Report - results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email

Report Overview

Submitted URL
results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
IP
34.195.178.228
ASN
#14618 AMAZON-AES
Submitted
2022-09-19 22:44:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
results.hloginnow.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	281 kB	52.44.203.222
ka-p.fontawesome.com	4489	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	106 kB	104.18.23.52
d3ff8olul1r3ot.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	25 kB	54.230.245.141
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	729 B	4.8 kB	157.240.200.35
via.placeholder.com	26595	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	793 B	104.21.33.39
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379 B	43 kB	142.250.74.72
kit.fontawesome.com	1868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	5.1 kB	104.18.23.52
api.openweathermap.org	10906	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	27 kB	37.139.20.5
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.5 kB	142.250.74.3
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	16 kB	142.250.74.3
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
dap2y8k6nefku.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	195 kB	143.204.42.86
dailyfeature.net	115370	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	546 B	1.1 kB	3.226.90.104
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370 B	16 kB	142.250.74.164
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.89.136.7
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	23 kB	142.250.74.174
openweathermap.org	11937	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	12 kB	138.201.197.100
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	28 kB	157.240.200.14
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	746 B	142.250.74.10
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.0 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	497 B	46 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	55 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	6.6 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
internal_banner.tiles.ampfeed.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	465 B	345 B	104.110.26.15
imp.onesearch.org	104917	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	951 B	44.199.122.180
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	6.3 kB	216.58.207.194
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.7 kB	54.230.245.118
internal_tiles.tiles.ampfeed.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	626 B	418 B	104.110.26.15
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.4 kB	142.251.1.154
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	495 B	104.18.225.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-19	medium	results.hloginnow.net/Scripts/WeatherHelper_v1.js	Malware
2022-09-19	medium	results.hloginnow.net/Scripts/Home/Shared/Base_v2.js	Malware
2022-09-19	medium	results.hloginnow.net/Scripts/NewScripts/AutoComplete_V4.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-01 17:51:21 Times Seen850 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	kit.fontawesome.com/b9b2ba83c3.js	11 kB	2023-03-07	2023-03-26
Pretty URL kit.fontawesome.com/b9b2ba83c3.js IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-03-26 05:15:29 Times Seen4 Hash 7bc2f04496e2acfb9f6835e339211a13 c676fe8a6cf59037041e6e0b20fa046f9d55bb98 adcfb091106936fe8a28a92f1461aafb9c74ca76ac0afdf4d7b5dd5fed0d70af Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	4.9 kB	2023-03-07	2023-03-07
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash 5b36f4619133057a98d97bd61fb3204f 8fe50692c07afc9a29508e516b7e38fa37518c49 eade53e6b174c7c315cdc6ff51151521a8469b304f468c424bdc9388b2bddb76 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.225.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	results.hloginnow.net/Scripts/Home/Shared/Base_v2.js	3.4 kB	2023-03-07	2023-09-16
Pretty URL results.hloginnow.net/Scripts/Home/Shared/Base_v2.js IP 34.195.178.228 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-09-16 19:10:32 Times Seen26 Hash 92c5e66bad689ced7bfe4321e794eb46 3bb2be2da7313043415a205e23ee6c16bf2a43fa 9200da0f11780f89e85ec3b875cbd5e4a60a48619bd1bd343ce029bda495be4b Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	72 B	2023-03-07	2023-12-03
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:03 Last Seen2023-12-03 05:35:14 Times Seen57 Hash 3bec2299f9c3cad3dbd335524b72953d 38d025140e99566c728fb5d40175d83ac95a8d1d 8cbd21b898dc60241837b1bd6dad19b864a6a7f03504f9088b59ae5ffef67ad5 Loading...

	dailyfeature.net/dailyfeature/df?url=hloginnow.net&uc=20180701&cid=app@LoginNow&purpose=hp&type=internal	1.7 kB	2023-03-07	2023-03-07
Pretty URL dailyfeature.net/dailyfeature/df?url=hloginnow.net&uc=20180701&cid=app@LoginNow&purpose=hp&type=internal IP 3.226.90.104 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash db2fd343dadfe799d4da9ab873004033 5ecca504b8ecb9c12e22507495506db09ced8932 aaa0eecb3c81b3449e9b3c02d13629bd4615564ab425fafe11df3c02ccca1186 Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	863 B	2023-03-07	2023-03-08
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:24:50 Last Seen2023-03-08 13:13:26 Times Seen1 Hash 77ca469b87fb76f13c8b30acff8def76 364a1f8ad4c5a5d8dad401efe19346f5a3cb780c 11559361a9d0b53c9920480cd61e275f52506068cf42d3d1ef60cb513a1910c6 Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	connect.facebook.net/en_US/fbevents.js	103 kB	2023-03-07	2024-01-27
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:28:47 Last Seen2024-01-27 14:22:04 Times Seen5 Hash fceae2d2175dea188a051065cce78371 0df4721141635a5bceea1b8f801653c69e464d48 844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399 Loading...

	www.googletagmanager.com/gtag/js?id=UA-219278292-1&l=dataLayer&cx=c	109 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-219278292-1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash b2e916304204b90cb6850e4412b476f2 c516c6979c4cc6813e15575bc9a37943637432f0 961005a80a702bae799b53b3f78f69a27b2133607c835b009efb7489260da00c Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448474&cv=9&fst=1663627448474&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4	2.5 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448474&cv=9&fst=1663627448474&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash 733890c36129d561e6834fab7fc6f77a 3a20583a4659839797c206df02ac28d6d84c6974 ec1cac368b85bf95aab05403faf8251eab5514e6c6f3ffd53e86c3a74cccb60b Loading...

	results.hloginnow.net/get/js/impression?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&cid=app@LoginNow	1.0 kB	2023-03-07	2023-03-07
Pretty URL results.hloginnow.net/get/js/impression?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&cid=app@LoginNow IP 34.195.178.228 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash c0883d33163243cf7c4384eb8fcaf621 60910ca484f2e64d622b9169cb8d484d2f9ddf25 0e46464236ccbc96750c241f209e7a0d2b659446c2073acbcef13bd0592f4815 Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	3.6 kB	2023-03-07	2023-09-16
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-09-16 19:10:32 Times Seen16 Hash dc500a8a7989d0f1305a8af46227a1e1 6f265cd7f91fb6330a1c894f9e975c0a3d6fd154 dc0aea93aa5839ddf2fe210d34c6e75ce4765b06ccaa8a9085b1319917fa9322 Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	1.6 kB	2023-03-07	2023-09-16
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-09-16 19:10:32 Times Seen16 Hash 0e311c59163a38869b78b8c0a036ec2c f1762ef223cb431999d2355954797749a7a60952 8649550c60f20b7f530aa5bf507966290b04523ba4ddb6e11caba9814b120d40 Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	158 B	2023-03-07	2023-03-08
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:02:41 Last Seen2023-03-08 13:13:26 Times Seen1 Hash 0745897694bc1a398f2ed1a82adc90a0 83441b757a5d60704664cdb31a7c7db2e274e964 71529c972340558ec6a105d54b18bda24e43072b54f0af16ac4f43a1280ac503 Loading...

	internal_banner.tiles.ampfeed.com/tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=email&results=10&BOC=1663627447865&callback=amp_fn	20 B	2023-03-07	2023-12-03
Pretty URL internal_banner.tiles.ampfeed.com/tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=email&results=10&BOC=1663627447865&callback=amp_fn IP 104.110.26.15 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:03 Last Seen2023-12-03 05:35:14 Times Seen89 Hash 7f3ddf32c69b12d8da247ab32bcf7c0a e0d8baa7114b5126d38cf731ad44527af3467280 f1a514c273a93178f053ad889969bb58d6d5c44e913cbf3abbbbb667b4acda48 Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	2.2 kB	2023-03-07	2023-09-16
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-09-16 19:10:32 Times Seen16 Hash c4f7325d9d6831717218ebcff9fee984 4bb1179ef49685427e9e7547a8b4969fe177f926 bd402305d5f51fbfa7b6880f4a06cb6b09d60499fe843d51e59078be78976633 Loading...

	results.hloginnow.net/Scripts/WeatherHelper_v1.js	6.7 kB	2023-03-07	2023-09-16
Pretty URL results.hloginnow.net/Scripts/WeatherHelper_v1.js IP 34.195.178.228 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-09-16 19:10:32 Times Seen28 Hash 78e11977e8601fb8858a60e157d1a237 fb7c697fbc1b7ed22ed1b631a71adf1e42bf3ed3 90b189f6b9e316a77c983792d70db778334c5437a941af270ead85cd3fc20fdf Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	1.0 kB	2023-03-07	2023-09-16
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-09-16 19:10:32 Times Seen16 Hash c592858d1867cb035f5c037d9465d92e 4d72371afab95fe3880beed6342d707765d6ec4a 417c7520a4884605befafc9466bd5849ac145395540a31d2f142b11fa5e391de Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	572 B	2023-03-07	2023-12-03
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:03 Last Seen2023-12-03 05:35:14 Times Seen52 Hash ecf7af5f4ca9d617277260a7c5bee2ff 63775bb3b5a1136b5894de9566bcdd6c1fc373c1 75e817ce4ca4d0739376afd895396e78425d56e14b28cb7e1ce55313bc686ff4 Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	1.2 kB	2023-03-07	2023-09-16
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:35 Last Seen2023-09-16 19:10:32 Times Seen17 Hash 038f6becf4175c68c4af509148cd6c0c 86fa2d3095ca667042072a97fc25206f7fb80191 b160a023d88ef5c34807155379f665cbcf07be67c7c46aa17b03fad3747d5666 Loading...

	www.googletagmanager.com/gtag/js?id=UA-178002442-1	109 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-178002442-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash 2535eba5c7ce4c643369e45acec2eff4 1ebef18a9c5e79af5686c36bd94508fc87e87231 38ba039d5e6d9f0376565baa489b655bd21f977844ec50cbba24c5ff497bad49 Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:28:40 Last Seen2023-03-17 12:55:48 Times Seen1 Hash cedb242a337140e0dedb365b50a20508 cf2420a336b9405dfc7d236ec57873fe3ef0f726 5a39699f592d82029c73d15d80e407d51367dd5cf2d49172c9ad4aa8176ce67b Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448476&cv=9&fst=1663627448476&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4	2.6 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448476&cv=9&fst=1663627448476&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash 445489b73b125193eb97aa9306af8c92 15b936733e1fd9698e138795017c0859c0c3b799 c2dce31bd360133fdaccfe16dec978f652b6da040154c6b297895a47ee58aa40 Loading...

	connect.facebook.net/signals/config/332720671379986?v=2.9.83&r=stable	300 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/signals/config/332720671379986?v=2.9.83&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:41:25 Last Seen2023-03-07 21:36:19 Times Seen1 Hash ebc6458c54d9d2ebd1e36fe4e9219546 7cb60afc170e534e6c715b77a4c35a62e549639d 0b4c8e29df204437ea152b6569ed2afd5097e2c026a437003a3acc42a28d8ccc Loading...

	results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab	1.4 kB	2023-03-07	2023-03-07
Pretty URL results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab IP 52.44.203.222 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash 3c8c3bba7d6a58fc294e651d3997af65 12203378a5cee62522a072f98cfb4a639607c4bc 3d36a22005f71f5990908c0de71eacca004896c4700c1f04cd53f08fcfc9df9f Loading...

	internal_tiles.tiles.ampfeed.com/tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=email&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663627447865&callback=admtilecallback	38 B	2023-03-07	2023-12-03
Pretty URL internal_tiles.tiles.ampfeed.com/tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=email&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663627447865&callback=admtilecallback IP 104.110.26.15 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:03 Last Seen2023-12-03 05:35:14 Times Seen86 Hash 86772a3a786bfff25da0e842c4f90ce2 2dfee71abd156186c2f3b1c80a075f9e3c6ae689 b81a7439ddb7d3b1ce840bbd3c6aca983050a75d62c87283785e4e233b5ad834 Loading...

	onesignal.com/api/v1/sync/4eb7474a-9320-4087-8117-763095fb3fab/web?callback=__jp0	3.0 kB	2023-03-07	2023-03-07
Pretty URL onesignal.com/api/v1/sync/4eb7474a-9320-4087-8117-763095fb3fab/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash f40b126e62c43d3c76f984a8d73dee59 e6d0dc27a555dd4f1813ac4cb71d896b539fdcca a32375ee033dd8713887038800d8f903fd34eea565a25fe58851de774f45cde8 Loading...

	www.googletagmanager.com/gtag/js?id=AW-713545727&l=dataLayer&cx=c	118 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=AW-713545727&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:27:25 Last Seen2023-03-07 21:27:25 Times Seen1 Hash 3ce932d55b8d9101152bf9b06436569c 71b3c0b83d73e905d0f7897a4ac3e1762f519cb0 f5b3ad23cad79ba5a827bd26afaf91bf60fae5612421f671648051976c356d3b Loading...

HTTP Transactions (103)

URL IP Response Size

results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab

52.44.203.222

302 Found

287 B

URL HTTP/1.1
results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
IP
52.44.203.222:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
287 B (287 bytes)
Hash
8e1d8b2ba8b5a155d36ba302d085664b
11587d999a8367e652bb47e2bcb89f4b40516621
2a1b16680e7c275e40db15a8919bb2cfb36152753812ea71960249a15ba6886f

HTTP Headers

GET /?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Sep 2022 22:44:26 GMT
Location: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
X-Content-Type-Options: nosniff
Content-Length: 287
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19806
Expires: Tue, 20 Sep 2022 04:14:32 GMT
Date: Mon, 19 Sep 2022 22:44:26 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 22:12:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UnL9lx_xPWRSL471vPopf_ZXf40-3WG4QbxP4udrYXMJBl0F0KgDaw==
Age: 1891

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: edq7xHM1hUB6deRhcPtJ1mZLvyo4pINXJlZEgxAdmcQtmRlFGiinUg==
age: 65353
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 22:44:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
a0bbd87f87ebdae9c7daf60a95551097
969e6a0fc62a8899c5ba40eafc512ff0cddf905c
a16823fb28d69907f177bd6046b1b9658342f87b144d7f720213f7bb66731391

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 22:44:26 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8W6B_yO0dVExJSyPxmnHavZu83gkvbRqanEYLolvUO2nAB1TmDo13g==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 22:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 22:45:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0t-YB-ShLb6gz0Pwr4QZCApO1w72nEWpFoiqTuCP2tFOQOjJPaYIKA==
Age: 2464

results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab

34.195.178.228

200 OK

14 kB

URL HTTP/1.1
results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (811), with CRLF line terminators
Size
14 kB (13762 bytes)
Hash
ec6a38e202a91f487b8896f20bac5080
f5b82248ce0a80001f7e6ca13b6351c56e6bd3f3
6f1df3da2d04347dfa505be98ba5707b14ae388f0ad592a529b6b2b889581812

HTTP Headers

GET /?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Sep 2022 22:44:28 GMT
Set-Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; domain=hloginnow.net; expires=Tue, 20-Sep-2022 22:44:29 GMT; path=/
nts=t; domain=hloginnow.net; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 13762
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ff481e82da456c573eb917f8306c6769
c1b457323419775a64f5f7aeba54d239070dbb24
0bfcd324c58be036cafe4c1b792c92bf2d28f4d298cda31ae81cf9db3c18e4ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5345
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:26 GMT
Last-Modified: Mon, 19 Sep 2022 21:15:21 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
ffb1c1aacce3a099e40cb6a86c98493c
d6a3cd00e537165d49fe69d52736cd9e447c0269
2c01deb1fc008f22eebd3e1ecc4f54c368b1e03bfe621090a8c2aeea634f22f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4347
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:26 GMT
Last-Modified: Mon, 19 Sep 2022 21:32:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6416
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:26 GMT
Last-Modified: Mon, 19 Sep 2022 20:57:30 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
ffb1c1aacce3a099e40cb6a86c98493c
d6a3cd00e537165d49fe69d52736cd9e447c0269
2c01deb1fc008f22eebd3e1ecc4f54c368b1e03bfe621090a8c2aeea634f22f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4348
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Last-Modified: Mon, 19 Sep 2022 21:32:00 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278

www.googletagmanager.com/gtag/js?id=UA-178002442-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-178002442-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
42 kB (42369 bytes)
Hash
fb4d5c0b1620d38ad79451084cef89bf
18b97a75efba94c484fe9616d33a08b985bd827b
1ed8dcd9d66833932e464f0193fd0fee4054cd6ff91fca43502c1bc52a90a266

HTTP Headers

GET /gtag/js?id=UA-178002442-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 22:44:27 GMT
expires: Mon, 19 Sep 2022 22:44:27 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 22:20:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42369
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e34f594c2e3b9b6a81e4ae9fef80f363
b7f65f5fb0df328d3c863af6c9351923205645f2
bcedda132b602d90a62a5fbe07e7c37f69cce319fb4b84e1bed40b1200e9898b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.89.136.7

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.136.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7/WCxitAf73cLGt6ykjbEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hgRXnwKfrUXXvXUKxzkHd62Xj6E=

results.hloginnow.net/Content/Home/Email/CSS/Email_v2.css

34.195.178.228

200 OK

1.6 kB

URL HTTP/1.1
results.hloginnow.net/Content/Home/Email/CSS/Email_v2.css
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (662), with CRLF line terminators
Size
1.6 kB (1550 bytes)
Hash
f95da5b4ebb2704f4da6e9b166fee57c
0731a2c8471375757596d129b1e4f04180ce88ce
db03ff08f0c80557ecdfd6c0798a326afa6d7f9cabb18641b3473ffe2d3b4904

HTTP Headers

GET /Content/Home/Email/CSS/Email_v2.css HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Mon, 19 Sep 2022 22:44:28 GMT
ETag: "80445f8bf699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:01 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1550
Connection: keep-alive

results.hloginnow.net/Content/CSS/Base_v2.css

34.195.178.228

200 OK

2.8 kB

URL HTTP/1.1
results.hloginnow.net/Content/CSS/Base_v2.css
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with CRLF line terminators
Size
2.8 kB (2846 bytes)
Hash
c9946249c90f0badfdf55a4559c476a5
f58f7668a3cd3453c31dd64d651a52099eaf8210
492fa88aec13f70306f900b005ce781c35d00df8e3e20072f55ddb3110ddf743

HTTP Headers

GET /Content/CSS/Base_v2.css HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Mon, 19 Sep 2022 22:44:28 GMT
ETag: "80445f8bf699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:01 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 2846
Connection: keep-alive

results.hloginnow.net/Scripts/WeatherHelper_v1.js

34.195.178.228

200 OK

1.5 kB

URL HTTP/1.1
results.hloginnow.net/Scripts/WeatherHelper_v1.js
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1517 bytes)
Hash
1d8237575ed7434f668873989b3f769a
12430714bc540f62ab8c3cc356d1b009b1589a4b
198e57bb51fb3c84d5f47f50a51488e916c5dda12a414b5245d17aba693ea68d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /Scripts/WeatherHelper_v1.js HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 19 Sep 2022 22:44:25 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1517
Connection: keep-alive

results.hloginnow.net/styles/home/monetizedquicklinks?v=Pf1P8ZTmx0EpcmDfisgZsKM0LGXZ0OckHk-F2hmrmqQ1

34.195.178.228

200 OK

2.4 kB

URL HTTP/1.1
results.hloginnow.net/styles/home/monetizedquicklinks?v=Pf1P8ZTmx0EpcmDfisgZsKM0LGXZ0OckHk-F2hmrmqQ1
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (12948), with no line terminators
Size
2.4 kB (2397 bytes)
Hash
b265f2647d729ce2ed972bfce64cdc51
e3901bd30437e65ef4f0bc4ab0cf22730131f0f7
fc96374178471800e80a82f7c99dfb3d8ac3d4f823f2eb09e7ec4a0582d4e77c

HTTP Headers

GET /styles/home/monetizedquicklinks?v=Pf1P8ZTmx0EpcmDfisgZsKM0LGXZ0OckHk-F2hmrmqQ1 HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Encoding: gzip
Content-Type: text/css; charset=utf-8
Date: Mon, 19 Sep 2022 22:44:28 GMT
Expires: Tue, 19 Sep 2023 22:44:29 GMT
Last-Modified: Mon, 19 Sep 2022 22:44:29 GMT
Vary: User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 2397
Connection: keep-alive

results.hloginnow.net/Scripts/Home/Shared/Base_v2.js

34.195.178.228

200 OK

1.0 kB

URL HTTP/1.1
results.hloginnow.net/Scripts/Home/Shared/Base_v2.js
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with CRLF line terminators
Size
1.0 kB (1043 bytes)
Hash
920fd729704c26bd93785b4fd1b6c643
ee2832de76e73a498a229a6d56c28b33fa524cd6
39a30cd129a89443137bc57dc906a53057d365a51d1f0b3ce195de5699c002a5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /Scripts/Home/Shared/Base_v2.js HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 19 Sep 2022 22:44:25 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1043
Connection: keep-alive

results.hloginnow.net/get/js/impression?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&cid=app@LoginNow

34.195.178.228

200 OK

668 B

URL HTTP/1.1
results.hloginnow.net/get/js/impression?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&cid=app@LoginNow
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with CRLF line terminators
Size
668 B (668 bytes)
Hash
827412229e29b8a14390cc0411c6a879
84a7efe04775f4af0181afe3e5040a0df666eaf2
939f506d380d98c830e4d68e3a5070c0f3fa28183acbad6a8a8b3b124f718ced

HTTP Headers

GET /get/js/impression?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&cid=app@LoginNow HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
Date: Mon, 19 Sep 2022 22:44:23 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 668
Connection: keep-alive

results.hloginnow.net/Scripts/NewScripts/AutoComplete_V4.js

34.195.178.228

200 OK

75 kB

URL HTTP/1.1
results.hloginnow.net/Scripts/NewScripts/AutoComplete_V4.js
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
Unicode text, UTF-8 text, with very long lines (1602), with CRLF line terminators
Size
75 kB (74940 bytes)
Hash
8bbb0bc9c1fb1e218deceec495fbfb7a
e41b435847fd6fd56cae9ee06abb7bff6da3cadb
624a7d78be7b43606b0a3aed037652f1e91af071ea6ed0f8ac2f165dbc6f34f0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /Scripts/NewScripts/AutoComplete_V4.js HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Mon, 19 Sep 2022 22:44:28 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 74940
Connection: keep-alive

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b9b2ba83c3

104.18.23.52

200 OK

4.2 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b9b2ba83c3
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (26366)
Size
4.2 kB (4194 bytes)
Hash
7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b9b2ba83c3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74d5d897fbb4b505-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b9b2ba83c3

104.18.23.52

200 OK

2.6 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b9b2ba83c3
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27832)
Size
2.6 kB (2603 bytes)
Hash
eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70

HTTP Headers

GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b9b2ba83c3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74d5d897fbc2b505-OSL
X-Firefox-Spdy: h2

results.hloginnow.net/Content/Images/Toolbar/gmail.png

34.195.178.228

200 OK

4.4 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/Toolbar/gmail.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.4 kB (4402 bytes)
Hash
ea55cde31ffc6f17e1f6252c9ff64c63
e947805941b0c360442d8a05ae22368ce39d82a1
7549b37a194c861d3e0444cae07773212707ad4b2ec7f4182c006be6c8aaff69

HTTP Headers

GET /Content/Images/Toolbar/gmail.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:29 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4402
Connection: keep-alive

results.hloginnow.net/Content/Images/quicklinkIcons/hq/weather.png

34.195.178.228

200 OK

9.1 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/quicklinkIcons/hq/weather.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size
9.1 kB (9105 bytes)
Hash
c73cae6072224041a7e28492e966537a
7a52c159cfa027646d40ff974eaef4805ec9a969
fa25bf2809d53a6218b7eb54f168fb0bc9d6427c12cac5a6689205816bee0672

HTTP Headers

GET /Content/Images/quicklinkIcons/hq/weather.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:29 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 9105
Connection: keep-alive

results.hloginnow.net/Content/Images/Toolbar/outlook.png

34.195.178.228

200 OK

8.4 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/Toolbar/outlook.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
8.4 kB (8401 bytes)
Hash
aa6f70a6681c4c8321f28c610545b0a4
3bb0380120a96c3fc906ca551d22ad9fa1ed6ce7
6b1192ebfb3fd93bfdb7b886124862494c86d0045fd6c94a47398a089f5e030b

HTTP Headers

GET /Content/Images/Toolbar/outlook.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:26 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 8401
Connection: keep-alive

results.hloginnow.net/Content/Images/quicklinkIcons/hq/myemailsimplified.png

34.195.178.228

200 OK

7.7 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/quicklinkIcons/hq/myemailsimplified.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size
7.7 kB (7740 bytes)
Hash
cde49619d2e9336942237b4965e1df3e
8a754330cce76b36725ec12689ba349d7af78f7e
c60e91abccb6a9d706f9613c22abb713554dd75fbd4ea1bd8494d28b423ce936

HTTP Headers

GET /Content/Images/quicklinkIcons/hq/myemailsimplified.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:28 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 7740
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kit.fontawesome.com/b9b2ba83c3.js

104.18.23.52

200 OK

4.5 kB

URL HTTP/2
kit.fontawesome.com/b9b2ba83c3.js
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
4.5 kB (4484 bytes)
Hash
597422bd74c75804a502fc3839960647
e25070de1fe1a0ebf0f37088d0195b6cd240fc94
169c3817b613e24a82bfedcb317fad3e77af3bbacdb25f0d4303e4528a940d6e

HTTP Headers

GET /b9b2ba83c3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxZkXfKDXSgFTmVu-Q4B
cf-cache-status: MISS
server: cloudflare
cf-ray: 74d5d894b968b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 569606
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

results.hloginnow.net/Content/Images/Toolbar/emailv2.png

34.195.178.228

200 OK

5.0 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/Toolbar/emailv2.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Size
5.0 kB (4960 bytes)
Hash
dd10e459a0ac71df7bcffa634a077856
cc774bf351b47a74c422c5db5dc17c051536be00
0d7a3679994f6afdc431b78b25fe7ba40963cfe94f807ca7409e9687429bca10

HTTP Headers

GET /Content/Images/Toolbar/emailv2.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:28 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4960
Connection: keep-alive

ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b9b2ba83c3

104.18.23.52

200 OK

54 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b9b2ba83c3
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65397)
Size
54 kB (54194 bytes)
Hash
dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8

HTTP Headers

GET /releases/v5.15.4/css/pro.min.css?token=b9b2ba83c3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74d5d897fbb2b505-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

results.hloginnow.net/Content/Images/Toolbar/maps.png

34.195.178.228

200 OK

10 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/Toolbar/maps.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10139 bytes)
Hash
03f31a86f5fd92f860351577c470b165
bed2a3c0ad6f07458c1822c3e6ac8b89cf937575
f018ecd3437923c9f5af6d16da40d2b32ce2029b6e45c1e2e728f6cc6b3e12ea

HTTP Headers

GET /Content/Images/Toolbar/maps.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:26 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 10139
Connection: keep-alive

results.hloginnow.net/Content/Images/Toolbar/newsv2.png

34.195.178.228

200 OK

12 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/Toolbar/newsv2.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Size
12 kB (12254 bytes)
Hash
54d6fb01d95327cccb0a713c0123190d
7a3c40c0a40fba3b51f76266cb9505f8f1a42ef5
71dc8eff83a0ad83594a67273ae6434612a079e25fb2e06180f046ae02f87a68

HTTP Headers

GET /Content/Images/Toolbar/newsv2.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:29 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 12254
Connection: keep-alive

internal_banner.tiles.ampfeed.com/tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=email&results=10&BOC=1663627447865&callback=amp_fn

104.110.26.15

200 OK

20 B

URL HTTP/2
internal_banner.tiles.ampfeed.com/tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=email&results=10&BOC=1663627447865&callback=amp_fn
IP
104.110.26.15:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
7f3ddf32c69b12d8da247ab32bcf7c0a
e0d8baa7114b5126d38cf731ad44527af3467280
f1a514c273a93178f053ad889969bb58d6d5c44e913cbf3abbbbb667b4acda48

HTTP Headers

GET /tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=email&results=10&BOC=1663627447865&callback=amp_fn HTTP/1.1
Host: internal_banner.tiles.ampfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
server: akka-http/10.0.0
content-type: application/json
content-length: 20
x-country-check: NO, NO, NO, NO
x-ip-check: 158.36.234.250, 127.0.0.1, 23.36.79.134, 158.36.234.250, 127.0.0.1, 158.36.234.250, 91.90.42.154
date: Mon, 19 Sep 2022 22:44:27 GMT
X-Firefox-Spdy: h2

internal_tiles.tiles.ampfeed.com/tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=email&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663627447865&callback=admtilecallback

104.110.26.15

200 OK

46 B

URL HTTP/2
internal_tiles.tiles.ampfeed.com/tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=email&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663627447865&callback=admtilecallback
IP
104.110.26.15:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
fe5db27d2eae551ca45d872688cc2bcb
5a99184fde35329d754349c64a45bb5ba64b4252
1f7af0b538726086e9bb5ce0c8fd64ca0a7baab3e6ae4d725979abf1014f48d9

HTTP Headers

GET /tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=email&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1663627447865&callback=admtilecallback HTTP/1.1
Host: internal_tiles.tiles.ampfeed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
server: akka-http/10.0.0
content-type: application/json
content-encoding: gzip
content-length: 46
x-country-check: NO, NO, NO, NO
x-ip-check: 158.36.234.250, 127.0.0.1, 23.36.79.134, 158.36.234.250, 127.0.0.1, 158.36.234.250, 91.90.42.154
date: Mon, 19 Sep 2022 22:44:27 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
336b929639c715bb714339ec0b24f2dc
6836f3cbf86279c84240660dc09618ea28072aa0
dc6527b4752f981a7218bf49a222c2e43dcf17de6637f4b50797294322fa1714

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 22:44:27 GMT
Last-Modified: Mon, 19 Sep 2022 21:34:27 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: p4UJQNe0UfPiu8r-fjqebOQWXDtLvFdBoTLyyxFJ8aDT4OGPMo4iEQ==
Age: 4200

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
336b929639c715bb714339ec0b24f2dc
6836f3cbf86279c84240660dc09618ea28072aa0
dc6527b4752f981a7218bf49a222c2e43dcf17de6637f4b50797294322fa1714

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 22:44:27 GMT
Last-Modified: Mon, 19 Sep 2022 21:14:43 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Zc8XSdxdiuNyspUcQ156hJvmeEuI9P7ZI0B6zx7qZWX6KmbXYyrJQA==
Age: 5384

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2

104.18.23.52

200 OK

20 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 19784, version 331.-31196\012- data
Size
20 kB (19784 bytes)
Hash
c7682b8035fc1d1672d6455631813794
9e2955e5e55b3073e229c218724406425862d4a1
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: font/woff2
content-length: 19784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-4d48"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74d5d899dcceb505-OSL
X-Firefox-Spdy: h2

ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2

104.18.23.52

200 OK

23 kB

URL HTTP/2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
104.18.23.52:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 23316, version 331.-31196\012- data
Size
23 kB (23316 bytes)
Hash
e0e8f01313f5061924cb318b031d706e
8ddfde7f46123a327ec627acf520741b1f016eb9
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0

HTTP Headers

GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: font/woff2
content-length: 23316
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35c-5b14"
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74d5d899ecd3b505-OSL
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
3d56fe3564200249bb6e71b13ba1f22c
ccdd3ed205e0c2a295d8b4dd08db79930c5606c7
c7bc066744a3bcaea3364b76b6ff6e75a6d7c7ca0ba22a55c9dd99ed9ceb7a57

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 22:44:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 04:42:19 GMT
Expires: Sat, 24 Sep 2022 04:42:18 GMT
Etag: "ccdd3ed205e0c2a295d8b4dd08db79930c5606c7"
Cache-Control: max-age=366470,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d5d8996a640b3d-OSL

imp.onesearch.org/impression.do?event=ex_banner_show&user_id=1cd3c567-d74b-4665-a863-353037e5b19f&source=d-ccc3-lp0-bb8-sbe-ab&traffic_source=appfocus1&subid=20180701&implementation_id=email_&page=adm&referrer=&offer_id=~app@LoginNow

44.199.122.180

503 Service Unavailable

162 B

URL HTTP/2
imp.onesearch.org/impression.do?event=ex_banner_show&user_id=1cd3c567-d74b-4665-a863-353037e5b19f&source=d-ccc3-lp0-bb8-sbe-ab&traffic_source=appfocus1&subid=20180701&implementation_id=email_&page=adm&referrer=&offer_id=~app@LoginNow
IP
44.199.122.180:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b

HTTP Headers

GET /impression.do?event=ex_banner_show&user_id=1cd3c567-d74b-4665-a863-353037e5b19f&source=d-ccc3-lp0-bb8-sbe-ab&traffic_source=appfocus1&subid=20180701&implementation_id=email_&page=adm&referrer=&offer_id=~app@LoginNow HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2

api.openweathermap.org/data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial

37.139.20.5

200 OK

458 B

URL HTTP/1.1
api.openweathermap.org/data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
IP
37.139.20.5:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with very long lines (458), with no line terminators
Size
458 B (458 bytes)
Hash
3a1a1a0b3d4c8dddc7e7cd85c93a8c90
07ef2c2c30bc34420033676737a24886457f1c04
15db4b3727bfe0a5ba8b16a6ccf9d68d435e1de18cb7945d202b493fbc388253

HTTP Headers

GET /data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 19 Sep 2022 22:44:27 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 458
Connection: keep-alive
X-Cache-Key: /data/2.5/weather?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST

imp.onesearch.org/impression.do?event=ex_ql_impression&user_id=1cd3c567-d74b-4665-a863-353037e5b19f&source=d-ccc3-lp0-bb8-sbe-ab&traffic_source=appfocus1&subid=20180701&implementation_id=email_&page=mailbird::thenewscorner_email::thenewscorner::myemailsimplified::nationalweatheragency::early_chirp&referrer=&offer_id=~app@LoginNow

44.199.122.180

503 Service Unavailable

162 B

URL HTTP/2
imp.onesearch.org/impression.do?event=ex_ql_impression&user_id=1cd3c567-d74b-4665-a863-353037e5b19f&source=d-ccc3-lp0-bb8-sbe-ab&traffic_source=appfocus1&subid=20180701&implementation_id=email_&page=mailbird::thenewscorner_email::thenewscorner::myemailsimplified::nationalweatheragency::early_chirp&referrer=&offer_id=~app@LoginNow
IP
44.199.122.180:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b

HTTP Headers

GET /impression.do?event=ex_ql_impression&user_id=1cd3c567-d74b-4665-a863-353037e5b19f&source=d-ccc3-lp0-bb8-sbe-ab&traffic_source=appfocus1&subid=20180701&implementation_id=email_&page=mailbird::thenewscorner_email::thenewscorner::myemailsimplified::nationalweatheragency::early_chirp&referrer=&offer_id=~app@LoginNow HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2

results.hloginnow.net/Content/Images/Toolbar/yahoo.png

34.195.178.228

200 OK

4.9 kB

URL HTTP/1.1
results.hloginnow.net/Content/Images/Toolbar/yahoo.png
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
4.9 kB (4863 bytes)
Hash
2d0147c64fa4aeb01695c95f351be917
cee44aeace3e20e6d7e607c723235a110bf02e7f
bcdd8290dcee1d8bc7c5cb8798bd27078a9a30dda19e432e8ad43d9520ba921b

HTTP Headers

GET /Content/Images/Toolbar/yahoo.png HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Mon, 19 Sep 2022 22:44:23 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4863
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
db83cfec1cfd807b6f812052d076913a
9163676cc11213145ba06cd9515b3f5f669b1f4f
f275870b47239463d06013e16c57f1c68930b0d94a5a842a020e18641dfe7f37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 22:44:28 GMT
Last-Modified: Mon, 19 Sep 2022 21:25:42 GMT
Server: ECS (dcb/7F84)
X-Cache: Miss from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: idiTBKLJjf0czLCLnSIprodKbFHTirt7bCWf9PSwOhcxj6QFgCMWEA==
Age: 4726

api.openweathermap.org/data/2.5/forecast?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial

37.139.20.5

200 OK

22 kB

URL HTTP/1.1
api.openweathermap.org/data/2.5/forecast?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
IP
37.139.20.5:0
ASN
#14061 DIGITALOCEAN-ASN

File type
data
Size
22 kB (22512 bytes)
Hash
0c042700a40b083519de4d25609b5825
a4d2b7394907b9ef12b1902420505d3e2d12768d
508b9380ba43a4179219c22aa7a40d57987b2c0dd1febe7ebe3b626fe9b31074

HTTP Headers

GET /data/2.5/forecast?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 15946
Connection: keep-alive
X-Cache-Key: /data/2.5/forecast?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST

d3ff8olul1r3ot.cloudfront.net/email.png

54.230.245.141

200 OK

24 kB

URL HTTP/2
d3ff8olul1r3ot.cloudfront.net/email.png
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
data
Size
24 kB (24532 bytes)
Hash
8642c0cdc4a6d47afe275db1009401c0
e8c2d2642c690ef1aed7746df3f7101b1717e024
119855f89aee313adb8805a2ae61ea434e8e11daf9bb10523f65b1ad9379b195

HTTP Headers

GET /email.png HTTP/1.1
Host: d3ff8olul1r3ot.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 22346
last-modified: Thu, 05 Apr 2018 19:17:35 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 05:49:46 GMT
etag: "bc1358a45bd24711cb0f3829f3a82de9"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U9Zs4UNKMKR7x2byFwuw7bwDyYkGXiEATpM5P5DOkopP6aoqvtzFAQ==
age: 60883
X-Firefox-Spdy: h2

dap2y8k6nefku.cloudfront.net/quicklinkicons/thenewscorner_email.png

143.204.42.86

200 OK

6.9 kB

URL HTTP/2
dap2y8k6nefku.cloudfront.net/quicklinkicons/thenewscorner_email.png
IP
143.204.42.86:0
ASN
#16509 AMAZON-02

File type
data
Size
6.9 kB (6862 bytes)
Hash
a60adb6f190f879021e3055ff1e02149
82b19a477a066e7cd22eeffb1c6fabe997147534
65a6900f358575ba054e3e1b42c24958378c7bbd62c3ebdd2230c4b92c5e0196

HTTP Headers

GET /quicklinkicons/thenewscorner_email.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 2439
last-modified: Thu, 30 Jul 2020 15:10:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 06:04:35 GMT
etag: "d45e5aed6673a9f169e1cdc7549b3885"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KScLWqMUItu3G94MLD_szGIszR_9brCFTMR3ymKe5v5aH84dquYfUA==
age: 59994
X-Firefox-Spdy: h2

dap2y8k6nefku.cloudfront.net/quicklinkicons/early_chirp.png

143.204.42.86

200 OK

13 kB

URL HTTP/2
dap2y8k6nefku.cloudfront.net/quicklinkicons/early_chirp.png
IP
143.204.42.86:0
ASN
#16509 AMAZON-02

File type
data
Size
13 kB (13003 bytes)
Hash
2a2d7a97a08d26c2e02f51c09ebc4e26
ffca768690fc37fd4601c1a6e81f39bc99a5ac00
d3f1f80071c30f0c404e320f618bd111bfe82a61909977e275f70a9c47f123b0

HTTP Headers

GET /quicklinkicons/early_chirp.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 10871
last-modified: Thu, 21 Jul 2022 21:16:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 00:26:35 GMT
etag: "2d9855aaf48a48f9ed6f205c93ea73ff"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RBSPvClmrLCgCQ_QTc17Kjz-PHBxWXkRITffwGeuLeDSPjY6y9WHbw==
age: 80274
X-Firefox-Spdy: h2

dap2y8k6nefku.cloudfront.net/quicklinkicons/thenewscorner.png

143.204.42.86

200 OK

3.1 kB

URL HTTP/2
dap2y8k6nefku.cloudfront.net/quicklinkicons/thenewscorner.png
IP
143.204.42.86:0
ASN
#16509 AMAZON-02

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
3.1 kB (3058 bytes)
Hash
416b547a3c3b19e4134a37ae8a342de0
5705cd329e66ecbb653db6d2d5d25bcc140b3500
f42b91449be9d0d6938f501cc4e108f5d57e69849a178ce8a8c15d1beb99d476

HTTP Headers

GET /quicklinkicons/thenewscorner.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 3058
last-modified: Tue, 11 Aug 2020 13:35:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 02:41:07 GMT
etag: "416b547a3c3b19e4134a37ae8a342de0"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vV8tN2S7woGdNIbk6BRSFp9qCMJQn86KuRetb55UWV7SCDaYUfY4Hw==
age: 72202
X-Firefox-Spdy: h2

dap2y8k6nefku.cloudfront.net/quicklinkicons/mailbird.png

143.204.42.86

200 OK

4.3 kB

URL HTTP/2
dap2y8k6nefku.cloudfront.net/quicklinkicons/mailbird.png
IP
143.204.42.86:0
ASN
#16509 AMAZON-02

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4311 bytes)
Hash
97f8c087f80e2216d6ba0de1f84f4f70
3cf12d28a32dae157d138f8df6aed6ace76c5bb2
bed9149538f5503fc13036ff8d6a7caa2aef24f88e26d718c0f0130e5560b66e

HTTP Headers

GET /quicklinkicons/mailbird.png HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 4311
last-modified: Fri, 21 Aug 2020 14:24:20 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 02:46:46 GMT
etag: "97f8c087f80e2216d6ba0de1f84f4f70"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sIhbAmh-LE7KkLHrICgus31BMecF55Ia722HHw-GzUdjPzxj5gRWaQ==
age: 71863
X-Firefox-Spdy: h2

dailyfeature.net/dailyfeature/df?url=hloginnow.net&uc=20180701&cid=app@LoginNow&purpose=hp&type=internal

3.226.90.104

200 OK

752 B

URL HTTP/1.1
dailyfeature.net/dailyfeature/df?url=hloginnow.net&uc=20180701&cid=app@LoginNow&purpose=hp&type=internal
IP
3.226.90.104:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
752 B (752 bytes)
Hash
c882d06d65781ab932c107552db13a39
f2bc6bfbdff2abb3e77fb741a5f96fb4cb104cdf
6ec7677b8797ec433aeaade8142b8f56ad9e156e63f4b856edcbc3c3dbf1d935

HTTP Headers

GET /dailyfeature/df?url=hloginnow.net&uc=20180701&cid=app@LoginNow&purpose=hp&type=internal HTTP/1.1
Host: dailyfeature.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Sep 2022 22:44:29 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 752
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5b7a05fad83d3476facabd4e7eb8dc42
64d6ee10d23330cd51ea38487544c595b47f2633
4ff8fbed80185bfa0a9196affa36c5f60e743c86d3cf5328a5884b8058dca635

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5061
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Last-Modified: Mon, 19 Sep 2022 21:20:07 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

22 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
data
Size
22 kB (22191 bytes)
Hash
ee99fa4f7c59f9d20538e39166da2203
d052923a67f3d8ca0a5018afd2685f5bed7e369c
210d76332657b809ab2ab9a0a5ea08ce8e152b8dc89065892c24d6dc7be112ce

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 22:41:12 GMT
expires: Tue, 20 Sep 2022 00:41:12 GMT
cache-control: public, max-age=7200
age: 196
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

dap2y8k6nefku.cloudfront.net/js/term_mappings.json

143.204.42.86

200 OK

166 kB

URL HTTP/2
dap2y8k6nefku.cloudfront.net/js/term_mappings.json
IP
143.204.42.86:0
ASN
#16509 AMAZON-02

File type
data
Size
166 kB (165489 bytes)
Hash
1a8ed332fcfe6447ebd06e1c5e3f6ae5
cb2491ce404fc3c67a3bcd01d6747897c6683855
cc53f943275d294193d935a1412f3c3007b92b99ed9448f759dcc779e60870aa

HTTP Headers

GET /js/term_mappings.json HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 163302
last-modified: Fri, 30 Apr 2021 12:58:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 22:44:28 GMT
etag: "ad5616114dc91d3881715e52566797b3"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jB6ejq54MJy1X7_YYFT1ZMKW3NcXQpKRTKgTQu6Dbwj7C87pV0-Eag==
age: 11130
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.openweathermap.org/data/2.5/forecast/daily?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial

37.139.20.5

200 OK

2.8 kB

URL HTTP/1.1
api.openweathermap.org/data/2.5/forecast/daily?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
IP
37.139.20.5:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with very long lines (2849), with no line terminators
Size
2.8 kB (2849 bytes)
Hash
3d750af2d505de021128be577cae7ac1
13bbc30c8b2e813976bd1be10e8730fd14e091a9
01883f4475855f6a773220ac5e94afd9cd04a839cdd2886f61e46a2f916eeda4

HTTP Headers

GET /data/2.5/forecast/daily?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2849
Connection: keep-alive
X-Cache-Key: /data/2.5/forecast/daily?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26839 bytes)
Hash
9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 8mzOTwY2KjBXr/KvlKbkmlwhX2UhB4TOuDZ8qeM2zl9VvBvSa0NIX9/g3XbQXrQnuRYNHmTouOF6iRKLSKGNgQ==
content-length: 26839
x-fb-trip-id: 1679558926
date: Mon, 19 Sep 2022 22:44:28 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1654)
Size
16 kB (15693 bytes)
Hash
890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 19 Sep 2022 22:44:28 GMT
expires: Mon, 19 Sep 2022 22:44:28 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5b7a05fad83d3476facabd4e7eb8dc42
64d6ee10d23330cd51ea38487544c595b47f2633
4ff8fbed80185bfa0a9196affa36c5f60e743c86d3cf5328a5884b8058dca635

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4020
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Last-Modified: Mon, 19 Sep 2022 21:37:29 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

imp.onesearch.org/impression.do?event=push_modal_shown&page=results.hloginnow.net&source=d-ccc3-lp0-bb8-sbe-ab&subid=20180701&i_id=email_

44.199.122.180

503 Service Unavailable

162 B

URL HTTP/2
imp.onesearch.org/impression.do?event=push_modal_shown&page=results.hloginnow.net&source=d-ccc3-lp0-bb8-sbe-ab&subid=20180701&i_id=email_
IP
44.199.122.180:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b

HTTP Headers

GET /impression.do?event=push_modal_shown&page=results.hloginnow.net&source=d-ccc3-lp0-bb8-sbe-ab&subid=20180701&i_id=email_ HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Mon, 19 Sep 2022 22:44:28 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81fa7001b4b94f54d2ab4f3237ecaabb
e21bb07f34d9bed91f5caac3f9a83e9600a5652c
0ecbe6e0c5198d792a0eeb4197c88ec1d3a9f8b215efae7a6bb87776f7673b6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

results.hloginnow.net/favicon.ico

34.195.178.228

200 OK

112 kB

URL HTTP/1.1
results.hloginnow.net/favicon.ico
IP
34.195.178.228:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Size
112 kB (112173 bytes)
Hash
504432c83a7a355782213f5aa620b13f
faba34469d9f116310c066caf098ecf9441147f1
df4276e18285a076a1a8060047fbb08e1066db2b9180863ec14a055a0c8e33f1

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: results.hloginnow.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180701&ap=appfocus1&source=d-ccc3-lp0-bb8-sbe-ab&uid=1cd3c567-d74b-4665-a863-353037e5b19f&i_id=email_1&page=newtab
Cookie: user_id=1cd3c567-d74b-4665-a863-353037e5b19f; nts=t; _gcl_au=1.1.822804445.1663627448
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: image/x-icon
Date: Mon, 19 Sep 2022 22:44:26 GMT
ETag: "342c678ef699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:06 GMT
X-Content-Type-Options: nosniff
Content-Length: 112173
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

2.7 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
2.7 kB (2660 bytes)
Hash
554a6c3c64f962b45d6d707a6d3cb738
886c15049f0bfff7705ad9cd7d7d2b8b4d182d28
81603b4a0d09d18fec96faf9866c490cd1e359c29368cd932f55d25768699f57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

2.7 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
2.7 kB (2662 bytes)
Hash
e31a8ddfc3c962e1ad409760e70b37c2
eb91230f0f241e30b78a71ee5ce77293dafe3bc4
8cfc7cab69c455d75b76903c5daa3cdf42c4398eb318cd96b5879d68117f925c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448476&cv=9&fst=1663627448476&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.207.194

200 OK

3.3 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448476&cv=9&fst=1663627448476&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
data
Size
3.3 kB (3297 bytes)
Hash
555dc3c480ceb3d60c76cf7709deeea7
96582b236d21aeed29f0d2475515ec445bb9bd51
dc62deab9f6f593e2911f3ec5f0c198963fe2a4df2bb2af2f5e86f07746263d0

HTTP Headers

GET /pagead/viewthroughconversion/713545727/?random=1663627448476&cv=9&fst=1663627448476&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 22:44:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1165
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Sep-2022 22:59:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448474&cv=9&fst=1663627448474&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4

216.58.207.194

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1663627448474&cv=9&fst=1663627448474&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
216.58.207.194:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2516), with no line terminators
Size
1.1 kB (1130 bytes)
Hash
106ce1672af03c6e834105979f9bc9fa
325d477267616cc576a766f4269e69052641aea1
f896cdb6c0be4b51f44748389d1fe3a862ea01547e2e04b0c151ffbaf98c27db

HTTP Headers

GET /pagead/viewthroughconversion/713545727/?random=1663627448474&cv=9&fst=1663627448474&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=822804445.1663627448&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 22:44:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1130
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Sep-2022 22:59:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

openweathermap.org/img/wn/50d@2x.png

138.201.197.100

200 OK

650 B

URL HTTP/1.1
openweathermap.org/img/wn/50d@2x.png
IP
138.201.197.100:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
650 B (650 bytes)
Hash
cafa1ee1c50faccf5ea980cd083b07cf
7e2394484df258e1c2e95a3ae8fd9ba6113998f3
f962e7602c0b5b0949d3f46524223dea2290503eee3964b81c7a6335d208fc7d

HTTP Headers

GET /img/wn/50d@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: image/png
Content-Length: 650
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-28a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Mon, 26 Sep 2022 22:44:28 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4538
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 22:44:28 GMT
Connection: keep-alive

openweathermap.org/img/wn/01n@2x.png

138.201.197.100

200 OK

945 B

URL HTTP/1.1
openweathermap.org/img/wn/01n@2x.png
IP
138.201.197.100:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
945 B (945 bytes)
Hash
fb82c56f21511270701f0f68741618eb
5b9dd5c7734d65e68e5467f34daa5d39a6dcdfdd
7bd4657936b44fb4e8f568b6c09fbdc1a7936df1ceb1407fc46c24c7ef3d7848

HTTP Headers

GET /img/wn/01n@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: image/png
Content-Length: 945
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-3b1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Mon, 26 Sep 2022 22:44:28 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

openweathermap.org/img/wn/10n@2x.png

138.201.197.100

200 OK

2.6 kB

URL HTTP/1.1
openweathermap.org/img/wn/10n@2x.png
IP
138.201.197.100:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2584 bytes)
Hash
4aa318f910cc38a777ef322ae51a4e05
a8d437a4a9e51723a01df94546a47b6259b121e3
45f3c1e87773087c6dfe8a2bcd84f140d16155faba03c5e38b2be11a010426c7

HTTP Headers

GET /img/wn/10n@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: image/png
Content-Length: 2584
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-a18"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Mon, 26 Sep 2022 22:44:28 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4538
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 22:44:28 GMT
Connection: keep-alive

openweathermap.org/img/wn/01d@2x.png

138.201.197.100

200 OK

948 B

URL HTTP/1.1
openweathermap.org/img/wn/01d@2x.png
IP
138.201.197.100:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
948 B (948 bytes)
Hash
05e38c599f10a0306d7014d43ada886d
7591e549db3bc54f959c0d431fb3374135dd1a30
4d97d68ba45f75d6f63fea2575659c8d48ae087894f58adce61cab400845dba2

HTTP Headers

GET /img/wn/01d@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: image/png
Content-Length: 948
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-3b4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Mon, 26 Sep 2022 22:44:28 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4538
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 22:44:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

2.7 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
2.7 kB (2693 bytes)
Hash
505f7801c4be9baac4f346cee70a59ae
dc73aaea63cc530606714761b98b00afc1720120
acffa7d4cdcff2e9a62f12b782382293ee97fa836b75446d5afd03dd3eef814d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4538
Expires: Tue, 20 Sep 2022 00:00:06 GMT
Date: Mon, 19 Sep 2022 22:44:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7358 bytes)
Hash
49ffb7cd4c40b37f5b61c1fd86ee36ec
4188174bf6e595335f784d2bf9c90db57294b2fc
5af29dbb676f5a38288e73e9ca4feada901ccfb06385110ca0a46a4970532d32

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F799803b1-7e6e-42da-84f6-3e45140e6ae6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7358
x-amzn-requestid: 88cc5413-2f66-4dc6-b20d-57dd16e77e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugqUHZIoAMFd3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e175-7357c2251f4434bc4686f9ed;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tqQuwCb5au2yf-m5wbZyUdOh7VEnYzxCk19p2IlH0vHCFx9Lkhu6lw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:00:04 GMT
age: 2664
etag: "4188174bf6e595335f784d2bf9c90db57294b2fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
6.7 kB (6747 bytes)
Hash
acc98a3400dbf6788ab0abd0922ecc05
d0cbbf27447ae73bcf63d41784cec8f76661b262
be4fc328dafecd4e661340f558f64ffc2d1951bf4c27e2e0b2aef2ccb45d00da

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5402
x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvaLH1-IAMFbgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y-1A5O-MNU6Q5T_fCN_2jLaRC-6TUhzp42BN0cgPTjoOdiz5jwmbGQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 02:54:45 GMT
age: 71383
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

openweathermap.org/img/wn/10d@2x.png

138.201.197.100

200 OK

2.6 kB

URL HTTP/1.1
openweathermap.org/img/wn/10d@2x.png
IP
138.201.197.100:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
2.6 kB (2584 bytes)
Hash
7efb7efb9dfabda61d89d29187508b6f
45578ae531f6dba58efc6037696727b687425079
649bddef1d5b18d1ad2a9bcc9394f9a21c06617a5a1530f6c258ed75d2de5ede

HTTP Headers

GET /img/wn/10d@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: image/png
Content-Length: 2584
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-a18"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Mon, 26 Sep 2022 22:44:28 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

openweathermap.org/img/wn/04d@2x.png

138.201.197.100

200 OK

1.9 kB

URL HTTP/1.1
openweathermap.org/img/wn/04d@2x.png
IP
138.201.197.100:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1869 bytes)
Hash
1f2aafb2dc3b9d387d58567acfe3ffa5
76bfa452fe904c4acdd0f6563614d5051ee5f142
5b93d1d05564bfdedf759cd96adff916da7b9af18fb30064f5a99a5270d599f0

HTTP Headers

GET /img/wn/04d@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Mon, 19 Sep 2022 22:44:28 GMT
Content-Type: image/png
Content-Length: 1869
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-74d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Mon, 26 Sep 2022 22:44:28 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11145 bytes)
Hash
c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DwufJXA1yHz_jnJL0PWjCQYF9fa3jlJ0e-2hIomInAXCpmPISX3mjg==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:02:33 GMT
age: 2515
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (14019 bytes)
Hash
625c236eb315a97e5686b75eb8c1bbf2
ea40b6c8ec89b5d417eecfaa719c6c678f0fc1e6
e307a7375dffe26f5828f0f941491bc87ad23ecda3cc3986d5c777ee393a2c5d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7sCevVX1nGXxZxnrXSURjUcap1a7vCZwrMMIXfzcBPR1srMxJHLGUg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 2243
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5985 bytes)
Hash
3463c46d2b7a87a91ff1a701a438d80e
92c78b27f4e31609c1b78670b26e68b4f991a8ed
b95b290832f12f97c7da51382fe92feba2fa93a5ec0470d48a533a58a13dc474

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe763d5d6-1a5c-4160-9667-8ed7c6b1e265.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5985
x-amzn-requestid: 6797727b-78c7-470f-bee8-7b55e64d36ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugzxH6qoAMF67w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e1b1-0d574a815d19636b21376c91;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7lzvXaC9EgAduUw3i_GsZkjj0LT2QfaXCQyZQibuNcfyJ2XwKWHgtg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:03:08 GMT
age: 2480
etag: "92c78b27f4e31609c1b78670b26e68b4f991a8ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7ceffe-3c92-417f-bd64-15a9e9118a4a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (2951 bytes)
Hash
1e8175cd370c35ad06cb2d009c3f7095
4f71cdda787ce98a58f2fe9ce8ba2e7ec7b150d2
649f5309448c163e4d379f02c4af8d9b6801935eea1939c61c010b7f76af1591

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb7ceffe-3c92-417f-bd64-15a9e9118a4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2951
x-amzn-requestid: 087a36dd-984f-49d1-8a37-b357967e67ce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugIiH7KoAMF5uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09c-38b316cc31454446524f7b01;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Pa1_SEmH8wkgR6Ux-sHxEzAi2bOKP7LwW3GR6HsqX0Kfr8Bavvjxg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:07:05 GMT
age: 2243
etag: "4f71cdda787ce98a58f2fe9ce8ba2e7ec7b150d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/713545727/?random=1663627448474&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=169352549&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/713545727/?random=1663627448474&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=169352549&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/713545727/?random=1663627448474&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=169352549&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 22:44:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/713545727/?random=1663627448476&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=1549245577&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/713545727/?random=1663627448476&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=1549245577&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/713545727/?random=1663627448476&cv=9&fst=1663624800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9e0&sendb=1&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=1549245577&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 22:44:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
fa65e4428adb73fd14d3e23085784699
00f883ce942c6c1be5e8e39d8ebe126de77dbadf
8eb4b4b2d5dc9f17570f22fc0afdf63d1fc80cc0aa37ad77cc81d52dda2bc281

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 22:44:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178002442-1&cid=1888144210.1663627448&jid=484586194&gjid=837299022&_gid=1528386836.1663627448&_u=YEBAAUAAAAAAAC~&z=204780816

142.251.1.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178002442-1&cid=1888144210.1663627448&jid=484586194&gjid=837299022&_gid=1528386836.1663627448&_u=YEBAAUAAAAAAAC~&z=204780816
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178002442-1&cid=1888144210.1663627448&jid=484586194&gjid=837299022&_gid=1528386836.1663627448&_u=YEBAAUAAAAAAAC~&z=204780816 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://results.hloginnow.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Sep 2022 22:44:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219278292-1&cid=1888144210.1663627448&jid=931675983&gjid=804908592&_gid=1528386836.1663627448&_u=YEDAAUABAAAAAC~&z=804140905

142.251.1.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219278292-1&cid=1888144210.1663627448&jid=931675983&gjid=804908592&_gid=1528386836.1663627448&_u=YEDAAUABAAAAAC~&z=804140905
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219278292-1&cid=1888144210.1663627448&jid=931675983&gjid=804908592&_gid=1528386836.1663627448&_u=YEDAAUABAAAAAC~&z=804140905 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://results.hloginnow.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Sep 2022 22:44:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&rl=&if=false&ts=1663627449294&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663627449293.614787345&it=1663627448484&coo=false&rqm=GET

157.240.200.35

200 OK

4.4 kB

URL HTTP/2
www.facebook.com/tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&rl=&if=false&ts=1663627449294&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663627449293.614787345&it=1663627448484&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type
data
Size
4.4 kB (4360 bytes)
Hash
337726b683b866a0a285b4f0bdc51f92
da7f144a62a0c235b18b463eeb41f95f0186d0ac
397e9fa218d9f5eec064115a88478d3d2a65f2259da733ee9979ab50353619e2

HTTP Headers

GET /tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180701%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb8-sbe-ab%26uid%3D1cd3c567-d74b-4665-a863-353037e5b19f%26i_id%3Demail_1%26page%3Dnewtab&rl=&if=false&ts=1663627449294&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663627449293.614787345&it=1663627448484&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Mon, 19 Sep 2022 22:44:29 GMT
expires: Mon, 19 Sep 2022 22:44:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

via.placeholder.com/300x300?Text=.

104.21.33.39

403 Forbidden

0 B

URL HTTP/2
via.placeholder.com/300x300?Text=.
IP
104.21.33.39:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /300x300?Text=. HTTP/1.1
Host: via.placeholder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 403 Forbidden
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eok4LiNP1AmltDXnOIZHb%2BpKD0ZoW1Np8mNzlFh3nHg8UDRw%2F4Pe3c5WlP3Ck30Ri2z0XmWZOzKVfLTyfTFEYw91LyLyLm1JZOYzJpzSQ2vec7J5skeqwssrVF%2BSQcXIhsjz6Piz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d5d8989b98b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.225.52

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.225.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 19 Sep 2022 22:44:27 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 133
expires: Thu, 22 Sep 2022 22:44:27 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74d5d894bc2cb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 22:44:27 GMT
date: Mon, 19 Sep 2022 22:44:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations