mail.hsitesreviewmail.com/ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5
51.15.108.253301 Moved Permanently 455 B URL HTTP/1.1 mail.hsitesreviewmail.com/ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5
IP 51.15.108.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1eeba31eeebbf218eaecda8503dbef4e
efa50b6e779194a0aa5fabfbd5278884b7fc2166
bf7fc8d55f33b5fac6e52317ceb38d456330c0f7a77d758225314389b5174342
GET /ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5 HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 02:01:33 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://mail.hsitesreviewmail.com/ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5
Content-Length: 455
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5326
Expires: Fri, 02 Dec 2022 03:30:19 GMT
Date: Fri, 02 Dec 2022 02:01:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5978
Cache-Control: max-age=122957
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:33 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 12:10:50 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 01:19:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2503
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17532
Expires: Fri, 02 Dec 2022 06:53:45 GMT
Date: Fri, 02 Dec 2022 02:01:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OiezOmJuod4xTdOPO1MsyDh2ck0zl6KLZwMzuoC0xTPn+ki12Ruxd1HGnLEsTpy7ogTjhBKQrHM=
x-amz-request-id: 8WM231RWD7XFEGK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 01:45:53 GMT
age: 940
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 02:01:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 01:08:57 GMT
cache-control: public,max-age=3600
age: 3157
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c0d8b51b3ebcffa8cf5d7630863d8ac0
b856dd8a1e70e75e84747580a6af0725a444f0f1
45fac0104ee1933298caf1be3747829f6428ee92ea57864072e38870647e4cc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45FAC0104EE1933298CAF1BE3747829F6428EE92EA57864072E38870647E4CC9"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12354
Expires: Fri, 02 Dec 2022 05:27:28 GMT
Date: Fri, 02 Dec 2022 02:01:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5972
Cache-Control: max-age=117887
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:34 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:46:21 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
mail.hsitesreviewmail.com/ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5
51.15.108.253200 OK 3.2 kB URL HTTP/1.1 mail.hsitesreviewmail.com/ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5
IP 51.15.108.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6500)
Hash 078207b79f44cb82845a5c6d437d3f24
141068a0ac4706b8d242ca8e9dfcb248055fba93
501dda2698ce52f5734ae52ceabf4e7f79a62878450a41f053f1542a460f9fc4
GET /ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5 HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-store
Set-Cookie: _cid=55ebd64f721ec0f454c7f7d1ffa887fc; expires=Fri, 02-Dec-2022 02:02:34 GMT; Max-Age=60
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3218
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
52.89.136.7101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.136.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WjcormmKRTpv244bkaLDbQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MbNf5P5mR/dLlvIcuKvUZFb662M=
mail.hsitesreviewmail.com/favicon.ico
51.15.108.253200 OK 1.2 kB URL HTTP/1.1 mail.hsitesreviewmail.com/favicon.ico
IP 51.15.108.253:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 183354cd8aef0b86eb21c3c990769e3a
1a9f66ae6db831dc774f9ba68f67aa12b6ece2d1
15feb3bb92077977c3a07a6810c346f592a800ecfec3c50d446773e48b514a7e
GET /favicon.ico HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "47e-57f93df4f75c0"
Accept-Ranges: bytes
Content-Length: 1150
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
mail.hsitesreviewmail.com/ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5
51.15.108.253302 Found 0 B URL HTTP/1.1 mail.hsitesreviewmail.com/ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5
IP 51.15.108.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ck/owl/mail/E4A_VtB-E4F/672b235e6c15d65d366b80d61735dcde/ffad75e725fece3bc67cf399b4bf509c?vertical=1&template=ff22_o15&cid=4019&utm_source=&utm_medium=&clickId=E4A_VtB-E4F&sId=42&svId=5 HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 113042
Origin: null
Connection: keep-alive
