Report - hello.avadelco.biz/click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next

Report Overview

Submitted URL
hello.avadelco.biz/click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next
IP
52.53.211.236
ASN
#16509 AMAZON-02
Submitted
2023-02-06 14:43:35
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	7.1 kB	197 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	2.4 kB	4.6 kB	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.187.187.233
js.stripe.com	1149	2012-09-30T14:39:23Z	2023-03-13T05:20:37Z	1.3 kB	122 kB	151.101.0.176
geolocation.onetrust.com	802	2018-02-07T12:23:41Z	2023-03-13T05:59:21Z	428 B	14 kB	188.114.99.234
d3v0px0pttie1i.cloudfront.net	unknown	2016-04-03T23:02:19Z	2023-03-13T08:31:11Z	422 B	55 kB	143.204.42.21
calendly.com	6123	2014-01-10T04:26:19Z	2023-03-13T08:31:10Z	5.8 kB	30 kB	172.66.43.26
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	1.3 kB	18 kB	34.160.144.191
m.stripe.network	1204	2017-05-17T17:53:13Z	2023-03-13T05:20:40Z	878 B	18 kB	151.101.0.176
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.1 kB	11 kB	23.36.76.226
proxy.quickmail.com	unknown	2019-12-11T02:58:39Z	2023-03-13T03:26:35Z	537 B	745 B	54.91.6.89
shavar.services.mozilla.com	3602	2015-09-28T08:30:01Z	2023-03-13T05:09:14Z	453 B	204 B	34.217.182.232
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.2 kB	36 kB	34.120.237.76
m.stripe.com	1092	2017-01-30T13:42:51Z	2023-03-13T06:40:22Z	954 B	1.4 kB	34.209.12.98
detectportal.firefox.com	1601	2018-08-30T11:52:03Z	2023-03-13T05:09:11Z	606 B	428 B	34.107.221.82
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	944 B	143.204.42.156
cdn.cookielaw.org	502	2013-12-28T14:20:36Z	2023-03-13T05:12:20Z	2.6 kB	127 kB	104.16.148.64
d6tizftlrpuof.cloudfront.net	unknown	2013-05-24T02:48:46Z	2023-03-13T06:01:10Z	452 B	18 kB	54.230.245.25
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-13T08:02:38Z	435 B	45 kB	34.120.5.221
w.usabilla.com	3254	2012-12-06T08:59:01Z	2023-03-13T06:24:10Z	367 B	14 kB	34.247.204.93
assets.calendly.com	15697	2018-10-07T06:01:58Z	2023-03-13T08:07:14Z	3.6 kB	460 kB	172.66.43.26
notifier-configs.airbrake.io	9316	2022-12-04T17:22:43Z	2023-03-13T07:32:34Z	1.4 kB	1.3 kB	54.230.111.8
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	435 B	165 kB	216.58.211.3
hello.avadelco.biz	unknown	2023-02-02T15:30:04Z	2023-03-11T18:57:52Z	438 B	273 B	52.53.211.236

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-06 14:44:03	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-02-06 14:44:03	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n	977 B	2023-03-13	2023-03-13
Pretty URL www.recaptcha.net/recaptcha/enterprise.js?render=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:52:00 Last Seen2023-03-13 20:46:14 Times Seen1 Hash 479d6b245a6810a7768a8e23b5668574 c97c9169b6afdfb639a4d5ba5e38f12f4eac1825 f560ca27449b9b7c96b8067cd177d20dfb8102f641b1360c6731c89c8f530ca0 Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js	631 B	2023-03-08	2024-04-03
Pretty URL js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js IP 151.101.0.176 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:46 Last Seen2024-04-03 16:20:49 Times Seen6173 Hash f8f6a4584135f737b26927596ce6e0a7 609ea9e9c46563fb1dc78a7967c926394e73ffab 250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6 Loading...

	m.stripe.network/inner.html#url=https%3A%2F%2Fcalendly.com%2Favadel-sales-team%2Fsdr-initial-consult&title=Calendly%20-%20Avadel%20Sales%20Team&referrer=&muid=NA&sid=NA&version=6&preview=false	809 B	2023-03-07	2023-04-05
Pretty URL m.stripe.network/inner.html#url=https%3A%2F%2Fcalendly.com%2Favadel-sales-team%2Fsdr-initial-consult&title=Calendly%20-%20Avadel%20Sales%20Team&referrer=&muid=NA&sid=NA&version=6&preview=false IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-04-05 02:11:07 Times Seen392 Hash c27cf622675c4437d72f0a597fc0b071 7b93ce05044f359f9ba5a335fe47c6aa462d7251 7bf26abb893d1a4d590963ba4ad02c7e11778bbaa02307ee8ad683d60f43caf1 Loading...

	w.usabilla.com/dc9688c7588b.js?lv=1	49 kB	2023-03-13	2023-03-13
Pretty URL w.usabilla.com/dc9688c7588b.js?lv=1 IP 34.247.204.93 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:26:55 Last Seen2023-03-13 18:26:55 Times Seen1 Hash a1c8417b35f20e7ba64edbb3ef85a472 4f55d8bd90edd19bec30135dcb557133d134d3e5 a0ca47ed175d555816a5610ebeab47a1034ff8f9fd5e1630ab2119b313b68562 Loading...

	calendly.com/avadel-sales-team/sdr-initial-consult	181 kB	2023-03-13	2023-03-13
Pretty URL calendly.com/avadel-sales-team/sdr-initial-consult IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:26:55 Last Seen2023-03-13 18:26:55 Times Seen1 Hash ca53ee72ad8689cc241955a2cedcbdf9 1c69cf4e8c8eaaa58bcef42d7f67b650354c4fb8 aab987f16d15ae6fca71e6bdde7dfb962ca021d24662996cb1c1bda6b37ff611 Loading...

	calendly.com/avadel-sales-team/sdr-initial-consult	64 B	2023-03-08	2024-03-06
Pretty URL calendly.com/avadel-sales-team/sdr-initial-consult IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:23 Last Seen2024-03-06 16:35:11 Times Seen450 Hash 567353b92170ae88b81b17b6b8181a45 9800de614863d081da3ea8fe6857552d3456f68e 2f6abaf4a87c3101100fca626131ca5f0855844b00fc5cddc37406449474b537 Loading...

	calendly.com/avadel-sales-team/sdr-initial-consult	1.8 kB	2023-03-13	2024-03-06
Pretty URL calendly.com/avadel-sales-team/sdr-initial-consult IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:47:55 Last Seen2024-03-06 16:35:11 Times Seen448 Hash 3a5ba84a25f7f20f4118a5aeddfb99be 81e52632d479170f0ec3ddf0d5f0af1757a2507d 9f5abbe4fe762b2c2cc59348093d8d6848bc95f3eb6c095cce2748a7922da79a Loading...

	www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9i443qdpx7hp	35 kB	2023-03-13	2023-03-13
Pretty URL www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9i443qdpx7hp IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:26:55 Last Seen2023-03-13 18:26:55 Times Seen1 Hash 5f4b35121cc007b3bc60c76a5e3a2b04 9093f6cfe0173ed9fe67c1396d85f3bec99bc5c5 a9a3b5a8058b2e13b7ddd996e0cec1898b983b72e3722f570ca3b3ff9854331a Loading...

	assets.calendly.com/assets/booking/js/locales/en-e6951073.chunk.js	25 kB	2023-03-13	2023-03-13
Pretty URL assets.calendly.com/assets/booking/js/locales/en-e6951073.chunk.js IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:52:00 Last Seen2023-03-13 22:07:05 Times Seen1 Hash 3b2ff3e6071317f4f4ae5835d7dac27a 07c437640b791d15866ec777b96d928989c6a15b 25afb79889ac6711b3e73686ffe28c7fd9b1523690dd8e0aeb2a04576e2d4b27 Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	26 kB	2023-03-13	2024-02-26
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.148.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:29:58 Last Seen2024-02-26 19:47:30 Times Seen27 Hash eb5f773edabd6cb145a5ef495f1d4e57 79167a56792fc85f624078183bbd8941748ce730 83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff Loading...

	www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9i443qdpx7hp	78 B	2023-03-07	2024-04-26
Pretty URL www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LeAb4QUAAAAAOM9CNYSsvbnzWTByRAgm3GA5D4n&co=aHR0cHM6Ly9jYWxlbmRseS5jb206NDQz&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9i443qdpx7hp IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2024-04-26 21:42:19 Times Seen2131 Hash 448da244080e4e0ea89e10703010ba71 8c1f7e69138083db28206be2ac8e434a49f381a4 ca21a8ec20b3329036ccc2e1c9166f6a9f3a710473cf7beed37019787e24948f Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 06:00:58 Times Seen37111856 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	assets.calendly.com/assets/booking/js/booking-runtime-411ad5c1.js	11 kB	2023-03-13	2023-03-13
Pretty URL assets.calendly.com/assets/booking/js/booking-runtime-411ad5c1.js IP 172.66.43.26 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:52:00 Last Seen2023-03-13 18:26:55 Times Seen1 Hash 7e9a901e6a842e2d4b3c1a4372aeca52 4fb008e9d875cc7f462f412c2f732abfffa67538 55f68e65cb09781b8916b666901f06e09f659518a024657957bab654edee4040 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8cddf3a193bc8351467064f7c3bbf856	18 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 18:26:55 Last Seen2023-03-13 18:26:55 Times Seen1 Hash 8cddf3a193bc8351467064f7c3bbf856 364171d5b7755b31e2d4428884b433580c1cb4a4 2d1044e3dd5fe57d100eeb9a2fa7755eea857a4c297ddd0172f157b91d067f49 Loading...

	#2 Eval - 7b2eafe88ff7e98cc36c5c04b4ca0b2b	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash 7b2eafe88ff7e98cc36c5c04b4ca0b2b e5eb03ff52599fd6e9dfc5df7a84a4200939aaca 9046ff9b2d9db3cff99ee5340d7ef7e5b46e26790abfe59db85edb95245d1c6b Loading...

