www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/exm=corsproxy/ed=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=navigationui
216.58.211.3200 OK 12 kB URL GET HTTP/2 www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/exm=corsproxy/ed=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=navigationui
IP 216.58.211.3:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2016)
Hash ed6c5876061077e2bee210f44438495b
cbaeb94b25f6861a3a9d37492cf58ae533f41bfd
ca57b291903c09ebc7bfa53fd551f39000ae6876f4c5ab7d6e31ab908b8d3756
GET /_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/exm=corsproxy/ed=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=navigationui HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 12148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 21:25:49 GMT
expires: Tue, 04 Jun 2024 21:25:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 03 Jun 2023 11:22:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 51351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=corsproxy
216.58.211.3200 OK 26 kB URL GET HTTP/2 www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=corsproxy
IP 216.58.211.3:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2586)
Hash 270ffcd066ccddc13cbef4f9d248988b
297529a921dd0b52ad7288d5847c3fe2ab49e507
bac5fc39c07c07d3ece30d4db6927b7905b109946b058655af54ea6bb23560e1
GET /_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=corsproxy HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 25780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 21:25:49 GMT
expires: Tue, 04 Jun 2024 21:25:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 03 Jun 2023 11:22:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 51351
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.js
69.16.175.42 84 kB URL code.jquery.com/jquery-3.5.1.js
IP 69.16.175.42:0
Hash 23c7c5d2d1317508e807a6c7f777d6ed
ad16c4a132ad2a03b4951185fed46d55397b5e88
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
GET /jquery-3.5.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:40 GMT
content-encoding: gzip
content-length: 84374
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-4638e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686051700.dop067.sk1.t,1686051700.cds068.sk1.hn,1686051700.cds204.sk1.c
X-Firefox-Spdy: h2
ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/YW5SeVpYUjBaWEpBYTJobGMyeGpMbU52YlE9PTpGYUVubA==
47.87.148.122 1.0 kB URL ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/YW5SeVpYUjBaWEpBYTJobGMyeGpMbU52YlE9PTpGYUVubA==
IP 47.87.148.122:0
File type HTML document text\012- HTML document, ASCII text
Hash 62a9a2d8f70cc0a92418790da9a3a8af
aa35c459a1fefe10cdf1ee22b1c491697a46bdbc
e4aa2f55fa94c1ff013c55af57d71af1a91870ab066ff3153d02abd79ea185c6
GET /9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/YW5SeVpYUjBaWEpBYTJobGMyeGpMbU52YlE9PTpGYUVubA== HTTP/1.1
Host: ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Jun 2023 11:41:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1024
Connection: keep-alive
Set-Cookie: PHPSESSID=hr24q0l3gv2iu6k1l8qf9j9s92; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
code.jquery.com/jquery-3.5.1.js
69.16.175.42 84 kB URL code.jquery.com/jquery-3.5.1.js
IP 69.16.175.42:0
Hash 23c7c5d2d1317508e807a6c7f777d6ed
ad16c4a132ad2a03b4951185fed46d55397b5e88
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
GET /jquery-3.5.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:42 GMT
content-encoding: gzip
content-length: 84374
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-4638e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686051702.dop065.sk1.t,1686051702.cds210.sk1.hn,1686051702.cds204.sk1.c
X-Firefox-Spdy: h2
ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/favicon.ico
47.87.148.122 1.0 kB URL ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/favicon.ico
IP 47.87.148.122:0
File type HTML document text\012- HTML document, ASCII text
Hash 0977e545177db7284f081d78c6c0ecf4
a48ed71cd115f5235d596b1a53d9bea67e8a6e67
f402e23e1175d27250730cece7a7ed02234d6e7d6c63606227d128aeebb1b24c
GET /favicon.ico HTTP/1.1
Host: ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/YW5SeVpYUjBaWEpBYTJobGMyeGpMbU52YlE9PTpGYUVubA==
Cookie: PHPSESSID=hr24q0l3gv2iu6k1l8qf9j9s92
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Jun 2023 11:41:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1025
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/api.php
47.87.148.122 157 B URL ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/api.php
IP 47.87.148.122:0
File type ASCII text, with no line terminators
Hash 93a76cc27fbd00d1c7835ccff8cf8e88
9aa6d678846349b9cda09d34c71f452ece028cc0
ef524c4f77c674fcb711262457deaebc9189672952beb73774e65a4e1239d71c
NIDS Severity Alert suricata medium ET PHISHING HiYu - Request for Victim Enrichment
suricata medium ET PHISHING HiYu - Victim Enrichment Response M3
POST /api.php HTTP/1.1
Host: ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 56
Origin: http://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai
DNT: 1
Connection: keep-alive
Referer: http://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/9YQz6eTXGsS8jn7umR5KvkMrbcHDhtECNg4xPUAVydwZ2FaJfW/YW5SeVpYUjBaWEpBYTJobGMyeGpMbU52YlE9PTpGYUVubA==
Cookie: PHPSESSID=hr24q0l3gv2iu6k1l8qf9j9s92
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Jun 2023 11:41:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 157
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:43 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1016868
expires: Sun, 26 May 2024 11:41:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjPY6A6%2Btizb2Jf87K3C0kiCHmBw08NBUZ%2BfAK9fnnpTaPw0Ag0s50xR0hOE5uqNPcRMyjsnWPQaMeLiSbAXq9ogOAh3bMWKnHwodmt55hoxNT4BtgIQYmIiTDY99jVJGsw5F543"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d30634aed3eb4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
104.17.25.14200 OK 4.4 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.17.25.14:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (23577)
Hash 04425bbdc6243fc6e54bf8984fe50330
8c15c6bd82c71e9ef1bb11cf24e502fe07518ac5
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
GET /ajax/libs/font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:43 GMT
content-type: text/css; charset=utf-8
content-length: 4364
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-5cbb"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7031790
expires: Sun, 26 May 2024 11:41:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSYyGZekad%2FUPes8YGRO9N%2FkwZFb%2F%2FhUZPo4z9C8ETGsPTYr5suYU8zZP%2BxTKS%2BBUQacFPMkunLXDe7FkOqa8AtdodFZBkC9zul8mcb58KviTXUipR1i4vDWuewyJXlgFTsQvnF4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d30634afd65b4ed-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hh1iil.web.app/images/OL.png
199.36.158.100 11 kB URL GET hh1iil.web.app/images/OL.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 462 x 104, 8-bit/color RGBA, non-interlaced\012- data
Hash efef2b9ef415e0272c0e200b0787c858
caa7eb9989eef2df5dc3e389a16f8a1bea7cf35e
a24e474952444d9b1a9b21e52553a94b8c9d222ed90572a76aff0df9ec9891a2
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/OL.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "fb0110c32ca02a410818c1d15c59f57a9cbb3188c9cf2c9dd59f78b97d4ea717-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.528882,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11365
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=gtElInit&hl&client=wt
142.250.74.174200 OK 40 kB URL GET HTTP/2 translate.google.com/translate_a/element.js?cb=gtElInit&hl&client=wt
IP 142.250.74.174:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type ASCII text, with very long lines (2586)
Hash 1c219f69015032ab42b1071530336f3b
ab7b894548432a4c6773afd2a8adac791db7c8b2
c548a4bda244ddafa71f5cddfcdf89da9b15db6d94094e1f81ed4d121fdd5a36
GET /translate_a/element.js?cb=gtElInit&hl&client=wt HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Jun 2023 11:41:40 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+572; expires=Thu, 05-Jun-2025 11:41:40 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=corsproxy
216.58.211.3200 OK 26 kB URL GET HTTP/2 www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=corsproxy
IP 216.58.211.3:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2586)
Hash 270ffcd066ccddc13cbef4f9d248988b
297529a921dd0b52ad7288d5847c3fe2ab49e507
bac5fc39c07c07d3ece30d4db6927b7905b109946b058655af54ea6bb23560e1
GET /_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=corsproxy HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 25780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 21:25:49 GMT
expires: Tue, 04 Jun 2024 21:25:49 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 03 Jun 2023 11:22:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 51354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hh1iil.web.app/images/GO2.png
199.36.158.100200 OK 38 kB URL GET HTTP/2 hh1iil.web.app/images/GO2.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 800 x 400, 8-bit colormap, non-interlaced\012- data
Hash 55a959c78cad4276119eb4fba417108c
11cbdb593bb62ecd4668c7e57cd6bfd728f444f7
ec57ff5772e321a27595934831db29f09792cf36b34ddc15bdd5fb4dccddfa1b
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/GO2.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "ade0a872d26c02796324c525c327519e3cca32ea757d4ba98a28cb6819a78a79"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.529125,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37861
X-Firefox-Spdy: h2
hh1iil.web.app/images/RackspaceLogo.png
199.36.158.100 6.0 kB URL GET hh1iil.web.app/images/RackspaceLogo.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 404 x 125, 8-bit colormap, non-interlaced\012- data
Hash 60dd08de12cf49a3778980a70f86b6a3
e33a46bbf63937fcbbdb0d2051284c17a72608b9
5d136f00203860388f5f013be9adcd0455868ba2d9b0eb1154e2c4ddb96eab62
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/RackspaceLogo.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "8df3da2bbcf6fd18fb2a95e88424020b9e55354cb0e32ce99aa91802ae05a28b-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.529678,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6034
X-Firefox-Spdy: h2
hh1iil.web.app/images/microsoft.webp
199.36.158.100 16 kB URL GET hh1iil.web.app/images/microsoft.webp
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x675, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f490cdbabf84b7f04f6e1df1ecc0d2bc
32085a179786c0dfb83afda9c9b789645ba1ac03
d8112eb7eb1380b0dac48529cb2e643563521eaa60972826017dfb4e00bef823
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/microsoft.webp HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/webp
etag: "ef85d72eb2d4d346dd9962722952949d8454a7d048add7042cb022f1085838f9-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.529010,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15772
X-Firefox-Spdy: h2
hh1iil.web.app/images/Strato1.png
199.36.158.100 22 kB URL GET hh1iil.web.app/images/Strato1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 451 x 225, 8-bit/color RGBA, non-interlaced\012- data
Hash 60ce079d54058ba2979773e4e1b6c429
6574bf5a1e2661c0890214269cb2b43d5019ba78
e3d2bd4d0748fa09a5318e27668b6b33878dc4f746182d86612bc62ff4271370
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/Strato1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "e95b2fe49b8a8e8e6371f12b99bed9f4e693691275d657e3b5952dbb9dfc6ef1-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.529804,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22542
X-Firefox-Spdy: h2
hh1iil.web.app/images/netease.png
199.36.158.100 9.0 kB URL GET hh1iil.web.app/images/netease.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 472 x 107, 8-bit colormap, non-interlaced\012- data
Hash b49213a83097b724893db7de0b8f87e8
8c5eccb665e726e5a5f014e2e7d8638a541c0643
a17ab7216709ca54497edfa587cfc5003d8ba623c675a966ddd26264b4a07a05
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/netease.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "d257a9a29b79bed0e62ee1dc17cd87bc5675d9d4b5e0729e6523628e0a5712d1-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537304,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8995
X-Firefox-Spdy: h2
hh1iil.web.app/images/OUT.png
199.36.158.100 11 kB URL GET hh1iil.web.app/images/OUT.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 272 x 185, 8-bit colormap, non-interlaced\012- data
Hash dede0fe72a80053288dee4d473880588
d27defe0ce72c632e8fb7c3267d77609e0fd6d7b
3946a9d4e8cec66374d02c37b350641ae3510ff29af591ef593cd0e6293c036a
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/OUT.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "906e64556f82b3975f6376407fef0a3ebdd566e6074d89820c05c9eccda9b118-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537257,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11405
X-Firefox-Spdy: h2
hh1iil.web.app/images/bartom.png
199.36.158.100 13 kB URL GET hh1iil.web.app/images/bartom.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 394 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash b92e4f82fdb58704095201d7da095f6e