Cookie: _cid=55ebd64f721ec0f454c7f7d1ffa887fc; landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-store
Location: /
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
mail.hsitesreviewmail.com/
51.15.108.253200 OK 1.7 kB URL HTTP/1.1 mail.hsitesreviewmail.com/
IP 51.15.108.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (716)
Hash 39894766ec36d5cc8aeb6f4911a0d636
2a83a0117ce61733dc1565c92e04566f85773d93
2e1d81baaf889a24d1bdfde62b19c9081b4b4d2a4717684528fb70eec008e306
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D; expires=Mon, 29-Nov-2032 02:01:34 GMT; Max-Age=315360000; path=/
Cache-Control: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1702
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
mail.hsitesreviewmail.com/assets/scripts/trkng.js
51.15.108.253200 OK 896 B URL HTTP/1.1 mail.hsitesreviewmail.com/assets/scripts/trkng.js
IP 51.15.108.253:0
Hash a07ed1a1999454c416189ece2eca7641
07a5ebc44bc4d4f961b3e7ca0d3220482a7dad1d
6dce144dbf75c228aaac7923528e2700acd69c1fc8d0ea302f0d3a774238e30a
Analyzer Verdict Alert fortinet Phishing
GET /assets/scripts/trkng.js HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "cdb-5ae6508325700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 896
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
51.15.108.253200 OK 7.8 kB URL HTTP/1.1 mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
IP 51.15.108.253:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2250)
Hash bae2e2ab5e986616768054fc09ee8507
9299a3b03f01da8047293891f04edb723478c338
f1cc1f370d90da0a9156316947ca1891c8e9163f3bcde57e2ae5a642ac61ef3b
GET /?bpuid=bprotect63895c7ecc8360.28874496 HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D; expires=Mon, 29-Nov-2032 02:01:34 GMT; Max-Age=315360000; path=/
Cache-Control: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7760
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/favicon-16x16.png
51.15.108.253200 OK 1.5 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/favicon-16x16.png
IP 51.15.108.253:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1bc0e46970069a5ce40975a68cd26edd
84c1be33d52284f22aadc47a79c898c5fce33370
dbf2dba29c4c362563d4e22be1098c42eacff1f32ef623b9a742e5e0c47eea59
GET /resources/Landing/owl_base/images/favicon-16x16.png HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "5c7-5b086a69d82c0"
Accept-Ranges: bytes
Content-Length: 1479
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/apple-touch-icon.png
51.15.108.253200 OK 20 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/apple-touch-icon.png
IP 51.15.108.253:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash a260b9011133f75ecd2e7d1c43c55151
0fd4a79df5474b47a98ec585f7db04119dc1a388
b9536fe69dd22cdf351df4766281cdc37a9c6312819187add2ee504fce088332
GET /resources/Landing/owl_base/images/apple-touch-icon.png HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "4e38-5b086a69d82c0"
Accept-Ranges: bytes
Content-Length: 20024
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
code.jquery.com/jquery-migrate-1.2.1.min.js
69.16.175.42200 OK 3.1 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.2.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (7085)
Hash e1084a25976d8b8999acadc7350ffb48
99b723d38b78d8347e8dfa60193b12864a370227
b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 02:01:35 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669946495.dop216.sk1.t,1669946495.cds247.sk1.hn,1669946495.cds242.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.hsitesreviewmail.com/assets/scripts/validation.js
51.15.108.253200 OK 7.6 kB URL HTTP/1.1 mail.hsitesreviewmail.com/assets/scripts/validation.js
IP 51.15.108.253:0
File type ASCII text, with very long lines (6345), with CRLF line terminators
Hash 2fa53d93aad96e7783243edd86604b03
64c8cf89c3cbf7db61879614b91a9287bad24dce
7537888e5a39094c60c3cea8026ae4a65b5a6394d7d14692a6945acbc507f96d
Analyzer Verdict Alert fortinet Phishing
GET /assets/scripts/validation.js HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "6387-5aadd3c04dfc0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 7623
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mail.hsitesreviewmail.com/assets/css/form.css
51.15.108.253200 OK 640 B URL HTTP/1.1 mail.hsitesreviewmail.com/assets/css/form.css
IP 51.15.108.253:0
File type ASCII text, with CRLF line terminators
Hash 3664620290092626b5542cfcdf1ee76e
50a33f854a5f46c80d513d98e727ffc9f308c551
81098f4b1e453d6378cd524b5ecddd1cf82cdf8871d38a4e40e434d841f83963
GET /assets/css/form.css HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "6f1-58b364c690880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 640
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.hsitesreviewmail.com/vendor/mailcheck/mailcheck.min.js
51.15.108.253200 OK 1.1 kB URL HTTP/1.1 mail.hsitesreviewmail.com/vendor/mailcheck/mailcheck.min.js
IP 51.15.108.253:0
File type C source, ASCII text, with very long lines (2531), with no line terminators
Hash 7d83d84f1c6a8afb07955f51464629b5
dafb792d3b5de5633ebfba21c7386d8bb83378f4
074c047811d6cf6d75fb66c1e5fc237351e458e7817eeb7bd1ef94c18dc0156f
Analyzer Verdict Alert fortinet Phishing
GET /vendor/mailcheck/mailcheck.min.js HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "9e3-57f93df5eb800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 1080
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mail.hsitesreviewmail.com/assets/scripts/prototype.js
51.15.108.253200 OK 242 B URL HTTP/1.1 mail.hsitesreviewmail.com/assets/scripts/prototype.js
IP 51.15.108.253:0
File type ASCII text, with CRLF line terminators
Hash 0465b86f13b98c688c1626c46903efce
436922a5293363433c9646ac706b35ae18c34a12
3358fded42111823b0315e70e83798e904c7f53d231d5bda863388d340391a75
Analyzer Verdict Alert fortinet Phishing
GET /assets/scripts/prototype.js HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "140-57f93df4f75c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/recaptcha/api.js?render=6LcWLaMUAAAAAGW3FZeJVek7QL4Sufn7HboWxA-4
142.250.74.132200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LcWLaMUAAAAAGW3FZeJVek7QL4Sufn7HboWxA-4
IP 142.250.74.132:0
File type ASCII text, with very long lines (884), with no line terminators
Hash b02e4827420a240f47e9dfac3a97dfeb
57e39d17058f2fe2ffefc93e83267d6b758333a8
ba9049a6519801858a8d7a9ec25b8040b2118f8084f042c86bbd71e5bd36c598
GET /recaptcha/api.js?render=6LcWLaMUAAAAAGW3FZeJVek7QL4Sufn7HboWxA-4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 02 Dec 2022 02:01:35 GMT
date: Fri, 02 Dec 2022 02:01:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.hsitesreviewmail.com/assets/scripts/wizard.js
51.15.108.253200 OK 1.5 kB URL HTTP/1.1 mail.hsitesreviewmail.com/assets/scripts/wizard.js
IP 51.15.108.253:0
File type ASCII text, with CRLF line terminators
Hash cbe1c8719bc6c1da1d90626f1f56f4c2
8dfc7a80f0e93d617d2a4e7f8ac6f4e9852e592f
655637381fff62b3770e2df2bc192be437757cfa7cfe3e1fa3c35d1cd8872d46
Analyzer Verdict Alert fortinet Phishing
GET /assets/scripts/wizard.js HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "160a-586d03ff69f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 1545
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mail.hsitesreviewmail.com/assets/scripts/cookieconsent.js
51.15.108.253200 OK 904 B URL HTTP/1.1 mail.hsitesreviewmail.com/assets/scripts/cookieconsent.js
IP 51.15.108.253:0
Hash 659a2368b759e65835517c258c25434d
77777e86df0cc19839653099e70fdf247e058745
244d4de8026b2aaa4dd3969548057eeb50f691965199a67cff950c0e3ce838ac
Analyzer Verdict Alert fortinet Phishing
GET /assets/scripts/cookieconsent.js HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "9a4-5b23fe6b727c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 904
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
mail.hsitesreviewmail.com/vendor/jquery/jquery.js
51.15.108.253200 OK 106 kB URL HTTP/1.1 mail.hsitesreviewmail.com/vendor/jquery/jquery.js
IP 51.15.108.253:0
Size 106 kB (106227 bytes)
Hash 2cb5623cd3caf778d88ecb3c3504dffa
35d140f9adf188adc7a922cb28d20cd3b6146627
b6dd2c9bf6adcac6caf3c4ab60bc67a295f9445051ebc9faf87f48ec2eaffb28
Analyzer Verdict Alert fortinet Phishing
GET /vendor/jquery/jquery.js HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:34 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "42b2f-57f93df5eb800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
mail.hsitesreviewmail.com/assets/css/progressbar.css
51.15.108.253200 OK 803 B URL HTTP/1.1 mail.hsitesreviewmail.com/assets/css/progressbar.css
IP 51.15.108.253:0
Hash 930493803dfd4cfd42c028306f3e6014
ab2b0c31df4ed2a646599b8c1d2d99fab3b2e5ff
6263372d24194cfab44d7326f8c7cd7cdfca097f1dc4b9ff3abdb15f3e886198
GET /assets/css/progressbar.css HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/assets/css/form.css
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "a67-589658636e500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=604800, must-revalidate
Content-Length: 803
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/s001.jpg