	#3 Eval - b5c61f793566b8c202d085b2b08770ba	16 kB	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash b5c61f793566b8c202d085b2b08770ba 3ebd7972ef7c752f5e5ee50aad7f3e8f7cd6f56e a6226fffc806e7350700ded0d0fd6197209384c7e441e441c2d1aadd5213e295 Loading...

	#4 Eval - 54203d80fe39daeb129ac49dfa505647	62 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash 54203d80fe39daeb129ac49dfa505647 3afb4e397f319778b09eb79deb8fe5532db04f1e 0b0cbc8a00f6c0cd41604b5ab47421a48d6e68716c14d02fb593444c327540b0 Loading...

	#5 Eval - eed16ff4b73849b2ea4fde6a4a10a729	22 B	2023-03-13	2023-03-14
Pretty Observations First Seen2023-03-13 15:06:48 Last Seen2023-03-14 07:43:08 Times Seen1 Hash eed16ff4b73849b2ea4fde6a4a10a729 9ba91162a36ca15781b19bfe8ae9a5e2df98d55b 971ac3be55ba44d48d62046dbf8373a0f48d762150a3d9e69744f95449a1911b Loading...

		Size	First Seen	Last Seen
	#1 Write - bd823c2bf6398134e5b6637645081621	173 B	2023-03-13	2024-03-07
Pretty Observations First Seen2023-03-13 01:47:55 Last Seen2024-03-07 00:09:41 Times Seen786 Hash bd823c2bf6398134e5b6637645081621 4f4ac8f61e33fe7621fb2d349dc71ed779d9d222 31b7782b29e6404f98b62a9035e30e64520ace165b21c13b423ce6c98702f173 Loading...

	#2 Write - 4c41e452bd28c55cf2cd49dc82cce1c6	494 B	2023-03-13	2023-05-15
Pretty Observations First Seen2023-03-13 01:47:55 Last Seen2023-05-15 12:52:25 Times Seen152 Hash 4c41e452bd28c55cf2cd49dc82cce1c6 f90fa870590cec92bd4d4348d2e18cb53b029514 be40dc10eb4c55474824fc641788f6f79caf3cf0fa78bfa7513f4908603f35a1 Loading...

HTTP Transactions (81)

	URL	IP	Response	Size
	detectportal.firefox.com/success.txt?ipv4	34.107.221.82	200 OK	8 B
URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4 IP 34.107.221.82:0 ASN #15169 GOOGLE File type ASCII text Size 8 B (8 bytes) Hash ae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 HTTP Headers `GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Length: 8 Via: 1.1 google Date: Mon, 06 Feb 2023 08:55:58 GMT Age: 20840 Content-Type: text/plain Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 0bf32948ebe69cc5a92dce2b209a6bab 291d5e9e653dd98a1c4e7bdeb0dd6d55befe20ea 52a298b4036a7ae2fe6ea0630e9f9536a47b7e865a8a9d7b0c917f5111e885e8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "52A298B4036A7AE2FE6EA0630E9F9536A47B7E865A8A9D7B0C917F5111E885E8" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8376 Expires: Mon, 06 Feb 2023 17:02:54 GMT Date: Mon, 06 Feb 2023 14:43:18 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1cdc095521e9ee2606059be447d1fdd5 02b5d0a5b5823e2338daf7e144700babe2a213af 8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66" Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3388 Expires: Mon, 06 Feb 2023 15:39:46 GMT Date: Mon, 06 Feb 2023 14:43:18 GMT Connection: keep-alive`

	getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30	34.120.5.221	200 OK	44 kB
URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 IP 34.120.5.221:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators Size 44 kB (43873 bytes) Hash d435a16e7e2b02ebd2571e11a745b4fc 1ef5ec4bddc34b1032f584c265d0aa6cc81ea3f8 84e4592148116755a57bbc6f1f7be8157507dbccf7e4275fe43298b83ae29f0e HTTP Headers `GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 Host: getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx vary: Accept-Encoding content-location: global-recs.php tcn: choice x-frame-options: SAMEORIGIN status: 200 OK x-source: Pocket pragma: cache p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE" x-cache: Hit from cloudfront x-amz-cf-pop: SEA73-P2 x-amz-cf-id: Oe8Lf3v_vpjfzEKmeB48n1GxU278CzfTbR37erjtFkd-FKFZDWQ-FQ== content-encoding: gzip via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 14:32:13 GMT age: 665 content-type: application/json content-length: 43873 cache-control: s-maxage=900,public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	hello.avadelco.biz/click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next	52.53.211.236	301 Moved Permanently	0 B
URL HTTP/1.1 hello.avadelco.biz/click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next IP 52.53.211.236:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next HTTP/1.1 Host: hello.avadelco.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Content-Type: text/html Date: Mon, 06 Feb 2023 14:43:18 GMT Location: https://proxy.quickmail.com/click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next Server: Cowboy Via: 1.1 vegur Content-Length: 0`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash fb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64" Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6043 Expires: Mon, 06 Feb 2023 16:24:01 GMT Date: Mon, 06 Feb 2023 14:43:18 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: yrPzCz7xIczeTMS0jE/jFvpcRq7rpSXFIoos9VGZkM/BGSOj+FmS+5SCJEgQVVDxnv2nxUU0AG4= x-amz-request-id: PWKRPGMB8XN7Z3GQ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 06 Feb 2023 13:58:49 GMT age: 2669 last-modified: Fri, 30 Sep 2022 18:50:55 GMT etag: "67d5a988edcda47bc3b3b3f65d32b4b6" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c21ba65e44ac95470c314e068e49a9eb 17a13b13738993d889d4afa3d848dc63bf6eba64 9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66" Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11742 Expires: Mon, 06 Feb 2023 17:59:00 GMT Date: Mon, 06 Feb 2023 14:43:18 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 06 Feb 2023 14:34:05 GMT content-type: application/json age: 553 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 06 Feb 2023 14:43:18 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e3d1137c3f7f1e63a16ae6c5d0ae4da4 0c02fb946ce6037b4aa8f7365c9f33b112103985 3360249979e40ddf1a427d9094b8ba0b62440dc71d885cbfeb164031df38519e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3360249979E40DDF1A427D9094B8BA0B62440DC71D885CBFEB164031DF38519E" Last-Modified: Sun, 05 Feb 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21509 Expires: Mon, 06 Feb 2023 20:41:47 GMT Date: Mon, 06 Feb 2023 14:43:18 GMT Connection: keep-alive`

	proxy.quickmail.com/click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next	54.91.6.89	301 Moved Permanently	124 B
URL HTTP/1.1 proxy.quickmail.com/click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next IP 54.91.6.89:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document, ASCII text, with no line terminators Size 124 B (124 bytes) Hash 032ec209bf683bb219908ca3f601333c 2987d64b3cec84dc692c2763da675bb838192a02 1fb19177d005151492de0872f66ec81f929d946d8f0b80e4fe35d03c6bdedcca HTTP Headers GET /click/1/550203102/05380d9504b0723137dbcfeeb574ad82/d008e01093b5511453165c2092ec2022/next HTTP/1.1 Host: proxy.quickmail.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 301 Moved Permanently Connection: keep-alive X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Download-Options: noopen X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Location: https://calendly.com/avadel-sales-team/sdr-initial-consult Content-Type: text/html; charset=utf-8 Cache-Control: no-cache X-Request-Id: fe967159-04fb-45dd-b490-67ef74ae6ca4 X-Runtime: 0.032717 Server: Date: Last-Modified: Strict-Transport-Security: max-age=63072000; includeSubDomains Transfer-Encoding: chunked Via: 1.1 vegur

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash ffc87f9ac48fe66c2c6b2ff16515d812 717ef25f427f17f2d2b8b7bf072ce6a5c41d3844 da2902f794c69b0b3a156043c5c0246e1dece467b2cbc4746e38dad55aef5c01 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 116 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:19 GMT Last-Modified: Mon, 06 Feb 2023 14:41:23 GMT Server: ECS (ska/F709) X-Cache: HIT Content-Length: 471`

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 279 B (279 bytes) Hash 9df1d9f2e9c6ac3c37aa7275b597bc88 55583cc6afea300f8d2997b8d5da6f5385efe97f 84990e5c6e2783a2cdf2bbdb81a3b8dd09ad2c9a7477607be063372b5878e56f HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3894 Cache-Control: max-age=102501 Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:19 GMT Etag: "63dff036-117" Expires: Tue, 07 Feb 2023 19:11:40 GMT Last-Modified: Sun, 05 Feb 2023 18:06:46 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 279`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 06 Feb 2023 14:07:20 GMT age: 2159 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2	34.217.182.232	200 OK	8 B
URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2 IP 34.217.182.232:0 ASN #16509 AMAZON-02 File type ASCII text Size 8 B (8 bytes) Hash 29fc57841962e407cb50c1be60284bf7 ce968a77e2996da5eee8925182318f171ccdce47 ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b HTTP Headers `POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 Host: shavar.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 773 Connection: close Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: none Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/octet-stream Date: Mon, 06 Feb 2023 14:43:19 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Length: 8 Connection: Close`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9b88bae61bca33aba8aa99f6128db8d9 a07b61fb2458917699613fcae68710941b595416 54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA" Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2530 Expires: Mon, 06 Feb 2023 15:25:29 GMT Date: Mon, 06 Feb 2023 14:43:19 GMT Connection: keep-alive`

	push.services.mozilla.com/	54.187.187.233	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.187.187.233:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: kcPXHLmSByn2Lm8TGkeTRw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: XVXMhEMz1kBpRGn/X9V4BEC/sNY=`

	firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675694025494%22	35.241.9.150	200 OK	22 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675694025494%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (21681), with no line terminators Size 22 kB (21681 bytes) Hash 79149cfd1551541ba7c8257cb7d69416 a3bb22297028dd7cd6c2c765cf6f6a2e49bb7b29 58caefedb053a07a3f4373c5a742207532c7d3a8c37a60a58472b96fb2661b06 HTTP Headers `GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675694025494%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 21681 via: 1.1 google date: Mon, 06 Feb 2023 14:37:20 GMT last-modified: Mon, 06 Feb 2023 14:33:45 GMT content-type: application/json age: 359 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22	35.241.9.150	200 OK	27 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (27294), with no line terminators Size 27 kB (27294 bytes) Hash 1e630048e362b77c6ad38fd0ea8e4288 15cdb480e906413a492e7269c43f64f0f8956ff6 a6071af1e1185a063481aca6541ad39a5b7f02d67a990e33f6f02c8782f98d53 HTTP Headers `GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1675449433343&_since=%221666204638208%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 27294 via: 1.1 google date: Mon, 06 Feb 2023 13:44:31 GMT age: 3528 last-modified: Fri, 03 Feb 2023 18:37:13 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK x-amz-id-2: tK3nBX2u9bAzfpkWowusC2zIWwSHu6ifoGVi79xcRrxS1ktXABq8t/mgc1UNT69QU0lTjDVYWsM= x-amz-request-id: JZ2YSFE6N9T3R191 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 06 Feb 2023 13:45:11 GMT age: 3488 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bf0c602d32b3c14606f22a86183b5e3c 6eabd8d83475eba731968abe1a05a8bfd272f160 6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 06 Feb 2023 14:34:05 GMT content-type: application/json age: 555 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 1070bda5398d0e4012c7ebe62828e6ee e072659271bcce877688f7244e58cad847ce57f9 026369f2eac79a5506de6e2fa9879298ec7c63882cbff6a4cb49688783de9485 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "026369F2EAC79A5506DE6E2FA9879298EC7C63882CBFF6A4CB49688783DE9485" Last-Modified: Sun, 05 Feb 2023 01:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5141 Expires: Mon, 06 Feb 2023 16:09:01 GMT Date: Mon, 06 Feb 2023 14:43:20 GMT Connection: keep-alive`

	ocsp.sca1b.amazontrust.com/	143.204.42.156	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 143.204.42.156:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 02158b6697d8080486c6aefe11be3aa4 52f4a25b501ee6d5d902aa654053cf25a94596b6 aa6bb979f4ecdc8c00383531bafa6f9592dd6457742eb573513455805c6893d9 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Mon, 06 Feb 2023 14:43:20 GMT Last-Modified: Mon, 06 Feb 2023 13:43:29 GMT Server: ECS (nyb/1D33) X-Cache: Miss from cloudfront Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 7AwO-Mih3mdrCEM3vNl-tYrePhKJWo64ytUgoCmeyJrgYFRj5pVTxg== Age: 3591`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22	35.241.9.150	200 OK	5.3 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (5292), with no line terminators Size 5.3 kB (5292 bytes) Hash 69ea02f4bd722bc1dba315f6508bff04 8a38ddb4b244d88db76d399c1d1d4f0e83d2dcf0 729cb4ee47b66be659d748a3121de3fafe4918b74acff2c9a8a1dfc33c67373c HTTP Headers `GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675631138013&_since=%221662044085942%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 5292 via: 1.1 google date: Mon, 06 Feb 2023 14:09:04 GMT age: 2056 last-modified: Sun, 05 Feb 2023 21:05:38 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	w.usabilla.com/dc9688c7588b.js?lv=1	34.247.204.93	200 OK	13 kB
URL HTTP/2 w.usabilla.com/dc9688c7588b.js?lv=1 IP 34.247.204.93:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (13249) Size 13 kB (13414 bytes) Hash 1efa9ea0aef6b71cda37a4d186d3e49b cefc28cb0a2d6af8e4c4fbee8c6309f456064d15 f3f03b8a4782f4f0a797081acb7cab4de079dcb57bcbadc9cb6bb48712af19dc HTTP Headers `GET /dc9688c7588b.js?lv=1 HTTP/1.1 Host: w.usabilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://calendly.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:20 GMT content-type: text/javascript content-length: 13414 cache-control: public,max-age=0 content-encoding: gzip etag: "aa4fcc4adb7d937cdf5d91174f7adb23" pragma: no-cache x-widget-server: 2.1 X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22	35.241.9.150	200 OK	932 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (932), with no line terminators Size 932 B (932 bytes) Hash 22ad217b8542124e6c8821717559faf6 4330760a23c61ac654d088a592408e3b5c3b0bc5 a003887785e0e602be4c05929a584b7f3f1f79f27460e7eb35a4998663c5436b HTTP Headers `GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Alert, Content-Length, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 932 via: 1.1 google date: Mon, 06 Feb 2023 13:44:06 GMT age: 3554 last-modified: Sun, 05 Feb 2023 16:36:44 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22	35.241.9.150	200 OK	1.5 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators Size 1.5 kB (1505 bytes) Hash 5fbaf2b7815ccde4e006732f60cf45c3 358f788e1494eb1777de83a84aa1e831c6189ec9 d95422b3bbfa32ed668a90e5db3f3dd703e46d69e169e82a1e014b64b6b2d703 HTTP Headers `GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1505 via: 1.1 google date: Mon, 06 Feb 2023 13:54:10 GMT age: 2950 last-modified: Sat, 04 Feb 2023 16:36:45 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22	35.241.9.150	200 OK	52 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (52267), with no line terminators Size 52 kB (52267 bytes) Hash 06e189dc52881e7f5616b0214ff59542 16bd38b5d24dbc7fb6d44561cad597d6f555cf52 3b59d876391dc2db99e43edcffa3ed5a184468b0c937ef6293fc392ed7426df8 HTTP Headers GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1675468864323&_since=%221666483264567%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 52267 via: 1.1 google date: Mon, 06 Feb 2023 14:29:42 GMT age: 818 last-modified: Sat, 04 Feb 2023 00:01:04 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	detectportal.firefox.com/success.txt?ipv4	34.107.221.82	200 OK	8 B
URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4 IP 34.107.221.82:0 ASN #15169 GOOGLE File type ASCII text Size 8 B (8 bytes) Hash ae780585f49b94ce1444eb7d28906123 7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5 HTTP Headers `GET /success.txt?ipv4 HTTP/1.1 Host: detectportal.firefox.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Length: 8 Via: 1.1 google Date: Mon, 06 Feb 2023 08:55:58 GMT Age: 20842 Content-Type: text/plain Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675459018632&_since=%221666279968541%22	35.241.9.150	200 OK	70 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675459018632&_since=%221666279968541%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65536), with no line terminators Size 70 kB (70181 bytes) Hash 8818fb009189a8f32c82de2c9dbef0ac 8da541bdc5aaa5ad5f9f8cd936f69c17d09e2063 796f325e35d855f4001ee15b3ba9f3a2d25fdaba26527e259a833ea1b33b6d11 HTTP Headers `GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1675459018632&_since=%221666279968541%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 70181 via: 1.1 google date: Mon, 06 Feb 2023 14:10:52 GMT age: 1948 last-modified: Fri, 03 Feb 2023 21:16:58 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash a3d7474790bd1bb7085e24507afccff4 8281e5304c45e41aa96d6395fcc6dea9f81c251c ef207bdfff69a7b45ebb93af668cd77bbd1d197c8bf2ce7abe08a7b98a93f4d4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1711 Cache-Control: max-age=126276 Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:20 GMT Etag: "63e0559d-1d7" Expires: Wed, 08 Feb 2023 01:47:56 GMT Last-Modified: Mon, 06 Feb 2023 01:19:25 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 471`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22	35.241.9.150	200 OK	2.1 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (2144), with no line terminators Size 2.1 kB (2144 bytes) Hash 5cfd74fcbede0ee061689b95c597b11b 75d870f627cdc06f4cb7fa47751ae56c740da850 c68708f43d2bf28e3d619542c6fd7ab408f034a7f87de731ed11356efc4453eb HTTP Headers `GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1674132577705&_since=%221657747510534%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 2144 via: 1.1 google date: Mon, 06 Feb 2023 14:05:03 GMT age: 2297 last-modified: Thu, 02 Feb 2023 16:36:44 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	js.stripe.com/v3	151.101.0.176	200 OK	118 kB
URL HTTP/2 js.stripe.com/v3 IP 151.101.0.176:0 ASN #54113 FASTLY File type ASCII text, with very long lines (65536), with no line terminators Size 118 kB (118542 bytes) Hash d2cd49bf5f9c3f948fe39778dc632363 e9a969951f8dfcd6b280632d91d01755b0971daa 311d97b529d7231bf8bb42c5c13543c60f3506a52bc3dceb8d8cf426211df69a HTTP Headers `GET /v3 HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK last-modified: Fri, 03 Feb 2023 21:59:34 GMT etag: "638ce73a366c14c70d612128520d3260" cache-control: max-age=60 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Mon, 06 Feb 2023 14:43:20 GMT via: 1.1 varnish age: 9 x-request-id: 1f7680b8-7823-4886-908e-a15d4630e9c9 x-served-by: cache-bma1682-BMA x-cache: HIT x-cache-hits: 4 vary: Accept-Encoding timing-allow-origin: * content-length: 118542 X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22	35.241.9.150	200 OK	1.7 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators Size 1.7 kB (1742 bytes) Hash 22092e301760ed865af6ece6eb04b1be 557b52e40ec2d8f2fe080580a1858c8666791bf2 12afba8f5929ab372e9cffbbe57e8bb562c60fc0a98b751c69de1adc04fb4aea HTTP Headers `GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1742 via: 1.1 google date: Mon, 06 Feb 2023 14:29:59 GMT age: 801 last-modified: Wed, 01 Feb 2023 16:36:43 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22	35.241.9.150	200 OK	1.7 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1719), with no line terminators Size 1.7 kB (1719 bytes) Hash 91fc66b0cc0a6a614095f1a64df0ae3b 36d83cd4aac353d81990df94ac1e5466483ab145 fee8713249b5cc35e5a4bb521c3a645c8b2a0c927c8384b99cf4f3a046e5d316 HTTP Headers `GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1719 via: 1.1 google date: Mon, 06 Feb 2023 14:37:35 GMT age: 345 last-modified: Tue, 31 Jan 2023 16:36:45 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22	35.241.9.150	200 OK	1.3 kB
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators Size 1.3 kB (1250 bytes) Hash 4b4dc2f2fa90e5157009acf4c7b1d589 ec64bb109dac848eafb80765cb510015c5d3ffd5 83ad9f7b27e6c7f20f257f0a3ff004ca69cfd0d4768222a51a655ac9ae139f6e HTTP Headers `GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 1250 via: 1.1 google date: Mon, 06 Feb 2023 13:47:34 GMT age: 3346 last-modified: Tue, 31 Jan 2023 16:36:44 GMT content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F" Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 06 Feb 2023 15:38:01 GMT Date: Mon, 06 Feb 2023 14:43:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F" Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 06 Feb 2023 15:38:01 GMT Date: Mon, 06 Feb 2023 14:43:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F" Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 06 Feb 2023 15:38:01 GMT Date: Mon, 06 Feb 2023 14:43:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F" Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 06 Feb 2023 15:38:01 GMT Date: Mon, 06 Feb 2023 14:43:20 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3b4ea902c3e097daaa31810cb66d585a 97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049 0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F" Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3281 Expires: Mon, 06 Feb 2023 15:38:01 GMT Date: Mon, 06 Feb 2023 14:43:20 GMT Connection: keep-alive`