ca772b63a93bd265139a5f541228f079ee2c1619
e5fd2ad8c71c1d3bd4722be727879550655f62c365d19530155a73ad74e3560f
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/bartom.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "377ea4f8c68d52d2be4d1bd99a5f392278f1c033106ce6f33aa0e26a7c6124c6-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537449,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13214
X-Firefox-Spdy: h2
hh1iil.web.app/images/11and1.png
199.36.158.100 13 kB URL GET hh1iil.web.app/images/11and1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 496 x 124, 8-bit/color RGBA, non-interlaced\012- data
Hash a012da4ec239fc8e0d09a1d80db24705
3472c1b3825eaef54a36c7006ed43497a5d2856e
2f44a09c646e42f10ec6a54a77dbf319981649dc0bbee85b8af15de740e18849
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/11and1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "734c6236e660c41b75e3618598ea3a07c2ec9495414bae72c5143c0b1bf30fae-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537274,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13125
X-Firefox-Spdy: h2
hh1iil.web.app/images/22.png
199.36.158.100 11 kB URL GET hh1iil.web.app/images/22.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 742 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash bb6241d50cc0dd5de86464fb1db20837
97204b4fffdc5baef72dbfb62c7df2b39a639aab
51773f8628a02bddab6140432920e5811665153aa0b414edf754eb356857d07e
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/22.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "154252794893f7be4870cf985c1f7a6e7fc5dac74e8facbc7b70b0cb9176d709-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537595,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11419
X-Firefox-Spdy: h2
hh1iil.web.app/images/owa.png
199.36.158.100200 OK 1.5 kB URL GET HTTP/2 hh1iil.web.app/images/owa.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 120 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 57c63f8c9d91db551905afe19c28e2fb
6e3738d9efab3caabc6b843430d21fade6735ca4
a782150402e8029730321b43291e7104ce52033059bea111fb546c36e5dc9999
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/owa.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "95800ee9b640c4c63c793f5472a9634589ab390249c5ca9d6ff5ca5141820530"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537879,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1489
X-Firefox-Spdy: h2
hh1iil.web.app/images/web-mail.png
199.36.158.100 3.3 kB URL GET hh1iil.web.app/images/web-mail.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 299 x 37, 8-bit/color RGB, non-interlaced\012- data
Hash 70e58609b4b2405368d6e4af8b0be2a3
b96ef160eaac31d7a5154bcc03d3453b279a81c1
c0b68546949f5fffe9569b37a3b5b5182cb366ea9c63c1b8e17ef90fcf365a4c
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/web-mail.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "b8cf760c6433f590de559eec0c7c19272b1e11bf6a5bc81706a2e294a3610277-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537496,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3294
X-Firefox-Spdy: h2
hh1iil.web.app/images/ovh.png
199.36.158.100200 OK 5.9 kB URL GET HTTP/2 hh1iil.web.app/images/ovh.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 417 x 104, 8-bit/color RGB, non-interlaced\012- data
Hash 055b91d6d7bb73be499a7ad65f029547
6b3c24253f144d08583b86e0be78fb38a932b910
1c9128d9fc938445476abf489ef140410d03ef8a78291a8f96c627b2ce3bd8e4
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/ovh.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "3a72b2bc6533e7d62651e5362ae1fc3ff563ec6fa1aafccbcf684f7cb83bcaa1"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.541686,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5938
X-Firefox-Spdy: h2
hh1iil.web.app/images/GoDaddyLogo.png
199.36.158.100 15 kB URL GET hh1iil.web.app/images/GoDaddyLogo.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 900 x 252, 8-bit/color RGBA, non-interlaced\012- data
Hash 461726554009f5d72cd6403e19b9a05b
9613ad4cfc97b1e2235381b9227e494d20a6f9db
a52acfe90ddc096e7fbdd5aa2fb638eb0a604afbd7b13b33376e10e0d3d0a47f
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/GoDaddyLogo.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "f9268bd5462e6c7922e5951e25b7cf0f22472b5787166239d25fcad997b454de"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.529258,VS0,VE17
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14653
X-Firefox-Spdy: h2
hh1iil.web.app/images/logo3j.png
199.36.158.100 16 kB URL GET hh1iil.web.app/images/logo3j.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 678 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d3255d73f90ab964722ea56653d242b
d6b84a8ca0f26fff3532a095406cca5b21d06eb9
9121eb3a0f69b4ca59a522c4cf0f3d40edd54a83db59927b83e84373a03060cf
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/logo3j.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "c8ea9150fedf4cbac20a363b025abd969225299d9663c89335a871e678c1a474-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537675,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15504
X-Firefox-Spdy: h2
hh1iil.web.app/images/barracuda.png
199.36.158.100 22 kB URL GET hh1iil.web.app/images/barracuda.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 690 x 160, 8-bit/color RGBA, non-interlaced\012- data
Hash b734162a74a8ce88aca909cb6cefe383
2d7ae9eaab36b03a994648e92e256b5d03e520ba
06eebdbaf7d2b28d61354ddf9318c36395792ff767f14cfcc41eec5212de98cf
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/barracuda.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "78e6824de70ecc7ce4aa3fe87476eda41423c305c03623ee1cf0d7ebcd61df31-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537226,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21958
X-Firefox-Spdy: h2
hh1iil.web.app/images/1and1z.png
199.36.158.100 30 kB URL GET hh1iil.web.app/images/1and1z.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 628 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash d824be82b5d68a084300550234a0d2b8
785bacc154c013840d7b627fad26f06cd6af96ba
be4b7409c6a222ec4753cb85d27138db22b27e1e1f1fe3bb0b895e24bb23342e
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/1and1z.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "6d10253974bcddcc5461912bd8e881ea86858f3753a250ee3947672b2cfdad4a-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537308,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30491
X-Firefox-Spdy: h2
hh1iil.web.app/images/namecheap.png
199.36.158.100 20 kB URL GET hh1iil.web.app/images/namecheap.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 871 x 162, 8-bit/color RGBA, non-interlaced\012- data
Hash af1ced5d03ef3b75a6416a210c669ba3
c867aa2bb3f3c327a975fcc62518b925825ce770
7e99cdebab89eaaaea33556ff31b9748b72af9d7df632394859e96bda3392e2f
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/namecheap.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "b70e6d6e25d31aacf3952bc7bd9465d9460258e08184cf050c96fec2ab284e9e-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537387,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19473
X-Firefox-Spdy: h2
hh1iil.web.app/images/logo1.png
199.36.158.100 16 kB URL GET hh1iil.web.app/images/logo1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 678 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 45f7c08a654cad299c9db8e0d1a8beef
32c25fbb880eb53c1956a9597505d65fd010a59b
20562cf0bf0d5594c88ffe98d6a013dc3d6d12a62bca19b77b869bd86314c91c
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/logo1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "0c6a5681acefc4150a905b3f5e3786bdbd7b270d9405e71fa49bce51a8fc2048-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537642,VS0,VE15
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15587
X-Firefox-Spdy: h2
hh1iil.web.app/images/aliyun.png
199.36.158.100 24 kB URL GET hh1iil.web.app/images/aliyun.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 981 x 338, 8-bit gray+alpha, non-interlaced\012- data
Hash cb2381123a9bcfa63a674bd9e520efb6
3ad18f4e9b65b628fe541097c27dddf378d8f795
1cc4a7f4f5e1a4dd85983feec05a7b5fbd1fa7549d6d961245b813649945e341
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/aliyun.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "8385a706e92c737f354b16f226ea5e468651e8a05edec97e31b972aaff52b18f-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537350,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24327
X-Firefox-Spdy: h2
hh1iil.web.app/images/hinet_logo.png
199.36.158.100 20 kB URL GET hh1iil.web.app/images/hinet_logo.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 672 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash 61001786662e8f730542fec9ff1f3d58
58ef2465fc4785c0923631e1ec8c40063fb07bc6
3586220992a4ac38538843f259cdd76bf7af13fcbd6a848ee66922611d4daab7
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/hinet_logo.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "9ae760408cf42e77666e83be2cc3fb2647fa57af8a4b22ca167ce184de79e578-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537744,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20248
X-Firefox-Spdy: h2
hh1iil.web.app/images/bar.png
199.36.158.100200 OK 17 kB URL GET HTTP/2 hh1iil.web.app/images/bar.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 366 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 130fcc48d7025f2f9611ee27b7c867dc
077121c5864bceaaf3194a94a113c9401c19a979
06553ad171b48d412cfaa957b3bc4fca3f5bc84befc8be86a71ed43945b123ce
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/bar.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "f6741a7381cd8950bda0306908865b7f91744e127f952e6bc6e21c8357ab249e"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537718,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16908
X-Firefox-Spdy: h2
hh1iil.web.app/images/up.png
199.36.158.100 16 kB URL GET hh1iil.web.app/images/up.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 678 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash c475e509670e673873c2de76467590f6
f38930411fe166c53bc3e39c41490d6dddb44517
6a92fc1991fffb5fe08c105e9d525339ed407126f99ed2354ebfe73b6edb1f89
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/up.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "a7cc6e509a48d70003d38d254d83e19ec95d55c8520dcd4b08488e0c0ec9a171-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537801,VS0,VE4
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16480
X-Firefox-Spdy: h2
hh1iil.web.app/images/Strato.jpg
199.36.158.100 93 kB URL GET hh1iil.web.app/images/Strato.jpg
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=342, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1594], baseline, precision 8, 2070x718, components 3\012- data
Hash 4f4285865ec206c5058e0fd1e4b152a6
af7d04a5e557368673ca664ae8a0082b5d1ac2e0
fa87a0a6fe6f885a4543a0db0d08d007d49107faa681fa1b5570e60676a9224f
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/Strato.jpg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "934a510f9e98f521ce22443fa919b81f7cd1280c5a6f28115e7e0df7a1ae786e-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.529937,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 93088
X-Firefox-Spdy: h2
hh1iil.web.app/images/barsohu.png
199.36.158.100 28 kB URL GET hh1iil.web.app/images/barsohu.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 352 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 7722212d42163fa3982ade61064389fc
06f0b8bd715b385935745470656672de81999a97
c4b51968c7a5b21e875fdfe2aa024aac7923c2afa2df0b41786bafb089af67ce
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/barsohu.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "4e96214e9aecda2a5ae471fcc4df6b5a0de9474605f2bd091cfb3c3df296608f-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537482,VS0,VE4
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28254
X-Firefox-Spdy: h2
hh1iil.web.app/images/3.png
199.36.158.100 37 kB URL GET hh1iil.web.app/images/3.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 792 x 390, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ef094aa939ba4b3a89e08e81123fb2e
ef77d46dc464587156a54c323729d4cf1cc4716a
c7b4da6b025b9483896f92a0a4acdb9d56fb836de37939db19bc91638f727e5a
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/3.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "49d11b3876f73ea8c85d7d64b958a83ddee85c54ba11440c6b32990c9e4a6285-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537437,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 36995
X-Firefox-Spdy: h2
hh1iil.web.app/images/maxresdefault.jpg
199.36.158.100 58 kB URL GET hh1iil.web.app/images/maxresdefault.jpg
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash 7d754a7b54e0cd53c5412c8780bc8b03
dde032ab42f29c23bcb8db574e1a4a1846b619ed
b649968f2627f7708d082c720774ce74f13eadb1d73bf2c21aa87ee19371992e
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/maxresdefault.jpg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "6de1ca583125043a52d027c5059feecef470e47ff0b4c0adf95625dcec31ed33-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537354,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57992