51.15.108.253200 OK 94 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/s001.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x960, components 3\012- data
Hash a0bc3682d7996d24ec41742da3e6235b
442266ce1f7f4bd7bc43bd0e3ff84393e41f6cfe
2156fe525b0af24e6703434450a0d8de1656ffe08d6cb55f4b6461265d1e47d9
GET /resources/Landing/owl_base/images/s001.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "16d58-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 93528
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c01.jpg
51.15.108.253200 OK 16 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c01.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash 905b6fd1ae9c3315077dccffd06c58ef
58089cfdd2cd9f478566a11c076791676be49e06
e1974f1ed3a40f1b5aca2d60fc0626d93bb8aaac04bd876d045129930a9ff731
GET /resources/Landing/owl_base/images/c01.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "3f55-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 16213
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c02.jpg
51.15.108.253200 OK 26 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c02.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash e12e2f44b67829a4f3d8925d19a8a1f5
a153fc9ced8ddd6dacedc66c19111b41e92b13d3
01bb95c31c087c4e1629749fe43e0d2c7d6001120ac7eeba9d591105d3db5194
GET /resources/Landing/owl_base/images/c02.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "644e-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 25678
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mail.hsitesreviewmail.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 284934
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c04.jpg
51.15.108.253200 OK 18 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c04.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash 47d6321d1dccee20443d29301d06f1d6
e864b280562eb29dfff5193d3ffee5b8cbb99ad6
1a486665264e703d234d2f8e6040d5048d01ab7e101bce766ff5196bfa9ca420
GET /resources/Landing/owl_base/images/c04.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "468c-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 18060
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c03.jpg
51.15.108.253200 OK 18 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c03.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash cd16028545618510d6c0fef05f4ba2f9
1ea8213c4819fafd25f49db9fe6191993da7cc56
22b66a089ae6c9f37c5252195e329b4659e4148a186a5cf05beab544491f163b
GET /resources/Landing/owl_base/images/c03.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "480f-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 18447
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c05.jpg
51.15.108.253200 OK 21 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c05.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash f3674af82221eb08695591d1847c266e
96cde98194767120825d17affd052d77242b194e
8ca8e729c5e387242c336a3671d4700a0723eeb20f542fc6ec86303085019cf0
GET /resources/Landing/owl_base/images/c05.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "527e-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 21118
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c06.jpg
51.15.108.253200 OK 19 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c06.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash b3b6a26aa148923a6753f0d0bf2c0257
3b5d43051bef583f9971e90232e0f76e5b4b04f4
d94c2e35bbe2966b4eb18ddeb86164e7f88ee783c88efe92112b498a952be020
GET /resources/Landing/owl_base/images/c06.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "497d-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 18813
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 02:01:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c07.jpg
51.15.108.253200 OK 21 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c07.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash cc73484ef605a09c94a974484eaa3db8
2bc5e9ee78149f05bce1dedc0150c414c2d7e4fc
34cbb6bc0350b08e0aa891b29935926acb6d5f4d2604280238b8fbc0875ba08e
GET /resources/Landing/owl_base/images/c07.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "511d-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 20765
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c08.jpg
51.15.108.253200 OK 31 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c08.jpg
IP 51.15.108.253:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 220x330, components 3\012- data
Hash 4f7a5bac21c4a3cd939da3f69391e338