	assets.calendly.com/assets/booking/js/booking-6131117a.js	172.66.43.26	200 OK	441 kB
URL HTTP/2 assets.calendly.com/assets/booking/js/booking-6131117a.js IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type Unicode text, UTF-8 text, with very long lines (65339), with no line terminators Size 441 kB (440922 bytes) Hash eb4470ddbce8178618c2511d73cceb7a 40686b30049c03b3f2088e5b634ee15fb05814e8 6850b441f7c5838c478e8ecc635d7f2f1a88e5ff706a36937810e83f4f600f60 HTTP Headers GET /assets/booking/js/booking-6131117a.js HTTP/1.1 Host: assets.calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Cookie: __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:19 GMT content-type: application/javascript cf-ray: 7954a850ffc7b51d-OSL age: 331167 cache-control: public, max-age=31536000 etag: W/"47eeb7fb4b2d3250d9ead92f37dde6ed" expires: Tue, 07 Feb 2023 14:43:19 GMT last-modified: Thu, 02 Feb 2023 18:37:19 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: HIT cf-bgj: minify cf-polished: origSize=1591531 x-content-type-options: nosniff vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg	34.120.237.76	200 OK	9.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.8 kB (9808 bytes) Hash ccc8078cc937b7de0b299bcee1496f1b 395f04af71767acc9516387c8b07bde08968fdfe cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9808 x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f4oiSFZAIAMF65g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0 x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw== via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 21:50:03 GMT age: 60797 etag: "395f04af71767acc9516387c8b07bde08968fdfe" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg	34.120.237.76	200 OK	7.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.9 kB (7851 bytes) Hash 13572f84ad268caedcc897f2ad7b9baf afb91ab43953e8915a2169618d2ab5e330cde0a1 0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7851 x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f4oiRHeEIAMFjjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0 x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 7LXNdWi5iKCUI61c2z3spsg5_DGu1jnZ4cIACc3MCmqWP57RveBMGw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 21:50:03 GMT age: 60797 etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258	35.241.9.150	200 OK	682 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators Size 682 B (682 bytes) Hash ee3b2ca8193a47eb1c2f1628b80b953f 6b53021c8663e3a0f874c5f030902a78c3ef1b9d 2cc501aa09d747a9b69b88c92f896650b9c9f5c32dae8b2315ab61c63d9a4ccc HTTP Headers `GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 682 via: 1.1 google date: Mon, 06 Feb 2023 14:40:14 GMT age: 186 last-modified: Sun, 29 Jan 2023 16:36:52 GMT etag: "1675010212483" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10582 bytes) Hash 000cb25b2cb4fa30ce745582dafbab99 a5227f79e64bcab8d8f03822e6d408400a03a23e 7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10582 x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: f4okSFKKIAMFlUA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0 x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google date: Sun, 05 Feb 2023 22:04:24 GMT age: 59936 etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg	34.120.237.76	200 OK	3.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.9 kB (3943 bytes) Hash d6107217bc206ebf204dfcf832cffc04 4f370e81106ef09ce9294eaa074ff6922197ded0 2cc25b8ddf56ceb274bd147d4e54f3fc386a97f984aa3a7bcc19f083fe68b94f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3943 x-amzn-requestid: 918fd8d6-0118-4548-9380-e3078577a876 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fzWBtEdKoAMFwnw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63de03a4-6d8ffde860d89fbc513a20f9;Sampled=0 x-amzn-remapped-date: Sat, 04 Feb 2023 07:05:08 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ZRVPNp0hKlSBXYjgbVfF8MGqNMHCKF2T4fAqflvZz8z-Uy9bKR9HhA== via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Mon, 06 Feb 2023 07:18:54 GMT age: 26666 etag: "4f370e81106ef09ce9294eaa074ff6922197ded0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	assets.calendly.com/assets/booking/js/booking-runtime-411ad5c1.js	172.66.43.26	200 OK	15 kB
URL HTTP/2 assets.calendly.com/assets/booking/js/booking-runtime-411ad5c1.js IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (2620) Size 15 kB (14848 bytes) Hash a8e01730832fc38077e2fc160925baf0 8a7fc3addb6857494044cbd6f329afc940aac588 b10012de53a372f3f74fd9056a48336471b4a1084c5f4cd2148a16b7237f2a73 HTTP Headers GET /assets/booking/js/booking-runtime-411ad5c1.js HTTP/1.1 Host: assets.calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Cookie: __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:20 GMT content-type: application/javascript cf-ray: 7954a850efc3b51d-OSL age: 331168 cache-control: public, max-age=31536000 etag: W/"82fc8b6b93280f85fc3a9c3c5e40a917" expires: Tue, 07 Feb 2023 14:43:20 GMT last-modified: Thu, 02 Feb 2023 18:37:19 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: HIT cf-bgj: minify cf-polished: origSize=19551 x-content-type-options: nosniff vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK x-amz-id-2: jKJLgqt/jd2P9zsH3NPb6roCehJ3R4uCD3GDqJ0DNmmjHNvL6M7y6tMaz14V785jsmwrRlKGAb8= x-amz-request-id: 4ME1FPZYJDDQ0PPH content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 06 Feb 2023 13:53:43 GMT age: 2977 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript	54.230.111.8	200 OK	0 B
URL HTTP/2 notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript IP 54.230.111.8:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript HTTP/1.1 Host: notifier-configs.airbrake.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: GET Access-Control-Request-Headers: cache-control Referer: https://calendly.com/ Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK content-length: 0 date: Mon, 06 Feb 2023 14:43:21 GMT access-control-allow-origin: * access-control-allow-methods: GET access-control-allow-headers: cache-control vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method server: AmazonS3 x-cache: Miss from cloudfront via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Uap46ehc2YrSVPkvvcPdjyYN9_7kZqbSFbwxpQfx-aJnQNQ8EPoyGA== X-Firefox-Spdy: h2`

	notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript	54.230.111.8	200 OK	218 B
URL HTTP/2 notifier-configs.airbrake.io/2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript IP 54.230.111.8:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 218 B (218 bytes) Hash 539c4cea4ea951c45968ba49186e20a9 d8baf2ba9eb73882d56d77d4b776d144d789958f 8acee54f6a0177511da9094fe528e7a359d5acc11e062cd7d370be3051ecd961 HTTP Headers GET /2020-06-18/config/90109/config.json?&notifier_name=airbrake-js%2Fbrowser&notifier_version=2.1.5&os=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&language=JavaScript HTTP/1.1 Host: notifier-configs.airbrake.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Cache-Control: no-cache,no-store Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK content-type: binary/octet-stream content-length: 218 access-control-allow-origin: * access-control-allow-methods: GET last-modified: Thu, 02 Feb 2023 22:00:34 GMT accept-ranges: bytes server: AmazonS3 date: Mon, 06 Feb 2023 06:58:43 GMT etag: "539c4cea4ea951c45968ba49186e20a9" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: XIx0gSPslw1DVU1aH8D-dH_va3AqLSF3peGiv86Dwsm9QbH8mTT_Bg== age: 45097 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	278 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 278 B (278 bytes) Hash dbb6ab5f43a114b7e8f306338fff6c3e 9e3be674121661d8e20cb1e4a947ead313ba6502 619aada44ffb41ab63a078d019ed81617e6986a9ddf320980e1803bf37d33f9f HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 4002 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:20 GMT Last-Modified: Mon, 06 Feb 2023 13:36:38 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 278`