X-Firefox-Spdy: h2
hh1iil.web.app/images/netvigator.png
199.36.158.100 33 kB URL GET hh1iil.web.app/images/netvigator.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1200 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 23bd801d10d011a9e81645daa7405edc
b37370bc5f7f4e3232161158a371658c7ae053a0
20fb7370427339dd4343bea66b881feff72ceda3c0a6a53b69a292cf0cfd1eff
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/netvigator.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "8f078c8e1dff7d244bda9c582792207af10dec51dff0685f0e2912ff77229683-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537237,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33376
X-Firefox-Spdy: h2
hh1iil.web.app/images/RackspaceEmail.jpg
199.36.158.100 91 kB URL GET hh1iil.web.app/images/RackspaceEmail.jpg
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x630, components 3\012- data
Hash 4f3e15b515575528a3212a8c0fe444f3
bb2c1abcd1dd3c218fc86d06577a55433a40613f
86de50cfe24a2ba7491fbffe9f894ce1d608f21d6b5e1d6e2822f6b7fd1c80f9
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/RackspaceEmail.jpg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "96af5e82e8a5ee845369cb301c2ef0b1e7a119ee95facaa89e6b725692b56368-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.529538,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90786
X-Firefox-Spdy: h2
hh1iil.web.app/images/spamexperts.png
199.36.158.100 7.1 kB URL GET hh1iil.web.app/images/spamexperts.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 700 x 200, 8-bit colormap, non-interlaced\012- data
Hash a889c8789769e51dfa873e99d5ee1bc2
0e7106e0a96b54b79fd43d3dd80b69fc24da0ab4
7171c4f9346794867e87ad491ab6edde325e7c443e22eed0510f6a8192c41b7f
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/spamexperts.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "5d6e8a7e7c739257e244965a087f05b95a77f24593f48d6f34c17ed98cb60a7a-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.574013,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7126
X-Firefox-Spdy: h2
hh1iil.web.app/images/mailgun.svg
199.36.158.100200 OK 1.8 kB URL GET HTTP/2 hh1iil.web.app/images/mailgun.svg
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c631ae74c14b008f93570c5ba2ac26c1
4c4658d0deaf0242dce54e609892e76114b30ee9
ac891a6a3b37ba14f19f2c6f93f11dc432c5724cb306f38e2384a6a0700fde01
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/mailgun.svg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "d6d9a0ddf2b1159d4f7c128adfc2b485eb2700ca4cc46249a979180c1f582d24-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.577867,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1782
X-Firefox-Spdy: h2
hh1iil.web.app/images/icoremail.png
199.36.158.100 32 kB URL GET hh1iil.web.app/images/icoremail.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 652 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash ff140a0dfb0caa27556fc4af2e19c79f
44772cd304141e74cd88f93df64794158a4d7e2b
ea44f6d49881d87e9d0d90901eada5baa41ef8d785ada738d8a3d3a058c13220
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/icoremail.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "c98be00a53f95b695f374f2ba335cd7d30313d4329659195133689332b654129-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.571764,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 31909
X-Firefox-Spdy: h2
hh1iil.web.app/images/zoho.png
199.36.158.100 21 kB URL GET hh1iil.web.app/images/zoho.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 607 x 136, 8-bit/color RGB, non-interlaced\012- data
Hash 155742f1ccb76052fd6febd94e51cfea
31ee60f98e709552f668b4f94a9d8728014056ad
f66609bb86cb9b6a805c499e61811192c05f73a62e21eae1326b45d364fd72d2
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/zoho.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "92e24c89f1f4fdef1b62ee62c03fefc644948693964e2be722da467e3f167bdd"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.571848,VS0,VE0
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21248
X-Firefox-Spdy: h2
hh1iil.web.app/images/cisco.png
199.36.158.100 28 kB URL GET hh1iil.web.app/images/cisco.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 2400 x 1271, 8-bit colormap, non-interlaced\012- data
Hash 5cb5bf90c01997b69d54993c77ccd6fd
93a54a8d1c132c095f8118d45cd0ab0b301d3c83
eff231b51c6cf96650d49f67dfe9d5197c00ab1e41a8e6a6b88dccb317d7fad7
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/cisco.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "e4977c048d6efb4c124b8bd07a82d259e10589225d7d76b8c61b5e7b6639bd6d-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.571420,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28493
X-Firefox-Spdy: h2
hh1iil.web.app/images/mailprotect.png
199.36.158.100200 OK 4.4 kB URL GET HTTP/2 hh1iil.web.app/images/mailprotect.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 450 x 112, 8-bit colormap, non-interlaced\012- data
Hash 5a42caf7a3c97538d418ffe87d69fba3
694c1635f4d07010cc72adb66d83641c4ceedfe8
a80643b15ef5d3d689760452ab7411c7d8bf35ad14c1d08de3683134148138a4
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/mailprotect.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "efc7ede72d48127ae388016c96ec4a638eff1f1218bbfc9dc6753bec1ab514a7"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.587341,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4443
X-Firefox-Spdy: h2
hh1iil.web.app/images/sm_logo.png
199.36.158.100200 OK 20 kB URL GET HTTP/2 hh1iil.web.app/images/sm_logo.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 308 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash 54d083d530d52007ac9913a92a0ae88a
ee9136bde3b102856b7f623b8860e3a60ceb1af9
ab7ae3b697c2eaa54dbf1350879bb3eadfdca065454ae7066a7d5b3a7c23b316
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/sm_logo.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "2ef2c2dc6c4f4d73a701107f14aa1d71257ef1c1742b1ffb19adc32b27bc4b5b"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.587639,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20173
X-Firefox-Spdy: h2
hh1iil.web.app/images/bluehost.png
199.36.158.100 40 kB URL GET hh1iil.web.app/images/bluehost.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 814 x 230, 8-bit/color RGB, non-interlaced\012- data
Hash 0332771276de40f2ba51a7d014ab6840
9eb58f5267ee13962e7e50358ff0227b76562abf
3e996db8d3efab6c312722c8001d384068bdb69947309f3777eb824d0570fd60
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/bluehost.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "2ce313ef4c88404cb3dab7b09f0f7eab1110b81153b3ecf2ee56ac383ef2903a-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.587659,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39513
X-Firefox-Spdy: h2
hh1iil.web.app/images/proofpoint.png
199.36.158.100 126 kB URL GET hh1iil.web.app/images/proofpoint.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 3356 x 646, 8-bit/color RGBA, non-interlaced\012- data
Size 126 kB (125512 bytes)
Hash 5237fdacf20a4b52e937e80ad04a290f
3ebe43e5d1bd3bd50159dca171697a4efbe0eb4a
becc811da3241568d19bbd5293dd6e60c4e9da46dc517e0663986a939ca44418
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/proofpoint.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "8f1990f3f7636c8e83f3d6c812ba39fc2c0c99f4970f40202bb695d259d4c6ea-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.571755,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 125512
X-Firefox-Spdy: h2
hh1iil.web.app/images/chinaemail.png
199.36.158.100 14 kB URL GET hh1iil.web.app/images/chinaemail.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 403 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash 7726dfe0a0dd607f721aebdebeccef09
bb641b6db361262c121faaa3970d9697f4e3fa1c
3bac7ef48293684121ef0b7fc5c544fa112851f2d5308310af3641cb715092af
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/chinaemail.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "74382ca485a8944c1a5f1e09eb5749b103a046c6cec3f4235b3fba8c3284375c-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.606332,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13761
X-Firefox-Spdy: h2
hh1iil.web.app/images/amazonaws.png
199.36.158.100 59 kB URL GET hh1iil.web.app/images/amazonaws.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1200 x 451, 8-bit/color RGBA, non-interlaced\012- data
Hash 8261cc598c7249d515aae0e938445649
a0560b4a6845bcc8e854c5794fff44dd798cdbc4
b62c9b1690f95215d8983019191b6a003ebaa41e80c6c67cbf562fc6f588315d
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/amazonaws.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "d7858382ed4e20e2adb0291a4c5c7d4bc659345a0ebe0652fb697f92a6e1fc55"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.601283,VS0,VE7
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59085
X-Firefox-Spdy: h2
hh1iil.web.app/images/communilink.png
199.36.158.100200 OK 5.6 kB URL GET HTTP/2 hh1iil.web.app/images/communilink.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 210 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash 9be1a837c71cae776a54312c376688d5
dc4fe2ae374f9998063c9e823af8a3162e15d93a
3e3d7633600881f807339aa35ef5e56001e6dff4605e05bb79ade9fbd803548b
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/communilink.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-type: image/png
etag: "0399bef4e39b8ffe4b2394c3baf71e8069dfb689d9770201f3f7638b126c0ded"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.607461,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5614
X-Firefox-Spdy: h2
hh1iil.web.app/images/mailapp_logo_141212.png
199.36.158.100 2.0 kB URL GET hh1iil.web.app/images/mailapp_logo_141212.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 256 x 36, 8-bit colormap, non-interlaced\012- data
Hash e6a8e95e49019f9234b6a91eb082c66b
1096ea00f1c9452e7fa7ae83e4b5db426673be49
d7916ca92b82038f9fb31b42361f28ec13a1c9339088ad8bd5911eb616003419
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/mailapp_logo_141212.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "0afc6df680e4a4dee3c467c8b9923d58c0ebcc7ef325698a8fcfa92a3e9c6948-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.537403,VS0,VE81
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1979
X-Firefox-Spdy: h2
hh1iil.web.app/images/mail.jpg
199.36.158.100 29 kB URL GET hh1iil.web.app/images/mail.jpg
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 635x480, components 3\012- data
Hash cc329c14b679b4b5c91175b58947aa3a
60f72b2caf7a7bb5af072431b2afc6c47e26d56c
2f1e0b5b9f1bc293b06fbef86413bde5e9c9792fc4bd99b5ec42abfbed3138f3
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/mail.jpg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "9e258451aafcd4389df181a6696653eef4adbc311a191d780d93bc7e8cdc315a-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.537412,VS0,VE83
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29287
X-Firefox-Spdy: h2
hh1iil.web.app/images/one-com.png
199.36.158.100 17 kB URL GET hh1iil.web.app/images/one-com.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 630x168, components 3\012- data
Hash bbbda7b01ce2cb931c902f7e2458a535
742044bd6c98ece22835898e6d1905e43dc712a6
d3e8d09dc713efb17cdf056cdcab4809e131714d961c6e56b629b3f1020e5c4c
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/one-com.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "1d155eca46add202fef77095da5c12efb380b812e0ee70c5ca5884fd22e560d7-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.570529,VS0,VE67
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17375
X-Firefox-Spdy: h2
hh1iil.web.app/images/bar2.png
199.36.158.100 39 kB URL GET hh1iil.web.app/images/bar2.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 748 x 278, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f7449abc2ba5835099a9f84960f03e6
9bcabdbf6415f669ec5f2d25a1cbc59cb707555d
bba9dc42160ee6c6786e970f2411e7d697b59d4b91ea879fae022ccbdf712be9
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/bar2.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "70acc3ff12fed48314fff0e2812f733ee38b2034f6520398098cc1363adc8560-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.537572,VS0,VE111
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39444
X-Firefox-Spdy: h2
hh1iil.web.app/images/rediffmailpro.png
199.36.158.100 36 kB URL GET hh1iil.web.app/images/rediffmailpro.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 768 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 3379ba0cfceccefa8e4630e6f7c16c40
703d27a4940571543835addaa01fa9c44394bbcd
06a73f5e2ba3b74db00863eff5062fd7c0609dd2d34e3985d48c2ae2f8392fd3
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/rediffmailpro.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "b0da2b83313a4a3e8c330911303b5ece9b082c11777249ffd40549342fbddfff-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.537368,VS0,VE111
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 35540
X-Firefox-Spdy: h2
hh1iil.web.app/images/logo3.png