213c9d1ae7d64912c9d3e4dbccb4574247362340
0cb77e8bc57b2c74e936ee52f4a54b806e4fe13efc7984b9374f930ec47d681b
GET /resources/Landing/owl_base/images/c08.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "77e0-5b088fb32bb00"
Accept-Ranges: bytes
Content-Length: 30688
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c09.jpg
51.15.108.253200 OK 16 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c09.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash 7036fed0ed9542f91f79d3e5e7097d65
2bde51a2f66534e11f82bd09b63855ea29718bfe
437ceef73aeccaceddcc90372943f08aa64bcbca75cfa9429375f7d38971623f
GET /resources/Landing/owl_base/images/c09.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "409f-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 16543
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c10.jpg
51.15.108.253200 OK 17 kB URL HTTP/1.1 mail.hsitesreviewmail.com/resources/Landing/owl_base/images/c10.jpg
IP 51.15.108.253:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x330, components 3\012- data
Hash 637829d9c026f7a00e4c2b9b5a33628e
db085a30365ef6e9c3df573771afd8c279d8c638
77f7b4108fe6719a1b15a5c54cd35a830a54333526109eba439c2bcf28396a1b
GET /resources/Landing/owl_base/images/c10.jpg HTTP/1.1
Host: mail.hsitesreviewmail.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/?bpuid=bprotect63895c7ecc8360.28874496
Cookie: landing-coordinates=%7B%22host%22%3A%22mail.hsitesreviewmail.com%22%2C%22shortname%22%3A%22owl_base%22%2C%22cid%22%3A4057%2C%22affId%22%3A298%2C%22networkId%22%3A2%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 02:01:35 GMT
Server: Apache/2.4.41 (Ubuntu)
ETag: "41cc-5c19654695e40"
Accept-Ranges: bytes
Content-Length: 16844
Cache-Control: public, max-age=604800, must-revalidate
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mail.hsitesreviewmail.com
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 283898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2527
Expires: Fri, 02 Dec 2022 02:43:42 GMT
Date: Fri, 02 Dec 2022 02:01:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2527
Expires: Fri, 02 Dec 2022 02:43:42 GMT
Date: Fri, 02 Dec 2022 02:01:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17894
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 02:01:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2527
Expires: Fri, 02 Dec 2022 02:43:42 GMT
Date: Fri, 02 Dec 2022 02:01:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 67286
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 15212
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 15164
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 33652
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89502a302863c914b4de5e8c6a7f6846
898d50ac6e372609656fccee27de3d036bc0281c
9bc1f83d570d70b7e17e5de7a1546885851431ea989d915852ae7130387c422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0842726-801f-4648-a54d-c0cb2cf5348a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5675
x-amzn-requestid: a47e049a-6f76-4af4-8064-fd7722bcfb17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepGYEIAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-09e13afe27c4dc5b44e828be;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U_3ah2pFrsQl9IVVqm9EVI99FnF79b9zOUFVBGX966JAjkDg6UF--A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:47:56 GMT
age: 15219
etag: "898d50ac6e372609656fccee27de3d036bc0281c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 65904
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 15099
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16a112f00456d38c4c9e051ccf40e105
8fe32fffe672f0e91ce773af0e4be960f55bad08
43517bbcd17ec6d05d09a4c0d183610acdc7e2fa4767cb786cb8b936d5f44402
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13461
x-amzn-requestid: 8c0121a6-cf29-4cd0-bd42-d9f67af62b84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsyGhGoAMF1-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7eb-593f28367320530e2dcafbfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fY7pkaeRu9vdWa68sWrtGxp2BkC9lZhbJ1cgGWap2H8y1zXUxKT6zA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 06:28:23 GMT
age: 70392
etag: "8fe32fffe672f0e91ce773af0e4be960f55bad08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Open+Sans:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mail.hsitesreviewmail.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 02:01:35 GMT
date: Fri, 02 Dec 2022 02:01:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2