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	104.16.148.64	200 OK	8.4 kB
URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.148.64:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (25592) Size 8.4 kB (8384 bytes) Hash e248bb3ed9070ee48f0b5bc674e6a49d 46a6ac373399405df390e910c580cf850dce9886 74fd866eaf62b63cec2b85eadf2245e9302107f4c8fabc25f9c3e5cd49f40a6b HTTP Headers `GET /scripttemplates/otSDKStub.js HTTP/1.1 Host: cdn.cookielaw.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/javascript content-length: 8384 content-encoding: gzip content-md5: 4ki7PtkHDuSPC1vGdOaknQ== last-modified: Thu, 02 Feb 2023 13:33:36 GMT etag: 0x8DB05221689032C x-ms-request-id: 3a8b6a68-201e-0101-2064-379f4e000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * cache-control: max-age=86400 cf-cache-status: HIT age: 72288 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7954a858a87a0b55-OSL X-Firefox-Spdy: h2

	cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json	104.16.148.64	200 OK	1.8 kB
URL HTTP/2 cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json IP 104.16.148.64:0 ASN #13335 CLOUDFLARENET File type JSON data\012- , ASCII text, with very long lines (4860), with no line terminators Size 1.8 kB (1767 bytes) Hash ab808bb2591aabfecd0ecf1d6e1fa47c e171ff9edfea2e76039c53d3bb07b871a5221a5a 5cb9457e8018bb8e388037fc094869f74a39c6fe2b6189ee322f545eac1e9574 HTTP Headers `GET /consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/a838c8e4-e3ce-442e-8f96-c88d0af98990.json HTTP/1.1 Host: cdn.cookielaw.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/x-javascript content-length: 1767 cache-control: public, max-age=86400 content-encoding: gzip content-md5: q4CLslkaq/7NDs8dbh+kfA== last-modified: Fri, 23 Sep 2022 14:23:04 GMT etag: 0x8DA9D6F20AE7912 x-ms-request-id: 9cf98986-a01e-015f-0e77-cf6c4d000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * cf-cache-status: HIT age: 55195 expires: Tue, 07 Feb 2023 14:43:21 GMT accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7954a858df790b39-OSL X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	279 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 279 B (279 bytes) Hash 0a9831a3638a6e965f9f493ec373250b 3d345056120064927b051d81740f1787309022ad 7355f87b092cdb090b9aee59c62a4e25ff673488f5c8e0979ac0fd1c40c5ca44 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5691 Cache-Control: max-age=142463 Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:21 GMT Etag: "63e0854d-117" Expires: Wed, 08 Feb 2023 06:17:44 GMT Last-Modified: Mon, 06 Feb 2023 04:42:53 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 279`

	cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js	104.16.148.64	200 OK	87 kB
URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js IP 104.16.148.64:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65455) Size 87 kB (87115 bytes) Hash 6c3a79eec4b4e3d743911a822f89b9dd 825b0a196869a4e5c94448fd4295a97b187627a2 ecc79fab45c82bc236b38b2ff002a7daa38e7e3dc32e7deec1f2258b263edc46 HTTP Headers `GET /scripttemplates/6.35.0/otBannerSdk.js HTTP/1.1 Host: cdn.cookielaw.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/javascript content-length: 87115 content-encoding: gzip content-md5: bDp57sS049dDkRqCL4m53Q== last-modified: Mon, 06 Jun 2022 06:21:06 GMT etag: 0x8DA4784BD4AE529 x-ms-request-id: 74e8856d-c01e-0004-086f-792d64000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * cache-control: max-age=86400 cf-cache-status: HIT age: 45161 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7954a85a6a4b0b55-OSL X-Firefox-Spdy: h2

	cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json	104.16.148.64	200 OK	21 kB
URL HTTP/2 cdn.cookielaw.org/consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json IP 104.16.148.64:0 ASN #13335 CLOUDFLARENET File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (65528), with no line terminators Size 21 kB (20906 bytes) Hash 53c569621461f0386d693c493281e2a1 5c689aca672259108d4e6d3346973f229f308f38 99e7bf0855166fa1881fee477c05906fe832677584a62507e57d7a774f76fe4b HTTP Headers `GET /consent/a838c8e4-e3ce-442e-8f96-c88d0af98990/5951f320-20c6-4a8b-af0f-fd8407279735/en.json HTTP/1.1 Host: cdn.cookielaw.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/x-javascript content-length: 20906 cache-control: public, max-age=86400 content-encoding: gzip content-md5: U8VpYhRh8DhtaTxJMoHioQ== last-modified: Fri, 23 Sep 2022 14:23:26 GMT etag: 0x8DA9D6F2E2A99CC x-ms-request-id: 1008f8a9-201e-0128-685f-cfe90c000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * cf-cache-status: HIT age: 55043 expires: Tue, 07 Feb 2023 14:43:21 GMT accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7954a85afa030b39-OSL X-Firefox-Spdy: h2

	cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json	104.16.148.64	200 OK	3.0 kB
URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/assets/otFlat.json IP 104.16.148.64:0 ASN #13335 CLOUDFLARENET File type JSON data\012- , ASCII text, with very long lines (10856) Size 3.0 kB (2959 bytes) Hash cc948eb637569cf77ed166fd88c3725f 1f4a0b0572bec956b6cf690649a2d02b84bb57e2 33dfefa3180070c5a5006930180d07fd4248aa69b6b82d81e246db42ce82bb26 HTTP Headers `GET /scripttemplates/6.35.0/assets/otFlat.json HTTP/1.1 Host: cdn.cookielaw.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/json content-length: 2959 content-encoding: gzip content-md5: zJSOtjdWnPd+0Wb9iMNyXw== last-modified: Mon, 06 Jun 2022 06:20:56 GMT etag: 0x8DA4784B7908BBB x-ms-request-id: 76124876-a01e-0176-5b81-791a0f000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * cache-control: max-age=86400 cf-cache-status: HIT age: 55195 accept-ranges: bytes vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7954a85b6a8e0b39-OSL X-Firefox-Spdy: h2

	geolocation.onetrust.com/cookieconsentpub/v1/geo/location	188.114.99.234	200 OK	13 kB
URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location IP 188.114.99.234:0 ASN #0 File type JSON data\012- , ASCII text, with very long lines (51572) Size 13 kB (13114 bytes) Hash 758e1c992226ca78cd666d94e1762677 d8097d6ecaa9cefc6b77431f48bc1e4aff81cde1 1bf905df774e627ba1b02d169cc6014be994e2a05923835d4d1d4fd5c5a9c19d HTTP Headers `GET /cookieconsentpub/v1/geo/location HTTP/1.1 Host: geolocation.onetrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/json access-control-allow-origin: * access-control-allow-headers: Content-Type access-control-allow-methods: GET, OPTIONS vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7954a859a99dfac4-OSL content-encoding: gzip X-Firefox-Spdy: h2`

	d3v0px0pttie1i.cloudfront.net/uploads/team/avatar/203758/c86c587e.jpg	143.204.42.21	200 OK	54 kB
URL HTTP/1.1 d3v0px0pttie1i.cloudfront.net/uploads/team/avatar/203758/c86c587e.jpg IP 143.204.42.21:0 ASN #16509 AMAZON-02 File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 200x200, components 3\012- data Size 54 kB (54454 bytes) Hash 681705b572cb878a92ae4828e0d16162 3a4a78b72bb421f3aeb2e996ae349f8de9153b80 9c9fdd626bfbda3b7f919ff30a506d804dfb206d29757bb4dcd0fdc99e4092c2 HTTP Headers `GET /uploads/team/avatar/203758/c86c587e.jpg HTTP/1.1 Host: d3v0px0pttie1i.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: image/jpeg Content-Length: 54454 Connection: keep-alive Date: Wed, 01 Feb 2023 16:59:40 GMT Last-Modified: Tue, 13 Apr 2021 19:01:31 GMT ETag: "681705b572cb878a92ae4828e0d16162" Cache-Control: max-age=315576000 x-amz-version-id: qC1ttOmV9XP9WtWCwQdtcFvuxyGjfNQx Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: QvWO4FH8swtqZZtQP-xDrn0P-knNEgbVXoQYSCt43yKGv7qdBt6RGw== Age: 423822

	calendly.com/api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-06&range_end=2023-02-12	172.66.43.26	200 OK	23 kB
URL HTTP/2 calendly.com/api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-06&range_end=2023-02-12 IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type JSON data\012- , ASCII text, with very long lines (1773), with no line terminators Size 23 kB (22591 bytes) Hash b0f765cd7069ed99237a99b4a5e890da 3179a75670e1808999a7cddc067460dcba6d1c1f c301847e5aca5af1e4b89e0bfbf2eabe384c2aa1076ed80407503e6fce0c7a8d HTTP Headers GET /api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-06&range_end=2023-02-12 HTTP/1.1 Host: calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/avadel-sales-team/sdr-initial-consult?month=2023-02 X-CSRF-Token: bxXh_9qchDe0i_UopVmjpmlyavigoLtMBXB8vvUs10CAu2tYgdbpkMT04yHlMi6y081nHnAr2orToK04hHgCwg X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: _calendly_session=bRuHaM7MsytRvpAxCCqluOe6FiIvCOFTH1n57dX5ZiHWNnjQjKhnLZY0%2FDSG0bSQhUDKHpoTx62anwoQHDdvQ1wirmttwRuHlgRpMqgTINXf1AULCySbaqXCKL5GUZ62%2B0jjVX2jFB0WBVt5zOlju3BgsAq%2FGtf66EBpMJIqC0FYVWXmBeL913IIzH5l354GDMuFT1Fz5VrtmmR3vn6%2BUDlYHiLwLkovToNhV%2BDY%2BHRfihVxXrIrLTSma3g%2FOvx0S%2B0CR451%2BKYLsx8jdS%2Fvm%2FAAhfQGTPEeHE1NTP1lHREz0rqNwIE7nI0Z0z%2B5jCNlFh9ZGtSoGOjmL4fUnLmV%2F3gHYZwoMiCj69yslKSydzecupMNuf60bF83DRsMxZBdeTjFCD1JuBQgQtUXt3A0%2FuggdPrUG4856ncPb8lmNEVvjsD1SYMI06hZSVM0O%2F8oqm6tXGR4gE6aING1kMhS9o4ke5GRS2F2e7T7QY7E2Mhw1fSkVKgOTy%2F2O%2B9bBrct86KTYximZCfBQpoq6sHQ0806%2BIbWqvOX78Xh7ZTzIGD486aKBgax36YnUx88bM78GbNHj86FtIRfYtwiuIc2xS2rzE%2FCnFKaspFl74xaslYgH%2BQ%3D--oKOFjzr%2FzJTFnbPV--m4tm2tX0RLGPgGyrc%2FwUZQ%3D%3D; __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599; _dd_s=logs=1&id=30c939b3-24c8-4cf5-8908-0c6c00241427&created=1675694645806&expire=1675695545806 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/json; charset=utf-8 cf-ray: 7954a8586b43b51d-OSL cache-control: max-age=0, private, must-revalidate etag: W/"5ffdec35ae4fbe4f2dd960155d1623b3" set-cookie: _calendly_session=8w60yb1bwhqn2%2FEhNktznAGo6So0z60jiKAzeIm1AD%2FwqQPIuumvuhG6MG4EUz0X0UdAKX6AX9L9H9xULeY02M4VqlsYy1KYV027it5mGyT3qQlcKTkgwP%2BP9LFyleaHJKSPuETT%2B9L5cgwJXnBPb80baRDlqcv9GSjUI29WnCYRmsArNDXGN71axPzgMd9DJO%2BY1gemEiAVpQpFlI6Nx1OUjtLGgInN6re0JRVqCSdNeE59xGyBWPyAAJyfBvXZ6GR9fpJy6aKYTaHXzH3klHrpTW2azN7NOM8p%2BqU4SYWQPUn%2FzJPBfrLYf5oz4ef5iDy15e33EvBiDiKp1HtN7QP24c0w%2FnLfjEcVY9MYfpDs0dXlDtN5GSmy%2B89XsqD2EiiFLjvhmwvozT06VZIkH55A40uts8T12rxFJ4Pv9iBmUIZA2LiJocma8un%2B1xL%2Bg59FQszDU7Rk6p4QzzxFTy7UHbKYIe10vYRgm%2BKbPFE4uyOPE2BGB0K%2FvImwL5Jbk%2B%2Fx3%2BqyMevsL9UTDlHGLCRRwNvhjfVBHbTuM5GAFBj4m6MHaGjMck9KM2AknEE6gb5F%2Fsg0%2F7MQE5f9atT%2FmYfF3LA%2FA3DJ8W9P5B6bNAzkZFY%3D--YB8zx%2B16dRW62cRp--Rg0lMsP%2B2wmdzjTxelanjA%3D%3D; path=/; expires=Mon, 27 Feb 2023 14:43:21 GMT; secure; HttpOnly; SameSite=Lax strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: DYNAMIC referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-frame-options: ALLOWALL x-request-id: 9b24ea1f66b13d80c24d82091596040e x-runtime: 0.325341 vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 36363a5a058b9cae8a8a6705bdc0602b 45a99476a49cb3e0b273f03db250421a991299f9 4b26a8d36ddef0145641e003ff9d0bb3eff1903ba683ac8319a727f8d51f36e4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	calendly.com/api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-13&range_end=2023-02-19	172.66.43.26	200 OK	1.0 kB
URL HTTP/2 calendly.com/api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-13&range_end=2023-02-19 IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type JSON data\012- , ASCII text, with very long lines (3492), with no line terminators Size 1.0 kB (1023 bytes) Hash 62f91f8d89a163f3727d7ab3c9c9af1b d44400579074fde0db4c6fa459f58d11e4ad4cf1 d471fc60da8776b276dbef1d0270e42f093356611a52d3e3cacd7437aac7f384 HTTP Headers GET /api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-13&range_end=2023-02-19 HTTP/1.1 Host: calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/avadel-sales-team/sdr-initial-consult?month=2023-02 X-CSRF-Token: bxXh_9qchDe0i_UopVmjpmlyavigoLtMBXB8vvUs10CAu2tYgdbpkMT04yHlMi6y081nHnAr2orToK04hHgCwg X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: _calendly_session=bRuHaM7MsytRvpAxCCqluOe6FiIvCOFTH1n57dX5ZiHWNnjQjKhnLZY0%2FDSG0bSQhUDKHpoTx62anwoQHDdvQ1wirmttwRuHlgRpMqgTINXf1AULCySbaqXCKL5GUZ62%2B0jjVX2jFB0WBVt5zOlju3BgsAq%2FGtf66EBpMJIqC0FYVWXmBeL913IIzH5l354GDMuFT1Fz5VrtmmR3vn6%2BUDlYHiLwLkovToNhV%2BDY%2BHRfihVxXrIrLTSma3g%2FOvx0S%2B0CR451%2BKYLsx8jdS%2Fvm%2FAAhfQGTPEeHE1NTP1lHREz0rqNwIE7nI0Z0z%2B5jCNlFh9ZGtSoGOjmL4fUnLmV%2F3gHYZwoMiCj69yslKSydzecupMNuf60bF83DRsMxZBdeTjFCD1JuBQgQtUXt3A0%2FuggdPrUG4856ncPb8lmNEVvjsD1SYMI06hZSVM0O%2F8oqm6tXGR4gE6aING1kMhS9o4ke5GRS2F2e7T7QY7E2Mhw1fSkVKgOTy%2F2O%2B9bBrct86KTYximZCfBQpoq6sHQ0806%2BIbWqvOX78Xh7ZTzIGD486aKBgax36YnUx88bM78GbNHj86FtIRfYtwiuIc2xS2rzE%2FCnFKaspFl74xaslYgH%2BQ%3D--oKOFjzr%2FzJTFnbPV--m4tm2tX0RLGPgGyrc%2FwUZQ%3D%3D; __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599; _dd_s=logs=1&id=30c939b3-24c8-4cf5-8908-0c6c00241427&created=1675694645806&expire=1675695545806 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/json; charset=utf-8 cf-ray: 7954a8586b4bb51d-OSL cache-control: max-age=0, private, must-revalidate etag: W/"21b1ce61d416648e57158aa25d599423" set-cookie: _calendly_session=rADpp%2FXO963eOdvokXOC4pbwPuSjkJ7VFr3lxf9TxYwSoc5xf4zDhz%2BthCSX39dJZZZ6xiU8S7Px9A%2FrH4efzuVt0W2XfbGbJTxvmQdsymrweEzqxsUISs3oAc58VglTmWn7mn%2FFrOybTsXQi82pPk2Qn0M%2FTab6kiKC551gUs29ZbTyzGH%2F6uGLldjj6Fdt5x6Ws5zJYqJ5zYWc9vH0k1K0mtwIUPD%2B7Yd3qHjbavh6jYwbM95MeOEYMKwpqGa6bKiEnaFvqImo00ak7iW8VwFGyhU8kP15lFdnFmzp0QROmqIrJVY5hhi93N0Rpvm9SbNsgJvYNamcOL2Dg9zdp%2FANHsmdDPEwFzP5bO%2FcLuzh8DlOeN28Qa37fkMR3ipCgFOLAJHFqybI%2FcjiH7Eb%2BujKBNH46gnlPU%2BVm62oxX5Lav38Uru7q%2FHW3JJ9aJQhVoyy%2BsXc54FOoGsMYrz0FYrBhpyfpvxC3oTglNobuYQKMqhDsEbUJlni%2BXi21AiKEbdpH%2BkYcBvmLmeMjHvr5wuluQECHDo9h92eJKDwCzU9UkPi5b7KJLVkvVByRF00ztkgOeUkIM8Qvi4nf%2F3rydwIXmcTmWlzDKyGwdyY5Yw55z0%3D--E9lt0NuaQOVY4S5%2B--kB9QjEimaTPBdeUaDRpZYw%3D%3D; path=/; expires=Mon, 27 Feb 2023 14:43:21 GMT; secure; HttpOnly; SameSite=Lax strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: DYNAMIC referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-frame-options: ALLOWALL x-request-id: 573987b41c77337890a2ab5e1515b7b2 x-runtime: 0.284221 vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	assets.calendly.com/assets/favicon-bfb0492a754bdf44a0a58b969963f44235653cca09a1c0110309c1e03077e368.ico	172.66.43.26	200 OK	2.0 kB
URL HTTP/2 assets.calendly.com/assets/favicon-bfb0492a754bdf44a0a58b969963f44235653cca09a1c0110309c1e03077e368.ico IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size 2.0 kB (1975 bytes) Hash 9939fc98aab24eb2150753907f14321c 190f7b5fb4174719ed28f5cbf09d5958a9ae3f3d a49e79c6c175d4b8d012b6791265682710079c23d2acfeb03fa49ec2d00d0a40 HTTP Headers GET /assets/favicon-bfb0492a754bdf44a0a58b969963f44235653cca09a1c0110309c1e03077e368.ico HTTP/1.1 Host: assets.calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Cookie: __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599; OptanonConsent=isGpcEnabled=0&datestamp=Mon+Feb+06+2023+14%3A44%3A06+GMT%2B0000+(Coordinated+Universal+Time)&version=6.35.0&isIABGlobal=false&hosts=&consentId=2d1fca31-5339-4a3c-983d-b774ad74a24d&interactionCount=0&landingPath=https%3A%2F%2Fcalendly.com%2Favadel-sales-team%2Fsdr-initial-consult%3Fmonth%3D2023-02 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: image/vnd.microsoft.icon cf-ray: 7954a85c3899b51d-OSL age: 18738503 cache-control: public, max-age=31536000 etag: W/"cdb7798a9d7236abfd2859a8746609a4" expires: Tue, 07 Feb 2023 14:43:21 GMT last-modified: Fri, 25 Mar 2022 17:29:30 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: HIT x-content-type-options: nosniff vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 836bc62dbb011b6180fc7209d0061736 74e6f18561a7006a3afb6ab03559eec239ce4b36 90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:21 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	216.58.211.3	200 OK	164 kB
URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 216.58.211.3:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (633) Size 164 kB (163841 bytes) Hash fe98364486b3206867b17008f995646f 35a5e9aa210970f7abd718d99e629c6982a3cc02 1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a HTTP Headers `GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 163841 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 31 Jan 2023 08:53:11 GMT expires: Wed, 31 Jan 2024 08:53:11 GMT cache-control: public, max-age=31536000 last-modified: Tue, 31 Jan 2023 02:51:47 GMT content-type: text/javascript age: 539410 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html	151.101.0.176	200 OK	122 B
URL HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html IP 151.101.0.176:0 ASN #54113 FASTLY File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators Size 122 B (122 bytes) Hash 0fb49bf445ceac1dcb1b6c5d284a57a1 8988f3ceef20a494a419e595e8d802a0dc663c7a 5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8 HTTP Headers GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK last-modified: Sun, 13 Nov 2022 20:03:40 GMT etag: "93afeeb17bc37e711759584dbfc50d47" cache-control: max-age=31536000 content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Mon, 06 Feb 2023 14:43:22 GMT via: 1.1 varnish age: 7324677 x-request-id: b81662d1-c9b3-4f18-b5e2-8bf53e5311b4 x-served-by: cache-bma1682-BMA x-cache: HIT x-cache-hits: 306120 vary: Accept-Encoding timing-allow-origin: * content-length: 122 X-Firefox-Spdy: h2

