.aha.io/assets/vendor-78452087c0bf22cbc522fcd8fb260ee9.js IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /assets/vendor-78452087c0bf22cbc522fcd8fb260ee9.js HTTP/1.1 Host: cdn.aha.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://rldglobal.ideas.aha.io/ Connection: keep-alive Cookie: _aha_t=7174433076296530645 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` `HTTP/2 200 OK content-type: application/javascript last-modified: Fri, 02 Dec 2022 20:22:15 GMT x-amz-server-side-encryption: AES256 server: AmazonS3 content-encoding: gzip date: Wed, 07 Dec 2022 15:05:35 GMT etag: W/"cd3d5627525a9e27c8653f4f91b2ae37" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: gVRwnCj0lYiDweMdavf77gLVyNO0iLx1iGKBTTBP0fyNv5RBEo74kQ== age: 2476 X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size