199.36.158.100 18 kB URL GET hh1iil.web.app/images/logo3.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 678 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 0eba45fe16da1f9d4f959f07ff7f1e34
7bd2638a397353be342b01a62d21f7025cf28102
3a5849148cf4670a48b26a4e93efaba384d549ea599add4c89da9be3c4620ad5
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/logo3.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "0b35a3a2af14b518f2a494821e756b28af06d8d7be3081f3aa547cf344da0df8-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.537625,VS0,VE113
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17859
X-Firefox-Spdy: h2
hh1iil.web.app/images/abchk.gif
199.36.158.100 8.0 kB URL GET hh1iil.web.app/images/abchk.gif
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type GIF image data, version 89a, 450 x 56\012- data
Hash e8a59d6e204f09b59bb24b9f1c754992
787392b64e7c03cb851a0c632d268af913fbf549
c6da29c0e197ed6fbcc95816020f4b8ecf422967336fbda363829e3fb37805a6
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/abchk.gif HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/gif
etag: "5bbdac4fe2ee8822e344d15b3f204695b3691d78a0a307059be7f969d917d14c-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.664091,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7957
X-Firefox-Spdy: h2
hh1iil.web.app/images/appriver.png
199.36.158.100 56 kB URL GET hh1iil.web.app/images/appriver.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1000 x 393, 8-bit/color RGBA, non-interlaced\012- data
Hash 1287f31b82f86b2882b435b80209c835
2f16c80c0a6400d759b4401db5b688191c3ff31f
3869b3cc095dd94e43c84b0f341871888f73983cca65bfe61ada11a2c11e3e2c
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/appriver.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "c4ed6d5dd87156f9fb703b957327ef3a2b92487e0a241ba9b647ae6262a760c7-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.667657,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55719
X-Firefox-Spdy: h2
hh1iil.web.app/images/networksolutions.png
199.36.158.100 93 kB URL GET hh1iil.web.app/images/networksolutions.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1014 x 253, 8-bit/color RGBA, non-interlaced\012- data
Hash fb01fbd01a12fd460351c3c796f3e709
8bedcc7e587c2e344fbc72e5fa3de780b7889bd5
468bffcd5ce5d92dc0d2be0c8727bb60ea08541e7fd4de8d5c7649a150c4a566
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/networksolutions.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "c551841a655c8c3da0cfaddddfad96d5eb632873e4aa703de901c602ca56c5d5-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.538065,VS0,VE148
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 93153
X-Firefox-Spdy: h2
hh1iil.web.app/images/centurylink.svg
199.36.158.100200 OK 1.9 kB URL GET HTTP/2 hh1iil.web.app/images/centurylink.svg
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2172)
Hash 24bd77031fa624c5dbd1da50aed1c6bd
911df5270a2e85a42d4610125f7ce06555150828
bddb86b72f88dbaf9d3f3cfe9a1ad695a960cdc3bcf1a2f41f1876e70cb08d6b
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/centurylink.svg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "6ad96ea84f79935063875f4f5403ed27fe5254d680c687f7f039b272e83e6d97-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.687345,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1932
X-Firefox-Spdy: h2
hh1iil.web.app/images/antispameurope.png
199.36.158.100 11 kB URL GET hh1iil.web.app/images/antispameurope.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 900 x 112, 8-bit colormap, non-interlaced\012- data
Hash 449d2b956252efa9de969de69e27c325
887b79592ab523e2d1c09736e28a0b0155df8c09
efe0974fc6be18035522f6d426c8b263ab3670f8d0141d049780577a1233cacb
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/antispameurope.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "2ada9c64d1e7076e77ab6265bad2708052eed5dccbac46f6c4066b2637a8ad44-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.687110,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11179
X-Firefox-Spdy: h2
hh1iil.web.app/images/mimecast.png
199.36.158.100 30 kB URL GET hh1iil.web.app/images/mimecast.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 495 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 607e49134596c82c0d4b8e2ed36447bc
758b0477a6b8d8346880d64a1b18c506406148b3
199832ffaa7e76cf198ccb2e2271e32d1d381b74a2f1d51fde6454e2f8f0407b
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/mimecast.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "f7ed76580c5d98dc77cfe0eab3ae296a35092f9331ad2901bd618b48fe991747-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.578058,VS0,VE129
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29944
X-Firefox-Spdy: h2
hh1iil.web.app/images/appliedexch.svg
199.36.158.100200 OK 731 B URL GET HTTP/2 hh1iil.web.app/images/appliedexch.svg
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1956), with no line terminators
Hash 621030dc47ec132e9432690d046e3d42
8ec98c3fd39f2de0b793eba7169ed18608d35a7f
eba244412a691d204430b1e2706bc24d6051fb9bc94269f0bf73c9b7c6549e52
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/appliedexch.svg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "ef1f9efaefa1649c168a0a501a03c63a53075bf385f4382ac4cb79788b4b4e02-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.717351,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 731
X-Firefox-Spdy: h2
hh1iil.web.app/images/upE.png
199.36.158.100 15 kB URL GET hh1iil.web.app/images/upE.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 678 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash 604761878f8be0085a9c6c918a25f12e
9b8fe36d57b019f2ae533ca37b67d29a20f64298
4a8f39204ede049ea5897996a93177c624975cca529463f24df0579d678765d0
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/upE.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "a0e1b276602ab4d06bcf8736ea0a63767cbd20db14326fcec57cd5127d6c1e90-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.728981,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15384
X-Firefox-Spdy: h2
hh1iil.web.app/images/yandex.png
199.36.158.100 25 kB URL GET hh1iil.web.app/images/yandex.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1280 x 309, 8-bit/color RGBA, non-interlaced\012- data
Hash 898ce1c6dd03140573d79822cbe85459
47802d2bfb5856257ccade12992388e0a787f245
d54ae78bab189ea59a6668fa34efdc7df4e34f00af22c6d6cb65a434eddc320c
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/yandex.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "929889c95c54c420793dd9b6a740f74bb033641876a2d5328cb36c3b9d15b6ae"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.672954,VS0,VE64
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25361
X-Firefox-Spdy: h2
hh1iil.web.app/css.css
199.36.158.100200 OK 16 B IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with no line terminators
Hash 84dc6f6eb165e40e17bfcd25fe05772d
15193ea58dae366371bc3d93b0ea2ef692ec1654
a3248da8f3c61d39eab838800354a10ee1a7bf18c3a7e408aa4bd953f69837a0
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /css.css HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=3600
content-type: text/css; charset=utf-8
etag: "e929f6098de013ac08d8ffd64a567ea65def5c26e2e84aabc6163837953ec660"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.743469,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16
X-Firefox-Spdy: h2
hh1iil.web.app/images/22z.png
199.36.158.100 8.0 kB URL GET hh1iil.web.app/images/22z.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 742 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash f7d53cc6a698b7a9814163fd08d6a620
294055c5abc4b4fc849e1cdadbee3fc5db06da9f
70abcdb6827abc9ac5ab9140db78de248d5121a51085f1cbe615cd0b244f016c
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/22z.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "9dfa8b265433b4fa623ce6c0bdbcae947ea4ff3051dca2db12d14066de72a32d-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.743578,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7974
X-Firefox-Spdy: h2
hh1iil.web.app/images/imgES.png
199.36.158.100 25 kB URL GET hh1iil.web.app/images/imgES.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 694 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash d7e25ab4fc1000157e2b4f1f8aa4b364
55350a81c021bca29706b9f883067f557b1a58fa
c6ca5fc667ab54130ce49e5351d2dfc2f2da43abf107879e508b9e373aab2170
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/imgES.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "50b30adb35a27142215d886e10bd060c859051dfba6911e327a4109f298ebde9-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.752435,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24785
X-Firefox-Spdy: h2
hh1iil.web.app/images/email-logo.png
199.36.158.100 244 kB URL GET hh1iil.web.app/images/email-logo.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 600 x 596, 8-bit/color RGBA, non-interlaced\012- data
Size 244 kB (244517 bytes)
Hash f58c7e5aae47b6ad085bfc141454ecbb
597884caffb1fe40827f75c5fe3f5a1200e6b7f6
7b6dc2f1897bd365bd6331bcc118405739d7a9255c1187b28e70f6ba1a3798e1
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/email-logo.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "fcaa83440306b9249b6239fdae1f05903f2937a21f109f6527f263ca4d746099"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.752280,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 244517
X-Firefox-Spdy: h2
hh1iil.web.app/images/zoho1.png
199.36.158.100 48 kB URL GET hh1iil.web.app/images/zoho1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 647 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash ba3702bdbe72f0d08b16ab43bebaa17e
69a9a80dfe807a24fa3e822e02f5b0a14b93146b
0018abd0bece4b3d99d45fc953718d895130b956209c34519ff0723a7bd2b1b5
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/zoho1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "2b47262bf5b768e434b5b6c925625ac0d001373a549c9cdb9f58719c1d0cd10e-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.756954,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47548
X-Firefox-Spdy: h2
hh1iil.web.app/images/upES.png
199.36.158.100 22 kB URL GET hh1iil.web.app/images/upES.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 678 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash 11a592253aeaa9a34bf2c7b73ca91363
acf8a1482f5647b22df116cb65b9fc8faec50f78
665d9240438b1ba264e19f4338275b6133bc6cd6e98286e4dd493ed7edbeaff8
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/upES.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "20505ed14f414cb97f2a25b91fbc495d60a983db3a2b2d10f46f2f3e50a97373-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.758941,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21473
X-Firefox-Spdy: h2
hh1iil.web.app/images/barEE.png
199.36.158.100 122 kB URL GET hh1iil.web.app/images/barEE.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1272 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (122398 bytes)
Hash d4f6d83016b3581864c3d8e65db01bc4
1ca0ec7907c5aa782a21e19bfc471da4e4646945
e18a309fa4dae2dc4b5097501b036ee2b087d56f4e7722fbd5da10822e446c45
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/barEE.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "dc2619ea511bda0d8363a21c1d9ee3f8610a110982503795764a6d9a4909fef7"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.758771,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 122398
X-Firefox-Spdy: h2
hh1iil.web.app/images/webmail.png
199.36.158.100 64 kB URL GET hh1iil.web.app/images/webmail.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1488 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a8f4a61dbcc12ce5a52316c09c8b120f
2000a86853d6815a8c5846fb9b8fa0e3a93cf50c
60e051edfcd4d9c2bec25fd8dbd244a9c72dc5d6b9bf68fc4165be57b51e13c2
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/webmail.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "8b0575b2aab0a9a441aea4790ad865b30ed8b34607347a94ed229a5af2e4d32e-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.755526,VS0,VE6
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 63976
X-Firefox-Spdy: h2
hh1iil.web.app/images/webmail-logo.svg
199.36.158.100200 OK 2.1 kB URL GET HTTP/2 hh1iil.web.app/images/webmail-logo.svg
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5377), with no line terminators
Hash 3346a43e51777b50cf7bc986386fb72d
7897689cfebe45b614b91a2c3e1fe301dc898dff
5d1fa6d90ce37731dac43d77fa533d1766a3a86a593249ea6e01bd1027ebbd40
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/webmail-logo.svg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "42dcf5b70e5baa7d04395a36651eb6c3371cd7791c16969d535407d76c7acef6-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.750781,VS0,VE11
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2112
X-Firefox-Spdy: h2
hh1iil.web.app/images/22zES.png
199.36.158.100 7.2 kB URL GET hh1iil.web.app/images/22zES.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 742 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash f7c3e89a2c91a43779102064f77d070a
1320b7ec9ce6a9c1ff9336fab4a1417ea4a21286
45e0e5c41c9824ba33f1b1fcc7211c102b6b2e4b6eee6934cc0019485cdbd498
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/22zES.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "55e15e5ce152c8262735725b3fd86227c7f5e165282f9d1349d0c1712806a305-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.765486,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7243
X-Firefox-Spdy: h2
hh1iil.web.app/images/jp1.png
199.36.158.100 6.9 kB URL GET hh1iil.web.app/images/jp1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 742 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash d366f713e3b1a1dd526919213eaa0fd9
f45579628a864fbd02a7ea68e9bcd055cc48c04b
f07c7c0f2148853f079309e0d65ca0b67ef639d6a8199842f95906498291e064
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/jp1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "d34a28d736cdf2ec2269975d9ba904c41af576bdc2759fee8960b5e7cac95681-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.766833,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6943
X-Firefox-Spdy: h2
hh1iil.web.app/images/jp.png
199.36.158.100 15 kB URL GET hh1iil.web.app/images/jp.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 674 x 194, 8-bit/color RGBA, non-interlaced\012- data
Hash 69bb6f84af7c32ea431bde5c19e9c7dc
5593d908bb712234b6a6025b2b82a592a58c79b0
ba2d7b7a2e6917130153dc1eb4b092e25931b6b982d98c07e75086365f3e66c6
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/jp.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "c369d237efe0c7a7af5092177baafec22ce276a88c429f135d588999f483a7e2-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.766649,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15251
X-Firefox-Spdy: h2
hh1iil.web.app/images/mailhostbox.png
199.36.158.100 64 kB URL GET hh1iil.web.app/images/mailhostbox.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1669 x 306, 8-bit/color RGBA, non-interlaced\012- data
Hash af536e34fa5f148baf3cdfdf5ceb43f5
9419b8a217de3f9542e265a8e86baa1d25c67cc0
ed0ef3ee384224eb40c192f8f46a21c736961bdbf1908e4d34f2bbcc1952159c
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/mailhostbox.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "efa41e84542ead7da829375f6b3610fc2e251eaa86058540528b1f06b9407dd2"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.664268,VS0,VE144
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 64291
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.10.207200 OK 48 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.10.207:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 01/05/2023 13:19:14
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1082
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ebd89301ac2027627d481f7ac3328da7
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d30634a6af9fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hh1iil.web.app/images/alpha-mail.png
199.36.158.100 11 kB URL GET hh1iil.web.app/images/alpha-mail.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 300 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash a975966266b2eadf4f714320c940df07
ad19ffd7b2c03a35a7620c6333fc4d181717bf94
6ec7a1e6abd01504b0afd6faaef1cbdf2246a6a73049c32e3a3304136e6ca4f6
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/alpha-mail.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "e77281f9a71e207ff0d203e67dd0c40853af78d85bc2a380b6255005dcb70506"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.772538,VS0,VE83
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10943
X-Firefox-Spdy: h2
hh1iil.web.app/images/kr.png
199.36.158.100 15 kB URL GET hh1iil.web.app/images/kr.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 672 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash e0fea73da5ec63e94f74c4ab3f34c209
236cce0214c24b63fec86b21823e223a8cb0890d
57bb6b39c65818ba4964cae26b15959ac4904db706d2c02d86931f546d4722ec
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/kr.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "10e7106f838e85ec6d3c6a7b5e37f5ea9d98195bdd3e65be24ae128ab123b065-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.861253,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15113
X-Firefox-Spdy: h2
hh1iil.web.app/images/kr1.png
199.36.158.100 5.6 kB URL GET hh1iil.web.app/images/kr1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 742 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 3adc7eec1e592b7436720321fbcbfe6e
c622c77610cd2e2953b3da5a3ac7149cdf1db4b8
fcac17e6882cfa89c6965969baa4c9c3eefc1cf72be9e1626b8580b2a8aff8ec
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/kr1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "3c971913b6e351496103e9b5cc01f2410aff1123e6926dc51e57bba5386e7e2c-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.861778,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5599
X-Firefox-Spdy: h2
hh1iil.web.app/images/arrow_left.svg
199.36.158.100200 OK 251 B URL GET HTTP/2 hh1iil.web.app/images/arrow_left.svg
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (513), with no line terminators
Hash a9cc2824ef3517b6c4160dcf8ff7d410
8db9aebad84ca6e4225bfdd2458ff3821cc4f064
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/arrow_left.svg HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "4e7f626bb20831778d24d6db15fa7e7e40cac4f3418884335c69112ba62144d7-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.862024,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 251
X-Firefox-Spdy: h2
hh1iil.web.app/images/firstmsg1.png
199.36.158.100 7.8 kB URL GET hh1iil.web.app/images/firstmsg1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 353 x 41, 8-bit/color RGBA, interlaced\012- data
Hash 171e95241350097818ecc71ad59f3f8a
f63f42bb5982e02abdfa18cd801be4c4db90540a
f7bb8c87c9ab76081f182ccf8fbebd8d43da4e9b94cdbcaedfd2697c057c61ba
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/firstmsg1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 7822
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "75b27e0a6890d5ef05f72eaf7970626ac3e6a3f80de12e56117b1246a2b9d0f3-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.944220,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
hh1iil.web.app/images/forgpass.png
199.36.158.100200 OK 713 B URL GET HTTP/3 hh1iil.web.app/images/forgpass.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 121 x 20, 8-bit/color RGB, non-interlaced\012- data
Hash b19cac60e41c79bd974c1080088c6fef
ffe553d8ca430dd309494e910a989271648a4ddd
e29db32031dc537aee9cb557b408395f3324f1e0f744349c0cdf943a3af39296
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/forgpass.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 713
cache-control: max-age=3600
content-type: image/png
etag: "f1bc255f8081950b311cb61fe58357da797b95838d7dc6e1010ccf5f0f24bcc7"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.946432,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
hh1iil.web.app/images/LIMG-6387c83601f38.css
199.36.158.100200 OK 1.2 kB URL GET HTTP/2 hh1iil.web.app/images/LIMG-6387c83601f38.css
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 108 x 24, 8-bit colormap, non-interlaced\012- data
Hash ee236805d05e24861ce1b6b0e7d94b8d
d46828cf9df268ddaf62facf15590a447116aeb8
175986272200fb72da9a598d30016bbda9ddcaa9e6e3f07eb94bc74196d4b805
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/LIMG-6387c83601f38.css HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "de61b70ff4e846c3d14a8c65e181bf8a790eeaf781938210f3f7f756f7060a2f-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.861918,VS0,VE115
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1169
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.11.2.min.js
69.16.175.10200 OK 33 kB URL GET HTTP/2 code.jquery.com/jquery-1.11.2.min.js
IP 69.16.175.10:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32047)
Hash 5790ead7ad3ba27397aedfa3d263b867
8130544c215fe5d1ec081d83461bf4a711e74882
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
GET /jquery-1.11.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:43 GMT
content-encoding: gzip
content-length: 33262
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-176bb"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686051703.dop221.sk1.t,1686051703.cds248.sk1.hn,1686051703.cds264.sk1.c
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap-validator/0.4.5/js/bootstrapvalidator.min.js
104.17.25.14200 OK 12 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/bootstrap-validator/0.4.5/js/bootstrapvalidator.min.js
IP 104.17.25.14:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type exported SGML document, ASCII text, with very long lines (32057)
Hash 4d66f8e07cb1166be60710ba16cc90d6
d2cf09a21a10fff3b8dbcf3ab91eb6be64fbc2fe
a8c5cb039624fc9574b08f6beab86699ad9d4160c67e47ed21e8b851b0325214
GET /ajax/libs/bootstrap-validator/0.4.5/js/bootstrapvalidator.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 11:41:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 12439
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8f-dab7"
last-modified: Mon, 04 May 2020 16:06:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7592531
expires: Sun, 26 May 2024 11:41:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28bqXfo9gAI4M49Z6Dq%2BBU%2BGwlj77x4sVfMs8Ck8WkuzBUVRR2l3toCENwABhrVFjkXXoa3jlXxr9pX0bDSfOWGQbHYgRC61uazl%2F4o0BfvRO6WVcbX97FPYr88t6CEPCjuFK8X6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d30634dfec3067b-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js
104.17.25.14200 OK 4.4 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/axios/0.21.1/axios.min.js
IP 104.17.25.14:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (14271)
Hash 70489d9432ef978db53bebda3e9f4c14
f24d0bcc36027bce45c86acfba57b248edb6a3f9
24b9a49d375465e659dbaecb3fda81fbf0d3eedbf138e29cb5229e502d8a4fa1
GET /ajax/libs/axios/0.21.1/axios.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 11:41:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 4420
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fe182ae-3813"
last-modified: Tue, 22 Dec 2020 05:22:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1540328
expires: Sun, 26 May 2024 11:41:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WggGNgbgX8dlIy9WkDA86BbvJG%2FkISqmfnH%2FQAiciOVXzZrESzrYQX8Izk%2FoCNv8NxGVoyP6DlMXsGmwqfynAqx4656HNWawR8DzNGKMs7G9ps4Kk53mSKI2FAbAcoeTwlD6V3Lv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d30634dfec6067b-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
104.17.25.14200 OK 28 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 104.17.25.14:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 11:41:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6452928
expires: Sun, 26 May 2024 11:41:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BK5awFFGgJJIRqw9LlBx2SC1%2FfqkeHqidcfmk898s0kXrAOrA%2Fy5250zWVYG9g0Ga7ydEAoqO9f4%2FR10kz7cft4hWIVDqPscsd8DoUf1%2BwWXb8DynqDyXZOppinyYcTdszENrB%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d30634dfecb067b-OSL
alt-svc: h3=":443"; ma=86400
code.jquery.com/jquery-latest.min.js
69.16.175.10200 OK 33 kB URL GET HTTP/2 code.jquery.com/jquery-latest.min.js
IP 69.16.175.10:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /jquery-latest.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:44 GMT
content-encoding: gzip
content-length: 33202
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1762a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1686051704.dop221.sk1.t,1686051704.cds248.sk1.hn,1686051704.cds256.sk1.c
X-Firefox-Spdy: h2
hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH
142.250.74.161 66 kB URL hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH
IP 142.250.74.161:0
File type gzip compressed data, max compression\012- data
Hash 57a98d8a6547b418fc3c09a682ba0f65
4f7a9b6cf60a0dc3b129cec265bdf30d7e93a015
3ef37275fd4172fae5f25c5f2e844316e6f77cc2ae33afdd79cc563e4631b489
GET /host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH HTTP/1.1
Host: hh1iil-web-app.translate.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
x-robots-tag: none
content-security-policy: frame-ancestors *.translate.goog
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-encoding: gzip
date: Tue, 06 Jun 2023 11:41:43 GMT
server: ESF
cache-control: private
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+455; expires=Thu, 05-Jun-2025 11:41:43 GMT; path=/; domain=.translate.goog; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 11:41:43 GMT
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
151.101.65.229200 OK 84 kB URL GET HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP 151.101.65.229:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type ASCII text, with very long lines (65299)
Hash 7f389f5d2622ce2090eca7c36bcb90bc
ab27031159724e2421f6ff5c70f48e657abe9d39
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:44 GMT
age: 8997664
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1620-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 84152
X-Firefox-Spdy: h2
hh1iil.web.app/images/1.png
199.36.158.100 1.2 MB URL GET hh1iil.web.app/images/1.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 3360 x 1778, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1216025 bytes)
Hash aacf3a973d47ce3f74acd43480b24754
ba5e23f3bf5818cc96400f1c511f58107437cfaf
576b5902b3fb9ae061bf88b31c698554c39de566ba4bef220201d4853b352db3
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/1.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "c3c983ec420dc49a8556d150cd9d05d194bfa439b15da9a480e4727f2ab01e33-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051704.537659,VS0,VE5
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1216025
X-Firefox-Spdy: h2
hh1iil.web.app/images/BIMG-6387129910832.png
199.36.158.100 289 kB URL GET hh1iil.web.app/images/BIMG-6387129910832.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 289 kB (289153 bytes)
Hash 7d07c247e8dfd5bfaf9a7169b5c402bd
392cc7836ca5418f3e65cc67f5680b2a359399dc
345f500582fb5cfc20df5426c6b54bb0bcaa62eb0249a4a661dc9716a9edc006
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/BIMG-6387129910832.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 289153
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "0d421c50fe9a7ae8381ae23fb0ee3e3cad0cc5d09366c53bf01c377be6c6cd72-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:45 GMT
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051706.527891,VS0,VE2
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
104.18.10.207200 OK 18 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
IP 104.18.10.207:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:45 GMT
content-type: font/woff2
content-length: 18028
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "448c34a56d699c29117adc64c43affeb"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 11/15/2022 10:30:09
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: fb1e5508af9b7a22bde9c04cfbf83ed8
cdn-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d3063578e77fac4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hh1iil.web.app/js.css
199.36.158.100200 OK 2.4 kB IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type ASCII text, with very long lines (2607)
Hash 6c476058a5ac6849fbc745f660d88536
61414f19d39a6d6ac2f7230ef328368a99940aaf
2b208279cab054a06b85e32a4474d1f62d3025cbda56ea50fb0e1bd625e46696
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /js.css HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil.web.app/css.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 2377
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "9dad7f5296f434ecbed626b638b68b7157dd8ed3d0cfadbbe406b95f57b743dc-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:45 GMT
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051706.666201,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.25.14200 OK 77 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.25.14:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 11:41:45 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1762528
expires: Sun, 26 May 2024 11:41:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmX%2Bve2ywHPQ2rjF3IpZCr14ECiggsLvnlluipk5ZEZG3vaRJk2Qjq6GRhiUVyT8gRTopofey0UOEl8E6eD0sDDLrKCIl%2BLt%2FuyM193OmFT%2B34SO%2FIAEvR9uhXdk4WEgmwKLTfp3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d306359488e067b-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
104.17.25.14200 OK 57 kB URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 104.17.25.14:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /ajax/libs/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 06 Jun 2023 11:41:45 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 56780
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-ddcc"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2359871
expires: Sun, 26 May 2024 11:41:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYjNe0V9miNW7T2al414J4ZtU5ikkInfIgqz9BH%2BmyJeqUB%2FqG8y6g1a6AslgP0Ead1psyBXfTUGZCNVVw8UUpqbdXKDLwqqlK8j0N3pLcXituf91L7E5sXpM4TRp%2F85uLNOKJYY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d306359488a067b-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/am=0DkLAAQ/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/ujg=1/rs=ANkVxDnV-6qGu5HIVZlotd_Zg87DgAorNg/m=_b,_tp,_r
216.58.211.3 64 kB URL www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/am=0DkLAAQ/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/ujg=1/rs=ANkVxDnV-6qGu5HIVZlotd_Zg87DgAorNg/m=_b,_tp,_r
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2521)
Hash cc2b1d7f604d9a29ed8a96709e304f8e
be6f7bb4212fb6d17436d2dc2cd785b99d0029b5
90e4cd853ace948f70d8325c18c24048ef2b22becc7d7455c58f8587a040da02
GET /_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/am=0DkLAAQ/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/ujg=1/rs=ANkVxDnV-6qGu5HIVZlotd_Zg87DgAorNg/m=_b,_tp,_r HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-length: 64089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:37:35 GMT
expires: Tue, 04 Jun 2024 18:37:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 03 Jun 2023 06:22:13 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 61450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,pKzUve,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,Mlhmy,CXsKQe,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,P5Thrf,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,xQtZb,JNoxi,kWgXee,BVgquf,QIhFr,ovKuLd,yDVVkb,hc6Ubd,SpsfSb,KG2eXe,Z5uLle,BBI74,VwDzFe,MdUzUe,A7fCU,zbML3c,zr1jrb,Uas9Hd,pjICDe
216.58.211.3 89 kB URL www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,pKzUve,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,Mlhmy,CXsKQe,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,P5Thrf,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,xQtZb,JNoxi,kWgXee,BVgquf,QIhFr,ovKuLd,yDVVkb,hc6Ubd,SpsfSb,KG2eXe,Z5uLle,BBI74,VwDzFe,MdUzUe,A7fCU,zbML3c,zr1jrb,Uas9Hd,pjICDe
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2691)
Hash a65877796ecd89529a21e0e4d8cc7cc5
180a4f1d20bb0568d8dfce255f5b59fefaca02d6
1f659e71836a64edbb5d87f60d182753571e58e70faa547552b4c185f6b497cc
GET /_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=ws9Tlc,n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,pKzUve,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,Mlhmy,CXsKQe,s39S4,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,P5Thrf,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,xQtZb,JNoxi,kWgXee,BVgquf,QIhFr,ovKuLd,yDVVkb,hc6Ubd,SpsfSb,KG2eXe,Z5uLle,BBI74,VwDzFe,MdUzUe,A7fCU,zbML3c,zr1jrb,Uas9Hd,pjICDe HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-length: 88642
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:43:06 GMT
expires: Tue, 04 Jun 2024 18:43:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 03 Jun 2023 02:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 61119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
216.58.207.227 32 kB URL fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31568, version 1.0\012- data
Hash eb11bfb369775ff0739dabb3a5f379cc
2eebaea2f7080c0b256fbfc70ab91473243af0f8
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
GET /s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://translate.google.com/
Origin: https://translate.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31568
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 21:56:42 GMT
expires: Thu, 30 May 2024 21:56:42 GMT
cache-control: public, max-age=31536000
age: 481504
last-modified: Mon, 15 Aug 2016 20:30:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hc6Ubd,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=sJhETb,i5dxUd,m9oV,JH2zc,bTi8wc,i5H9N,RAnnUd,PHUIyb,VNcg1e,DFTXbf,t1sulf,uu7UOe,wg1P6b,J1hrIc,sMS7Ab,JWUKXe,soHxf,xzbRj,qNG0Fc,HwavCb,qRXAtf,yRXbo,ywOR5c,tQKCld,thZ3rf,L2d1X,tsNC9c,QM0Gm,PxcVCe,JzDP5e,rFVO7,W225x,cSdwA
216.58.211.3 75 kB URL www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hc6Ubd,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=sJhETb,i5dxUd,m9oV,JH2zc,bTi8wc,i5H9N,RAnnUd,PHUIyb,VNcg1e,DFTXbf,t1sulf,uu7UOe,wg1P6b,J1hrIc,sMS7Ab,JWUKXe,soHxf,xzbRj,qNG0Fc,HwavCb,qRXAtf,yRXbo,ywOR5c,tQKCld,thZ3rf,L2d1X,tsNC9c,QM0Gm,PxcVCe,JzDP5e,rFVO7,W225x,cSdwA
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (1657)
Hash ea1c48f8f231a77d9fac3a4615b54e0c
92bb03c4dfa9cc2c430613e736adcdc16f490430
0c52e5ad8bc4bce5fabe7818c7fd703ade7a7e1cd66db819a74036c45575fd52
GET /_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hc6Ubd,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=sJhETb,i5dxUd,m9oV,JH2zc,bTi8wc,i5H9N,RAnnUd,PHUIyb,VNcg1e,DFTXbf,t1sulf,uu7UOe,wg1P6b,J1hrIc,sMS7Ab,JWUKXe,soHxf,xzbRj,qNG0Fc,HwavCb,qRXAtf,yRXbo,ywOR5c,tQKCld,thZ3rf,L2d1X,tsNC9c,QM0Gm,PxcVCe,JzDP5e,rFVO7,W225x,cSdwA HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-length: 74713
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:43:06 GMT
expires: Tue, 04 Jun 2024 18:43:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 03 Jun 2023 02:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 61120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
216.58.211.3 663 B URL www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1660), with no line terminators
Hash 554640f465eb3ed903b543dae0a1bcac
e0e6e2c8939008217eb76a3b3282ca75f3dc401a
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
GET /images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 663
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 12:24:45 GMT
expires: Sat, 01 Jun 2024 12:24:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Origin
age: 343021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/i/productlogos/translate/v6/32px.svg
216.58.207.227 3.2 kB URL fonts.gstatic.com/s/i/productlogos/translate/v6/32px.svg
IP 216.58.207.227:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6020), with no line terminators
Hash 67c66ecfc5021ae0cfbdf32bdee91688
2d7b977111e97df855d96daf2e5ca7f07ee8cc43
99294fad3e114681d7504cad26b5d425bf7bb98c82bb4abce603e145ba2e3e17
GET /s/i/productlogos/translate/v6/32px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3169
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:35:12 GMT
expires: Wed, 29 May 2024 17:35:12 GMT
cache-control: public, max-age=31536000
age: 583594
last-modified: Wed, 27 Jan 2021 09:57:55 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
use.fontawesome.com/3fa6ba2462.js
172.64.132.15200 OK 7.2 kB URL GET HTTP/2 use.fontawesome.com/3fa6ba2462.js
IP 172.64.132.15:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type Unicode text, UTF-8 text, with very long lines (9239)
Hash bdfa9d3207034749e3bfc269c11d9a97
3103c5cddffe98877f2fab28f426d4273fcbf1cc
4ba4997b46862ba86edbd4e739cbe478bf9a1a1f2f4340c89df7edd8e0b04bb3
GET /3fa6ba2462.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:44 GMT
content-type: text/javascript
x-amz-id-2: 47IsLfErEqoJkimBgzxCzOKMwdVSc+vQKZl9gSULJX/AS132SCXXYatVk3sqpOaAKl4N06vhB00=
x-amz-request-id: HW4GS1010MQMP5TG
last-modified: Wed, 30 Jun 2021 18:35:04 GMT
etag: W/"bdfa9d3207034749e3bfc269c11d9a97"
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QwuVan7Hwd1vkeVQ%2BG3aNGMTb5bPoIy8p%2B72OMzfSf1i6OMThL50IqQ3gnSAZhPGefuAU0OZMGg%2FLbYkfFZuCu5Oo7WM1t2qUbOtK%2BBOrxJcKC5RBFFWtfLlFJGbt3A38qWx2Qq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d30634e3ce7889d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
216.58.211.3 5.4 kB URL www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2314)
Hash 9a8001de365ed6b3d68dbe5a03793322
fad40a2f778efbce6f9e9929a7a5c484d5cdf60e
ec07820348ebcafc3f77066fcde353773aa326b03cf061db94b21a63f3a81e45
GET /_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-length: 5411
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:43:06 GMT
expires: Tue, 04 Jun 2024 18:43:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 03 Jun 2023 02:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 61120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/translate/pwt_hackathon_bard_logo_processing.gif
216.58.211.3 112 kB URL www.gstatic.com/translate/pwt_hackathon_bard_logo_processing.gif
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type GIF image data, version 89a, 64 x 64\012- data
Size 112 kB (111830 bytes)
Hash cad066aa5000d5318ec2aeb1ff09fc92
874e026942b1621477ec77c0dc2443b8222e19d5
f1c19def8abe99d6e922755fc028d2cf35bf3419b020d7f955f1c202d2c7936c
GET /translate/pwt_hackathon_bard_logo_processing.gif HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 111830
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:19:54 GMT
expires: Wed, 29 May 2024 17:19:54 GMT
cache-control: public, max-age=31536000
age: 584512
last-modified: Thu, 16 Mar 2023 15:58:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate.google.com/translate_a/element.js?cb=gtElInit&hl&client=wt
142.250.74.174200 OK 306 kB URL GET HTTP/2 translate.google.com/translate_a/element.js?cb=gtElInit&hl&client=wt
IP 142.250.74.174:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type gzip compressed data, max compression\012- data
Size 306 kB (305469 bytes)
Hash e4553192e57e248ffb4a22f4a77c2d2d
9ef7c4ca354b502d21ad794a48033627196e1da6
3079bdb1f17c5273f5652225c1334d7cd4727beeab57abd8fe0047b5054738d8
GET /translate_a/element.js?cb=gtElInit&hl&client=wt HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Jun 2023 11:41:44 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+543; expires=Thu, 05-Jun-2025 11:41:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
216.58.211.3 688 B URL www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (755)
Hash 668fcf2c065fcdb17291f97926392e47
f3bcf41198e2b6f5c1fd7676d7a7388ca3f901b4
d61608853eb6428d092d8862f205fdd6e0410cf877bd0bb21e51020ff780f698
GET /_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-length: 688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:43:06 GMT
expires: Tue, 04 Jun 2024 18:43:06 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 03 Jun 2023 02:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 61120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,bm51tf,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
216.58.211.3 2.8 kB URL www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,bm51tf,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP 216.58.211.3:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (732)
Hash 2739dbf7ce76cef27213ae3d52bc62bb
f3631d4aa31d9770b61d312e37d358da6ab1af74
5ce7be328a74c93a2229329b1af3a8d9dd5e056d0e4c438dbf86e3dedca5c6a3
GET /_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.26hw_TPT7Cg.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.H-GBM4VE6n8.L.F4.O/am=0DkLAAQ/d=1/exm=A7fCU,BBI74,BVgquf,COQbmf,CXsKQe,DFTXbf,EEDORb,EFQ78c,GkRiKb,HwavCb,IZT63,J1hrIc,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,P5Thrf,PHUIyb,PrPYRd,PxcVCe,QIhFr,QM0Gm,RAnnUd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VwDzFe,W225x,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,bm51tf,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,kWgXee,lsjVmc,lwddkf,m9oV,n73qwf,ovKuLd,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,sMS7Ab,soHxf,t1sulf,tQKCld,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,xzbRj,yDVVkb,yRXbo,ywOR5c,zbML3c,zr1jrb/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/ujg=1/rs=ANkVxDlvYbdYLBxakj_K-xSEeJq_dwg2qg/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-length: 2789
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:43:07 GMT
expires: Tue, 04 Jun 2024 18:43:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 03 Jun 2023 02:24:46 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
age: 61119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
216.58.211.3200 OK 34 kB URL GET HTTP/3 www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
IP 216.58.211.3:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (2323)
Hash f11683619060562ac167884ad81a8042
a1ccb30a0dc72de01bebf6823996b56e172c1b90
47320728cc0affc16116768c6663a7fdfd68e0af8746a77b902bdca14d96909a
GET /feedback/js/help/prod/service/lazy.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-length: 34064
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Jun 2023 11:21:59 GMT
expires: Tue, 06 Jun 2023 12:11:59 GMT
cache-control: public, max-age=3000
last-modified: Thu, 01 Jun 2023 18:20:18 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 1187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hh1iil.web.app/img/favicon.ico
199.36.158.100 56 kB URL GET hh1iil.web.app/img/favicon.ico
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60016), with CRLF line terminators
Hash af93f378a525e87c0d8d41e47881c312
4b704fc82c70466204c940ee11e1ad0763c0d2ec
c920755e8d6c39a7b30a08cef053d2482fc2e3b22ab99696fd7e57bd6a8dec13
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /img/favicon.ico HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 55880
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "d61d715e843adb551cb72f4c94d7bbea00f1e890779f249bb25a02873168c126-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:46 GMT
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051707.699215,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
play.google.com/log?format=json&hasfast=true
142.250.74.14 131 B URL play.google.com/log?format=json&hasfast=true
IP 142.250.74.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://translate.google.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1160
Origin: https://translate.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://translate.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 06 Jun 2023 11:41:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+711; expires=Thu, 05-Jun-2025 11:41:47 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 11:41:47 GMT
X-Firefox-Spdy: h2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
216.58.211.3200 OK 4.2 kB URL GET HTTP/3 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
IP 216.58.211.3:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (23228), with no line terminators
Hash edf649e1b11a33833272345187bd4eec
73427e2ab282e5f89021e1c7d20f83eaf9830283
553d768412bca504a0c8771705f681dad359370bdcea637298ca5aa486017a06
GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 21:45:55 GMT
expires: Fri, 31 May 2024 21:45:55 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
age: 395752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hh1iil.web.app/images/bg_v3.png
199.36.158.100 9.6 kB URL GET hh1iil.web.app/images/bg_v3.png
IP 199.36.158.100:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 300 x 860, 8-bit colormap, non-interlaced\012- data
Hash 4193590606fb8aabf4db068a4e80470a
4887200aed6e0db012d38e037afc2de221f77bcb
dd8b4abb72cdfaa00427d235cfa1a0efe27f528db7b61669d7328404d49cb623
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/bg_v3.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil.web.app/js.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 9640
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "108ce5e794232879c9364dc8f3acaa03f428b98a1ebbb62769bd8a71dc0af247-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:47 GMT
x-served-by: cache-bma1652-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1686051708.556490,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
172.64.202.28200 OK 90 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
IP 172.64.202.28:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (60130)
Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh1iil-web-app.translate.goog/
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:45 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 329cb27be8d7871661ed5a94ecaacb28.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: gZUKjmR6FHkeaLZeZJ36bIX3HA05AgRleOUKOUBjwr4hAK2ruvaVxg==
age: 163763
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mFXutPWuGdSxVfS5VnCq7qMJk9dSg8W%2FVS72D2G0BAkh1IWjI%2B2TReVJ4sS3LVsHDAo8sQ1DG%2BNwT7pWus6GU4K%2F2xYG3ejVrOwRg0yVeCmFvA%2FssaJMbvbUnoTuMGDAgFm3FPu2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d3063582ef9773d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
172.64.202.28200 OK 78 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
IP 172.64.202.28:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 78168, version 331.-31196\012- data
Hash a9fd1225fb2cd32320e2b931dca01089
44ec5c6a868b4ce62350d9f040ed8e18f7a1d128
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
GET /releases/v5.15.4/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:47 GMT
content-type: font/woff2
content-length: 78168
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "a9fd1225fb2cd32320e2b931dca01089"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 c9e93510e33ab69af0de2f41455fbb80.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 65hcGUekKqy3Q0hB-0U5mb5PtTCSiUxNyaUb_aWTg936y-PVVJxqQg==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUBJBhdDAT9aFUhy7A3sgUJds8yerzHMQ7f6kocpx3orQHDKsaZGm4BbnknEqktYNtsTRdTOp2uhTwtk2mL8cWiswY%2B6JmkkcYZ4DDbnazCdXfSu76vwuCKbQHPZeDqtJNQFaHF4Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d3063656e8d773d-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
216.58.207.227200 OK 3.3 kB URL GET HTTP/3 fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP 216.58.207.227:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators
Hash 2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 08:05:11 GMT
expires: Sun, 02 Jun 2024 08:05:11 GMT
cache-control: public, max-age=31536000
age: 272196
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
logo.clearbit.com/kheslc.com
54.230.111.15200 OK 9.7 kB URL GET HTTP/2 logo.clearbit.com/kheslc.com
IP 54.230.111.15:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerAmazon
Subjectclearbit.com
Fingerprint31:EB:6C:93:D2:64:5D:C7:18:D5:50:63:59:4E:0E:0D:87:08:36:3D
ValidityTue, 21 Feb 2023 00:00:00 GMT - Thu, 21 Mar 2024 23:59:59 GMT
File type PNG image data, 128 x 127, 8-bit/color RGB, non-interlaced\012- data
Hash d9b217db70c73db99a598b986455653f
3202633b2f12e77f7cda7e56f2581c2c596001aa
b0cfa7f328ef91850644d0ffd4be8c5f2b1d6e33b0e5d1ff8607b46114aca19c
GET /kheslc.com HTTP/1.1
Host: logo.clearbit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
date: Wed, 24 May 2023 10:33:49 GMT
x-envoy-response-flags: -
server: envoy
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Hg2gkX4854Vay29i9TOWoCOZLe5ygAUkxu_WMxcFBjbzZnHxP48nQ==
age: 1127278
X-Firefox-Spdy: h2
www.google.com/s2/favicons?sz=64&domain_url=kheslc.com
142.250.74.132301 Moved Permanently 330 B URL GET HTTP/2 www.google.com/s2/favicons?sz=64&domain_url=kheslc.com
IP 142.250.74.132:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f1f3238970edce25019346181a10d39d
b242dc0100536d0b228a3a446027fc36e49a7687
7e05c0502ef2e6dcdd814c1d7dea0c279c33bff408f28efe4596728a3d13486d
GET /s2/favicons?sz=64&domain_url=kheslc.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://kheslc.com&size=64
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 11:41:48 GMT
expires: Tue, 06 Jun 2023 12:11:48 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://kheslc.com&size=64
142.250.74.100 726 B URL t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://kheslc.com&size=64
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://kheslc.com&size=64 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh1iil-web-app.translate.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 11:41:48 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20230604&sl=YFeucGol&tl=vusrprH&tc=0&tk=570742.1019917
142.250.74.42200 OK 803 B URL POST HTTP/3 translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20230604&sl=YFeucGol&tl=vusrprH&tc=0&tk=570742.1019917
IP 142.250.74.42:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1497), with no line terminators
Hash cecee8e7dfb04b1e2122639dbd897e20
b2fd2f2f3f5b8f84baf72800ace148860a8d85a9
b9a686467c7d25aa05e485edc6c68a4fa441bdb9268aa18016df1343d9317c9a
POST /translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20230604&sl=YFeucGol&tl=vusrprH&tc=0&tk=570742.1019917 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3256
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Jun 2023 11:41:48 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-lAqYFdNSbd_WPx5z1NEjuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin
access-control-allow-origin: *
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH&_x_tr_hist=true
142.250.74.161 65 kB URL hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH&_x_tr_hist=true
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (918)
Hash 3bd005e296f897508869a7f8338453b6
544c802e34c32c9722e94e35a8e8e11687487891
6c740df1619ff5ff8565f59b2e8a57e4f6b7fa7955a35f894a880387daf81f24
GET /host:-login.kheslc.com:0875?_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH&_x_tr_hist=true HTTP/1.1
Host: hh1iil-web-app.translate.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
x-robots-tag: none
content-security-policy: frame-ancestors *.translate.goog
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-encoding: gzip
date: Tue, 06 Jun 2023 11:41:57 GMT
server: ESF
cache-control: private
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+303; expires=Thu, 05-Jun-2025 11:41:57 GMT; path=/; domain=.translate.goog; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 11:41:57 GMT
X-Firefox-Spdy: h2
translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20230604&sl=YFeucGol&tl=vusrprH&tc=0&tk=570742.1019917
142.250.74.42200 OK 934 B URL POST HTTP/3 translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20230604&sl=YFeucGol&tl=vusrprH&tc=0&tk=570742.1019917
IP 142.250.74.42:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1628), with no line terminators
Hash 3d74fa54617e782c2ddfa1be538da862
1a021bfc94dda5f5dc3b6a89c35663c5aec29c61
668a241b9a78e3e90ea88a399579ed5688282145e040a098add03816c1682ccc
POST /translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20230604&sl=YFeucGol&tl=vusrprH&tc=0&tk=570742.1019917 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 3256
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Jun 2023 11:41:48 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-qUodw96F2dQRlrVLTZO9kA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hh1iil.web.app/images/enterpass.png
199.36.158.100200 OK 1.4 kB URL GET HTTP/3 hh1iil.web.app/images/enterpass.png
IP 199.36.158.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
File type PNG image data, 170 x 29, 8-bit/color RGB, non-interlaced\012- data
Hash bd6e291a9a3cc17ed37605e4ff0010cc
6c1efd74231e3d253e0f51e4656eced2f3335d71
706de242e7c3cfc4b16ba8174723f26fb80566c3171e9e795f057476011a5de1
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/enterpass.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-length: 1446
cache-control: max-age=3600
content-type: image/png
etag: "909c503a0b280f24a8681edbb12ad327ef1902d3f3cfd38d3b4716874c330b79"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:44 GMT
x-served-by: cache-bma1652-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.943546,VS0,VE118
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH
142.250.74.161200 OK 401 kB URL User Request GET HTTP/2 hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH
IP 142.250.74.161:443
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintAC:83:32:AA:E9:4D:2F:A2:F2:C9:F0:F3:7B:98:49:1B:5B:DE:7E:44
ValidityFri, 19 May 2023 12:57:31 GMT - Fri, 11 Aug 2023 12:57:30 GMT
Size 401 kB (400692 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH HTTP/1.1
Host: hh1iil-web-app.translate.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ttpkgxnyd-xn--ko9yaezt-xn----c1ac4bxc-xn----p1ai.translate.xn--c1ac4bxc.xn--p1ai/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
x-robots-tag: none
content-security-policy: frame-ancestors *.translate.goog
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-encoding: gzip
date: Tue, 06 Jun 2023 11:41:43 GMT
server: ESF
cache-control: private
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+455; expires=Thu, 05-Jun-2025 11:41:43 GMT; path=/; domain=.translate.goog; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Jun 2023 11:41:43 GMT
X-Firefox-Spdy: h2
translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20230604
142.250.74.174204 No Content 0 B URL GET HTTP/3 translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20230604
IP 142.250.74.174:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?nca=te_li&client=wt_lib&logld=vTE_20230604 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: image/gif; charset=us-ascii
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Jun 2023 11:41:47 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-ch1DCA40y-tOxs8DYIcxCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=12.SE=BpLFMBNy3HDeHZP0SUmvVbzuSFw7plsHJABpMl5fII98dKhEv3loXWwoXVfGW8ULz_XRrhdDb7Q7eSOTna9GlUae7yRUK3td1yGuGD1ICir11A2grwq7pWC3UmGxNtmOV9BLgf05IQyKFy2V7Krlpbd824o8Z2war6VK5NQHJLs; expires=Sat, 06-Jul-2024 04:00:05 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hh1iil.web.app/images/Horde-Rouncube-SSL.png
0.0.0.0 0 B URL GET hh1iil.web.app/images/Horde-Rouncube-SSL.png
IP 0.0.0.0:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint4E:21:5F:50:F4:50:7E:03:EA:B2:34:D3:10:A5:7D:22:77:B1:BF:22
ValidityWed, 10 May 2023 14:59:43 GMT - Tue, 08 Aug 2023 14:59:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert phishtank Other
quad9 Sinkholed
GET /images/Horde-Rouncube-SSL.png HTTP/1.1
Host: hh1iil.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "35f63333d4f9c200e55044e64645276919ccf2c3e37f08f09b9f65e03f5af5c6-br"
last-modified: Wed, 05 Apr 2023 11:04:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 06 Jun 2023 11:41:43 GMT
x-served-by: cache-bma1626-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1686051704.755660,VS0,VE87
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27997
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://kheslc.com&size=64
142.250.74.100404 Not Found 726 B URL GET HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://kheslc.com&size=64
IP 142.250.74.100:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://kheslc.com&size=64 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh1iil-web-app.translate.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 06 Jun 2023 11:41:48 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=el_main
142.250.74.42200 OK 221 kB URL GET HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=el_main
IP 142.250.74.42:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (1734)
Size 221 kB (220968 bytes)
Hash 66e1e8babd7e11e70eb1b55c6b1f8797
1dbd41fee441a6f5b0a3878228951eeca1af8e55
db0041c31fbbec6fdc6cc8fa2a829ea66efede78fff5d1be0272c1db9362b7b3
GET /_/translate_http/_/js/k=translate_http.tr.no.ZVPgEtntkjc.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpzw53Xp0rOcSbn5ESv2H1EPH7fXg/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 77484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Jun 2023 18:08:44 GMT
expires: Tue, 04 Jun 2024 18:08:44 GMT
cache-control: public, max-age=31536000
last-modified: Sat, 03 Jun 2023 11:22:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 63183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.10.207200 OK 37 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.10.207:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:44 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"5869c96cc8f19086aee625d670d741f9"
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 11/15/2022 10:30:01
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 654367db159aefda2e3ff8c68c8d89b2
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d30634dad99fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/585b051251.js
104.18.22.52200 OK 12 kB URL GET HTTP/2 kit.fontawesome.com/585b051251.js
IP 104.18.22.52:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11213)
Hash 4ec685b1e2c1ca5fd6d56e2f4cb0569d
a41e1f45db2fbc59562390ba8567ec3373d69510
cac5a0bd86eba50bf4a83d4dc43fe38b759ed39cc8397fdbbaa7ea68b9c63cfa
GET /585b051251.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:43 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F2WVuqPMTINui7cLKP-C
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 7d30634afde6b4ee-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
translate.google.com/gen204?sl=YFeucGol&tl=vusrprH&textlen=153&ttt=734&ttl=396&sr=1&nca=te_time&client=wt_lib&logld=vTE_20230604
142.250.74.174204 No Content 0 B URL GET HTTP/3 translate.google.com/gen204?sl=YFeucGol&tl=vusrprH&textlen=153&ttt=734&ttl=396&sr=1&nca=te_time&client=wt_lib&logld=vTE_20230604
IP 142.250.74.174:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=YFeucGol&tl=vusrprH&textlen=153&ttt=734&ttl=396&sr=1&nca=te_time&client=wt_lib&logld=vTE_20230604 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
content-type: image/gif; charset=us-ascii
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Jun 2023 11:41:48 GMT
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-UdCS3fo12pr2m-KJXlRE8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: __Secure-ENID=12.SE=WNyFgomxVJE1KALvl12U3HZSqKI1yG3zyZMz7tTI_qFQxKokyVcNRFBkXhlqHFe0Ms8YQe2l5Npr6J-WT9IiFwAhfBWDspttSvzlKW2RwMEnjpQ16AZwiaQlBQzlRz5_AveoZBSkiM19JHV8jRH6OA1FF1u3Px-7aRR-YgydlrM; expires=Sat, 06-Jul-2024 04:00:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
use.fontawesome.com/3fa6ba2462.css
172.64.132.15200 OK 1.0 kB URL GET HTTP/3 use.fontawesome.com/3fa6ba2462.css
IP 172.64.132.15:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (1054), with no line terminators
Hash fab6e7817ea100e8cdd343a0bbe1c02a
acae529858f425939818ae318022484f7ecae15b
d32b41c3094684e4cc87efcdca787371fe4db72ee73dbc29d8eb630cda747f61
GET /3fa6ba2462.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 11:41:46 GMT
content-type: text/css
x-amz-id-2: IxSFRHAoFwTx6TldKhSRLF+rqlqUCoF7DD8sh1IucxBEDDp3LYs03KrO4r/451zscOY1MOgmuLZGp10IEeZwAA==
x-amz-request-id: 67GRYEG5P6KKJ7D8
last-modified: Wed, 30 Jun 2021 18:35:04 GMT
etag: W/"366389759ac4b0c0361542c35e6f2cad"
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pb1KFVDBrrIXdAX5zMmk2D4otmCinwpxr3LNg%2F99uVwn38CGUk52X1EvKuhEHETrBz1rxD1nMsRsgGR8xbjmbHY%2BdiDBfvOM8O5BJitkbzn5btcxcqBpgC6P3GDdA5T5C6YZiW%2Fy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d3063596c908880-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
172.64.202.28200 OK 27 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
IP 172.64.202.28:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (26500)
Hash 76f34b71fc9fb641507ff6a822cc07f5
73ed2f8f21cd40fb496e61306acbb5849d4dbff4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh1iil-web-app.translate.goog/
Origin: https://hh1iil-web-app.translate.goog
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Jun 2023 11:41:45 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9e93510e33ab69af0de2f41455fbb80.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: _yEz_zrtEBQWkU9nLW3ZT56D6nPyOc-1LfX383aCR2MacikwG7DFCA==
age: 163763
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTFs2hFpP7lCZX%2FY71vkEdaJeQH1xqI2Yt%2FJmFnRmjuc1spbzU4I4fBpviQan%2FKKDl5jZ%2FqyJdkTxEwUmPob4t3kuh0WvmnNIsR6u8Oq3FVMyB08FYZUKf%2Blnn54s6WKVrNIgr5XcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d3063583f0f773d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
172.64.132.15200 OK 30 kB URL GET HTTP/3 use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
IP 172.64.132.15:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (30343)
Hash 36082410df2ef7f83932219089dc1443
7961402d7d01e19387fe609a38454b0bc8c6cca4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/3fa6ba2462.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 06 Jun 2023 11:41:47 GMT
content-type: text/css
x-amz-id-2: RLuIzw2m7j0fLc02f4GFz4K+VbIpzoucur4AgAZAkywN5KyVIpOsnqzPKE1GCzzWRnKRkSoFvTI=
x-amz-request-id: 60JSP9Q2J93K2V5A
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
etag: W/"36082410df2ef7f83932219089dc1443"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1538930
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FcQ0MG9yXxfkIM16%2BCh3SFbKHbVci2tDbcILEZ1B1SpPiGE%2B905BzD%2BtBJwmTcWe1esU0wJD4QbNW1owHmwVWD%2Bhk4IBiRmT%2Bk2bfZKypeN8XTs7IeuLLSThD7qlu9xsTBGNZIv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d3063637fbe8880-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.kheslc.com/
0.0.0.0 0 B IP 0.0.0.0:0
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: www.kheslc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hh1iil-web-app.translate.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
translate.google.com/websitetranslationui?parent=https%3A%2F%2Fhh1iil-web-app.translate.goog&pfu=https%3A%2F%2Fhh1iil-web-app.translate.goog%2Fhost%3A-login.kheslc.com%3A0875%3F%2B%26_x_tr_sl%3DYFeucGol%26_x_tr_tl%3DvusrprH&u=https%3A%2F%2Fhh1iil.web.app%2Fhost%3A-login.kheslc.com%3A0875%3F%2B&sl=YFeucGol&tl=vusrprH&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3DYFeucGol%26tl%3DvusrprH%26hl%26u%3Dhttps%3A%2F%2Fhh1iil.web.app%2Fhost%3A-login.kheslc.com%3A0875%3F%252B%26anno%3D2&client=tr&uip=true
142.250.74.174200 OK 648 kB URL GET HTTP/3 translate.google.com/websitetranslationui?parent=https%3A%2F%2Fhh1iil-web-app.translate.goog&pfu=https%3A%2F%2Fhh1iil-web-app.translate.goog%2Fhost%3A-login.kheslc.com%3A0875%3F%2B%26_x_tr_sl%3DYFeucGol%26_x_tr_tl%3DvusrprH&u=https%3A%2F%2Fhh1iil.web.app%2Fhost%3A-login.kheslc.com%3A0875%3F%2B&sl=YFeucGol&tl=vusrprH&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3DYFeucGol%26tl%3DvusrprH%26hl%26u%3Dhttps%3A%2F%2Fhh1iil.web.app%2Fhost%3A-login.kheslc.com%3A0875%3F%252B%26anno%3D2&client=tr&uip=true
IP 142.250.74.174:443
Requested by https://hh1iil-web-app.translate.goog/host:-login.kheslc.com:0875?+&_x_tr_sl=YFeucGol&_x_tr_tl=vusrprH#anRyZXR0ZXJAa2hlc2xjLmNvbQ==:a2hlY29ycHxUbTl5ZDJGNU9rNVA=
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
Size 648 kB (647733 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /websitetranslationui?parent=https%3A%2F%2Fhh1iil-web-app.translate.goog&pfu=https%3A%2F%2Fhh1iil-web-app.translate.goog%2Fhost%3A-login.kheslc.com%3A0875%3F%2B%26_x_tr_sl%3DYFeucGol%26_x_tr_tl%3DvusrprH&u=https%3A%2F%2Fhh1iil.web.app%2Fhost%3A-login.kheslc.com%3A0875%3F%2B&sl=YFeucGol&tl=vusrprH&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3DYFeucGol%26tl%3DvusrprH%26hl%26u%3Dhttps%3A%2F%2Fhh1iil.web.app%2Fhost%3A-login.kheslc.com%3A0875%3F%252B%26anno%3D2&client=tr&uip=true HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hh1iil-web-app.translate.goog/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
x-frame-options: ALLOW-FROM https://hh1iil-web-app.translate.goog
content-security-policy: frame-ancestors https://hh1iil-web-app.translate.goog, require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport, script-src 'nonce-Tk00ZixoTLOf_uPvagFCyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Jun 2023 11:41:45 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: __Secure-ENID=12.SE=lslGW7HtKNLbUlKdbkmBvAWPbijbvR9pNhhyXpIxfuFR-wwiUEKjP1Nh0IAeC-KJDg5PSkQ3qBtgdzHSgXtuB4VGBZ4K6k_reWJ5M561zc2HKy3osktEVMO3pkLxj19Sk1LOigaoY-OONesF25kVw11l9WtyeT6z4gl8aZbtEwc; expires=Sat, 06-Jul-2024 04:00:03 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+652; expires=Thu, 05-Jun-2025 11:41:45 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000