	d6tizftlrpuof.cloudfront.net/themes/production/calendly-button-9e30fd77312fabb2823bda5a1bb5dd0a.png	54.230.245.25	200 OK	18 kB
URL HTTP/1.1 d6tizftlrpuof.cloudfront.net/themes/production/calendly-button-9e30fd77312fabb2823bda5a1bb5dd0a.png IP 54.230.245.25:0 ASN #16509 AMAZON-02 File type PNG image data, 124 x 346, 8-bit/color RGBA, non-interlaced\012- data Size 18 kB (17809 bytes) Hash 9e30fd77312fabb2823bda5a1bb5dd0a d73fe248de520eb1feb1f59b5d0b81d0d08b1373 cb9e8d97338c770b63b0dd38c1db7545366cfda8771250766cb7f495e8e7917e HTTP Headers `GET /themes/production/calendly-button-9e30fd77312fabb2823bda5a1bb5dd0a.png HTTP/1.1 Host: d6tizftlrpuof.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://calendly.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Content-Type: image/png Content-Length: 17809 Connection: keep-alive Date: Tue, 03 May 2022 04:17:22 GMT Last-Modified: Wed, 02 Dec 2020 14:10:43 GMT ETag: "9e30fd77312fabb2823bda5a1bb5dd0a" Cache-Control: max-age=315360000, no-transform, public x-amz-version-id: cz0L5pUEg4OXaPVwxdi7ClxwVHgB4x1_ Accept-Ranges: bytes Server: AmazonS3 X-Cache: Hit from cloudfront Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: IcyStwIH_1hJx-2cKpdi8dFJRiw1b754dOC2ezNQZwIY8OKHC9TC0Q== Age: 24143160

	js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js	151.101.0.176	200 OK	332 B
URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js IP 151.101.0.176:0 ASN #54113 FASTLY File type ASCII text, with very long lines (526) Size 332 B (332 bytes) Hash ada7d17b721f065b91d249c998f2967e 1c686ed2c2218a3889b7d9a9b1acdf851b0bf563 12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a HTTP Headers `GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1 Host: js.stripe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK last-modified: Sun, 13 Nov 2022 20:03:40 GMT etag: "f8f6a4584135f737b26927596ce6e0a7" cache-control: max-age=31536000 content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff access-control-allow-origin: * server: Fastly content-encoding: br accept-ranges: bytes date: Mon, 06 Feb 2023 14:43:22 GMT via: 1.1 varnish age: 7324678 x-request-id: a2ba601f-7371-40ae-9987-299d57fe3954 x-served-by: cache-bma1682-BMA x-cache: HIT x-cache-hits: 253115 vary: Accept-Encoding timing-allow-origin: * content-length: 332 X-Firefox-Spdy: h2

	m.stripe.network/inner.html	151.101.0.176	200 OK	527 B
URL HTTP/2 m.stripe.network/inner.html IP 151.101.0.176:0 ASN #54113 FASTLY File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators Size 527 B (527 bytes) Hash e02352ef72e8a9563463c07174b0e50f 7a41613f7eae0819d1a4785eae3617fdbb33b9b3 2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5 HTTP Headers `GET /inner.html HTTP/1.1 Host: m.stripe.network User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://js.stripe.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: max-age=300, public content-type: text/html; charset=utf-8 content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff server: Fastly content-encoding: gzip accept-ranges: bytes date: Mon, 06 Feb 2023 14:43:22 GMT via: 1.1 varnish age: 274 x-request-id: be96e01c-11e9-4b59-9c1c-08b465cb0631 x-served-by: cache-bma1682-BMA x-cache: HIT x-cache-hits: 184 x-timer: S1675694602.443836,VS0,VE0 vary: Accept-Encoding, Origin content-length: 527 X-Firefox-Spdy: h2

	m.stripe.network/out-4.5.42.js	151.101.0.176	200 OK	16 kB
URL HTTP/2 m.stripe.network/out-4.5.42.js IP 151.101.0.176:0 ASN #54113 FASTLY File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators Size 16 kB (16031 bytes) Hash 0b880c6e7a381ef1f81263cf34c54e79 af46e0111cb22576b07084f4b49be7b41b5fc3ca 115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b HTTP Headers `GET /out-4.5.42.js HTTP/1.1 Host: m.stripe.network User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://m.stripe.network/inner.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK cache-control: max-age=300, public content-type: text/javascript; charset=utf-8 strict-transport-security: max-age=31556926; includeSubDomains; preload x-content-type-options: nosniff server: Fastly content-encoding: gzip accept-ranges: bytes date: Mon, 06 Feb 2023 14:43:22 GMT via: 1.1 varnish age: 257 x-request-id: d415fe8f-f368-436b-b2a4-3c5ed34bd620 x-served-by: cache-bma1682-BMA x-cache: HIT x-cache-hits: 174 x-timer: S1675694602.478206,VS0,VE0 vary: Accept-Encoding, Origin content-length: 16031 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash c29038bdcf59c877fb1dc0d05743ba91 af086331d74eb5a426caf2c290c69716f538a22e 7d6bf6f556ffa097f8e2d230335ede55c293000527d67e0672f88fb0c8663a7f HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6186 Cache-Control: max-age=118483 Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:23 GMT Etag: "63e025b4-1d7" Expires: Tue, 07 Feb 2023 23:38:06 GMT Last-Modified: Sun, 05 Feb 2023 21:55:00 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 471`

	m.stripe.com/6	34.209.12.98	200 OK	156 B
URL HTTP/2 m.stripe.com/6 IP 34.209.12.98:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 156 B (156 bytes) Hash 546f9da456b30db444d84db4420b645c 7cd060cc895e24ae0a9550d2b6dd026176253ba3 b4d54dd283b506c2c652d99ef5cc2b9792e09eab24dc1b368afe5190d9a6e974 HTTP Headers `POST /6 HTTP/1.1 Host: m.stripe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 2364 Origin: https://m.stripe.network Connection: keep-alive Referer: https://m.stripe.network/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: nginx date: Mon, 06 Feb 2023 14:43:23 GMT content-length: 156 set-cookie: m=5eb77c27-22e4-49af-a38b-c67686f30bb1dfa693;Expires=Wed, 05-Feb-2025 14:43:23 GMT;Secure;HttpOnly; SameSite=None x-content-type-options: nosniff x-stripe-bg-intended-route-color: blue access-control-allow-origin: https://m.stripe.network access-control-allow-credentials: true access-control-allow-headers: Content-Type strict-transport-security: max-age=31556926; includeSubDomains; preload content-type: application/json;charset=utf-8 X-Firefox-Spdy: h2

	m.stripe.com/6	34.209.12.98	200 OK	156 B
URL HTTP/2 m.stripe.com/6 IP 34.209.12.98:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with no line terminators Size 156 B (156 bytes) Hash 546f9da456b30db444d84db4420b645c 7cd060cc895e24ae0a9550d2b6dd026176253ba3 b4d54dd283b506c2c652d99ef5cc2b9792e09eab24dc1b368afe5190d9a6e974 HTTP Headers `POST /6 HTTP/1.1 Host: m.stripe.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 1156 Origin: https://m.stripe.network Connection: keep-alive Referer: https://m.stripe.network/ Cookie: m=5eb77c27-22e4-49af-a38b-c67686f30bb1dfa693 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK server: nginx date: Mon, 06 Feb 2023 14:43:25 GMT content-length: 156 set-cookie: m=5eb77c27-22e4-49af-a38b-c67686f30bb1dfa693;Expires=Wed, 05-Feb-2025 14:43:25 GMT;Secure;HttpOnly; SameSite=None x-content-type-options: nosniff x-stripe-bg-intended-route-color: blue access-control-allow-origin: https://m.stripe.network access-control-allow-credentials: true access-control-allow-headers: Content-Type strict-transport-security: max-age=31556926; includeSubDomains; preload content-type: application/json;charset=utf-8 X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	280 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 280 B (280 bytes) Hash 7e831465fea8f20aecce195500cecb6a f77199d79c2d519293a11fe945c54869fbdbbc80 1a64cd836fe6977318c10de6d23f5cfd5c2d4038d2a0cd95068622b7d76aea63 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 5412 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Mon, 06 Feb 2023 14:43:26 GMT Last-Modified: Mon, 06 Feb 2023 13:13:14 GMT Server: ECS (ska/F704) X-Cache: HIT Content-Length: 280`

	assets.calendly.com/assets/booking/css/booking-c8b2a8af.css	172.66.43.26	200 OK	0 B
URL HTTP/2 assets.calendly.com/assets/booking/css/booking-c8b2a8af.css IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /assets/booking/css/booking-c8b2a8af.css HTTP/1.1 Host: assets.calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Cookie: __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:19 GMT content-type: text/css cf-ray: 7954a850efbdb51d-OSL age: 340086 cache-control: public, max-age=31536000 etag: W/"70a31e07305e1f377127ae48ea104133" expires: Tue, 07 Feb 2023 14:43:19 GMT last-modified: Thu, 02 Feb 2023 16:08:23 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: HIT cf-bgj: minify cf-polished: origSize=353186 x-content-type-options: nosniff vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css	104.16.148.64	200 OK	0 B
URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css IP 104.16.148.64:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /scripttemplates/6.35.0/assets/otCommonStyles.css HTTP/1.1 Host: cdn.cookielaw.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Origin: https://calendly.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: text/css content-md5: /wtHD+oYY7dZRzCx50GZrQ== last-modified: Mon, 06 Jun 2022 06:21:12 GMT x-ms-request-id: 56bfbd6c-f01e-00c0-7082-7952a2000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * cache-control: max-age=86400 cf-cache-status: HIT age: 55195 vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: cloudflare cf-ray: 7954a85b6a910b39-OSL content-encoding: gzip X-Firefox-Spdy: h2

	assets.calendly.com/assets/booking/js/locales/en-e6951073.chunk.js	172.66.43.26	200 OK	0 B
URL HTTP/2 assets.calendly.com/assets/booking/js/locales/en-e6951073.chunk.js IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /assets/booking/js/locales/en-e6951073.chunk.js HTTP/1.1 Host: assets.calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/ Connection: keep-alive Cookie: __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:20 GMT content-type: application/javascript cf-ray: 7954a854cdffb51d-OSL age: 331167 cache-control: public, max-age=31536000 etag: W/"3b2ff3e6071317f4f4ae5835d7dac27a" expires: Tue, 07 Feb 2023 14:43:20 GMT last-modified: Thu, 02 Feb 2023 18:37:20 GMT strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: HIT cf-bgj: minify x-content-type-options: nosniff vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	calendly.com/api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-20&range_end=2023-02-28	172.66.43.26	200 OK	0 B
URL HTTP/2 calendly.com/api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-20&range_end=2023-02-28 IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /api/booking/event_types/DDB5OZQJRL5JZIEL/calendar/range?timezone=UTC&diagnostics=false&range_start=2023-02-20&range_end=2023-02-28 HTTP/1.1 Host: calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json, text/plain, / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://calendly.com/avadel-sales-team/sdr-initial-consult?month=2023-02 X-CSRF-Token: bxXh_9qchDe0i_UopVmjpmlyavigoLtMBXB8vvUs10CAu2tYgdbpkMT04yHlMi6y081nHnAr2orToK04hHgCwg X-Requested-With: XMLHttpRequest Connection: keep-alive Cookie: _calendly_session=bRuHaM7MsytRvpAxCCqluOe6FiIvCOFTH1n57dX5ZiHWNnjQjKhnLZY0%2FDSG0bSQhUDKHpoTx62anwoQHDdvQ1wirmttwRuHlgRpMqgTINXf1AULCySbaqXCKL5GUZ62%2B0jjVX2jFB0WBVt5zOlju3BgsAq%2FGtf66EBpMJIqC0FYVWXmBeL913IIzH5l354GDMuFT1Fz5VrtmmR3vn6%2BUDlYHiLwLkovToNhV%2BDY%2BHRfihVxXrIrLTSma3g%2FOvx0S%2B0CR451%2BKYLsx8jdS%2Fvm%2FAAhfQGTPEeHE1NTP1lHREz0rqNwIE7nI0Z0z%2B5jCNlFh9ZGtSoGOjmL4fUnLmV%2F3gHYZwoMiCj69yslKSydzecupMNuf60bF83DRsMxZBdeTjFCD1JuBQgQtUXt3A0%2FuggdPrUG4856ncPb8lmNEVvjsD1SYMI06hZSVM0O%2F8oqm6tXGR4gE6aING1kMhS9o4ke5GRS2F2e7T7QY7E2Mhw1fSkVKgOTy%2F2O%2B9bBrct86KTYximZCfBQpoq6sHQ0806%2BIbWqvOX78Xh7ZTzIGD486aKBgax36YnUx88bM78GbNHj86FtIRfYtwiuIc2xS2rzE%2FCnFKaspFl74xaslYgH%2BQ%3D--oKOFjzr%2FzJTFnbPV--m4tm2tX0RLGPgGyrc%2FwUZQ%3D%3D; __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599; _dd_s=logs=1&id=30c939b3-24c8-4cf5-8908-0c6c00241427&created=1675694645806&expire=1675695545806 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:21 GMT content-type: application/json; charset=utf-8 cf-ray: 7954a8586b4db51d-OSL cache-control: max-age=0, private, must-revalidate etag: W/"aef9bdb9b292883272bb751f79a474d0" set-cookie: _calendly_session=i79QrOTDjw7Fdj6kyPrPL0jaEu7d8dO1BTch9PnWsIe%2Fe9IRXNFPsd%2FklB3oyl%2F6tJuTzo2QJXCX55WM9MrJoBkEGd94r%2B73IeXEkelMa7j8GuAAXyqAEMpUjbeXw03nqAloSKrUwuSvn4UFFW6WONTHzki39pR9wd6Kf9VXqmmqj%2BCEq%2BCf7gR7Mk47dUTKy0U%2F1fECU%2BzOSFWDJjkIIS4UdW2JK6WRaTi9opfJmG%2BFTCju6zrqC2fNi6XEkedhExMn6M0nbAk25UJM8pcquLFs8S64j%2BFaTzDTYR%2F6EL0qJ0Ng0IdnVtpr1O1nn%2F6aPoe70dWV%2Bl3jeukCoYyhP5TRYAsSTEeppPxbys5VfoOrJA1yvIkFesb5zskh4UjDZWKVyWQdsOgby%2BnOjp2I31uq98xB4IZ%2BaEWcEHeygSiPCg24kD2MGRtlS4CjoYo90tHwc61zJnS9%2FvbLUvoP6qzta4o1gz1L41cYv%2FLkpwYp38cSNB07%2FsIzHaA8fl%2BahtkYntwQzlm2kdv7myvfwUu0mFrHvBIiQ5SEE25yIazt2QUrexWGWR%2BzBjd63rVRxWXDOjevKFqowteUDgzrlqci3iX1uI%2B2NaQRDFEcSzJqpGg%3D--3T22yN4%2BRdEJ8Oj4--gVE7%2Bt1eZ84fzDrelS9PWQ%3D%3D; path=/; expires=Mon, 27 Feb 2023 14:43:21 GMT; secure; HttpOnly; SameSite=Lax strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: DYNAMIC referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-frame-options: ALLOWALL x-request-id: 09ca0cb80cb8a51e2577173bcb7636c2 x-runtime: 0.329590 vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	calendly.com/avadel-sales-team/sdr-initial-consult	172.66.43.26	200 OK	0 B
URL HTTP/2 calendly.com/avadel-sales-team/sdr-initial-consult IP 172.66.43.26:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /avadel-sales-team/sdr-initial-consult HTTP/1.1 Host: calendly.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 200 OK date: Mon, 06 Feb 2023 14:43:19 GMT content-type: text/html; charset=utf-8 cf-ray: 7954a84ce9bdb51d-OSL cache-control: max-age=0, private, must-revalidate link: <https://assets.calendly.com/assets/booking/css/booking-c8b2a8af.css>; rel=preload; as=style; nopush strict-transport-security: max-age=31536000; includeSubDomains; preload cf-cache-status: DYNAMIC referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-frame-options: ALLOWALL x-request-id: f825efad8bb8c30663960f8a5b833cc6 x-runtime: 0.403791 vary: Accept-Encoding set-cookie: _calendly_session=bRuHaM7MsytRvpAxCCqluOe6FiIvCOFTH1n57dX5ZiHWNnjQjKhnLZY0%2FDSG0bSQhUDKHpoTx62anwoQHDdvQ1wirmttwRuHlgRpMqgTINXf1AULCySbaqXCKL5GUZ62%2B0jjVX2jFB0WBVt5zOlju3BgsAq%2FGtf66EBpMJIqC0FYVWXmBeL913IIzH5l354GDMuFT1Fz5VrtmmR3vn6%2BUDlYHiLwLkovToNhV%2BDY%2BHRfihVxXrIrLTSma3g%2FOvx0S%2B0CR451%2BKYLsx8jdS%2Fvm%2FAAhfQGTPEeHE1NTP1lHREz0rqNwIE7nI0Z0z%2B5jCNlFh9ZGtSoGOjmL4fUnLmV%2F3gHYZwoMiCj69yslKSydzecupMNuf60bF83DRsMxZBdeTjFCD1JuBQgQtUXt3A0%2FuggdPrUG4856ncPb8lmNEVvjsD1SYMI06hZSVM0O%2F8oqm6tXGR4gE6aING1kMhS9o4ke5GRS2F2e7T7QY7E2Mhw1fSkVKgOTy%2F2O%2B9bBrct86KTYximZCfBQpoq6sHQ0806%2BIbWqvOX78Xh7ZTzIGD486aKBgax36YnUx88bM78GbNHj86FtIRfYtwiuIc2xS2rzE%2FCnFKaspFl74xaslYgH%2BQ%3D--oKOFjzr%2FzJTFnbPV--m4tm2tX0RLGPgGyrc%2FwUZQ%3D%3D; path=/; expires=Mon, 27 Feb 2023 14:43:19 GMT; secure; HttpOnly; SameSite=Lax __cf_bm=2nyiIdJZuCfZTxu6PSi1SnQzzo_72cH5voOHK3O9ye0-1675694599-0-Abd6mmicpXmlMF9rjtlAAFCCLPg5rKWkySS2EWdxLiY3bIVovfB0Hno7/0tqyuJRDjHCccE4LkeJxRQA3Hvbgy0=; path=/; expires=Mon, 06-Feb-23 15:13:19 GMT; domain=.calendly.com; HttpOnly; Secure; SameSite=None __cfruid=3e1ce08754512a55d69e54da06e73468182c7dc7-1675694599; path=/; domain=.calendly.com; HttpOnly; Secure; SameSite=None server: cloudflare content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML