results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
302 Found 289 B URL HTTP/1.1 results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 324809709b5b9945efd32fc937878d53
b6248973fa3f58e64f95f9154e348c0b126ef18a
97422133c18a434f35756adadeb0b794ca8903084173b61bb184c23ea3065142
GET /?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Oct 2022 22:44:56 GMT
Location: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
X-Content-Type-Options: nosniff
Content-Length: 289
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aH2NxxNmFgpHQN2MWSJx4BJkY53TfFt9GpuOhpRqZwOR4SOURLnYFA==
Age: 111456
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10512
Expires: Fri, 07 Oct 2022 01:40:07 GMT
Date: Thu, 06 Oct 2022 22:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2299
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 22:44:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: liJgwb19zrPrhy7QIfGvJdpaSEn6e6CWdEW8an5P1aXDeh9L+EaPsaZ2pzStm6nCLl2obud2zI8=
x-amz-request-id: 91GXZC4T3BG1PG5E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 21:58:54 GMT
age: 2761
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 22:44:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0fcebdce73203bb020cb99674b9d05ed
e9165638d29b3bf76c05c75f349323f713ee2046
992db403a5fdb7e3bc18b8ace35ef211e0b53c42654d41f2f6c5cd7088d852ff
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:55 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3CuCuQTTLnffOumXiIZh362DrzGUxnLlR6uxmF7Mc-gYWx-pCyPpgg==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 22:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 23:08:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fx4aW1LisVA1H9PHf8AVDOZ7hDlK4P0_dCSETmr75z_n1Sa2mAbkYA==
Age: 914
results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
200 OK 11 kB URL HTTP/1.1 results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (559), with CRLF line terminators
Hash 2aac5616ceb8df565d93b112882af510
feeae920cad0627aa2c53f3f0dda29b424e07ceb
47825a0162a38b2735df5ba337aca45ca841a886c49e5cedf5c6edd6b250acae
GET /?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Oct 2022 22:44:57 GMT
Set-Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; domain=hemailloginnow.com; expires=Fri, 07-Oct-2022 22:44:58 GMT; path=/
nts=t; domain=hemailloginnow.com; path=/
noact_v2=true; domain=hemailloginnow.com; expires=Fri, 07-Oct-2022 01:44:58 GMT; path=/
showrevcontentad=true; domain=hemailloginnow.com; expires=Wed, 05-Oct-2022 22:44:58 GMT; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 11132
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3322
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:55 GMT
Last-Modified: Thu, 06 Oct 2022 21:49:33 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 278 B IP
Hash 61a0a1339fe4f32a485138b477b9e5da
d42818c083372d490d046d344ec1e06436f19d75
f2f915b6d410a33d9f881e1ed461b9d7167bf5791d12f6cd4bb70353f97b1068
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2996
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:55 GMT
Last-Modified: Thu, 06 Oct 2022 21:54:59 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.revcontent.com/master/delivery.js
200 OK 50 kB URL HTTP/2 assets.revcontent.com/master/delivery.js
IP
File type Unicode text, UTF-8 text, with very long lines (65057)
Hash 50a1f9eac98086ba06629d5edd6ec478
1f5c7c2acfa7ca3e69e9a1b413f4208a68e8f550
382b9e7f344e886d2a6f053095695aa474ebca2c3ef4aebf6dc6f1adc000cf39
GET /master/delivery.js HTTP/1.1
Host: assets.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:55 GMT
content-encoding: gzip
content-length: 49674
content-type: application/x-javascript
last-modified: Tue, 04 Oct 2022 17:48:26 GMT
accept-ranges: bytes
x-amz-id-2: 5o7EhSVLTdm+xQwc3ROtmbWaOkkY5ydJFnstV5bKPncKlB3O7p+u0sgeC9MC3uqyBd7KSoUAK78=
x-amz-request-id: 8W6Y2P1TSQXDPHJ2
etag: "e66a5e16702f237c8231f05091be9c47"
cache-control: public,max-age=60
server: AmazonS3
x-hw: 1665096295.cds256.sk1.hn,1665096295.cds226.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
kit.fontawesome.com/b9b2ba83c3.js
200 OK 4.3 kB URL HTTP/2 kit.fontawesome.com/b9b2ba83c3.js
IP
Hash a0c31be173523733d48e32db7445bae3
2ae65e2f20131f947e7bd716f1f2d6dab573da94
bc509c2e1c162d5c98267b30560bc5be524a37575dab86da914b0e742233b9c5
GET /b9b2ba83c3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:55 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxucQlKpwOEE6ZCGRDpj
cf-cache-status: MISS
server: cloudflare
cf-ray: 7561eca94adbb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
results.hemailloginnow.com/get/js/impression?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&cid=app@EmailLoginNow
200 OK 671 B URL HTTP/1.1 results.hemailloginnow.com/get/js/impression?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&cid=app@EmailLoginNow
IP
File type ASCII text, with CRLF line terminators
Hash 6253a6e7c11c3d79aab31f497facc384
116e54ce896bbac503ffd7ba76b5661e9fd097e0
a0a4ac880bfd5260bc7888651e8c23ef8d700d284f8ef45d65bd4c58105a77bc
GET /get/js/impression?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&cid=app@EmailLoginNow HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
Date: Thu, 06 Oct 2022 22:44:53 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 671
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-178002442-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178002442-1
IP
File type ASCII text, with very long lines (2039)
Hash cf6eadbc56db833010ea8be291af51c8
f74c3d4d6f45d24d83370ca25f259786a2d64ee0
2be2cc80ed0830499f761b5e26d32071655040c26ee13fcad0e46bf70dd09f2b
GET /gtag/js?id=UA-178002442-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 22:44:55 GMT
expires: Thu, 06 Oct 2022 22:44:55 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 21:38:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b9b2ba83c3
200 OK 2.6 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b9b2ba83c3
IP
File type ASCII text, with very long lines (27832)
Hash eaaabd3f60063923cd5333eb1d7a20a1
0da69706105e28896a1f6eeaa91d5bec1b82f7f1
f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b9b2ba83c3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:56 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7561eca9fb7ab524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b9b2ba83c3
200 OK 4.2 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b9b2ba83c3
IP
File type ASCII text, with very long lines (26366)
Hash 7fd743485fa194e25e2a207bff6c258a
97c999d752b95ee1ed6271a29aa58109dc17281e
dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b9b2ba83c3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:56 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7561eca9fb78b524-OSL
X-Firefox-Spdy: h2
ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b9b2ba83c3
200 OK 54 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b9b2ba83c3
IP
File type ASCII text, with very long lines (65397)
Hash dc9270247a97f75913a5d8934c24de03
ed9b0fa01b552571f99d529ed355b2ba91cfc48d
847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b9b2ba83c3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:56 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7561eca9fb75b524-OSL
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7XDfY5H1G5W/JU7in4k1OQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ytIf9RWsPdxdbuFYkMTYUZHr1Xw=
results.hemailloginnow.com/Scripts/NewScripts/AutoComplete_V4.js
200 OK 75 kB URL HTTP/1.1 results.hemailloginnow.com/Scripts/NewScripts/AutoComplete_V4.js
IP
File type Unicode text, UTF-8 text, with very long lines (1602), with CRLF line terminators
Hash 8bbb0bc9c1fb1e218deceec495fbfb7a
e41b435847fd6fd56cae9ee06abb7bff6da3cadb
624a7d78be7b43606b0a3aed037652f1e91af071ea6ed0f8ac2f165dbc6f34f0
Analyzer Verdict Alert fortinet Malware
GET /Scripts/NewScripts/AutoComplete_V4.js HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 22:44:57 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 74940
Connection: keep-alive
results.hemailloginnow.com/Content/Home/Email/CSS/Email_v2.css
200 OK 2.0 kB URL HTTP/1.1 results.hemailloginnow.com/Content/Home/Email/CSS/Email_v2.css
IP
File type ASCII text, with very long lines (662), with CRLF line terminators
Hash 95bafb07a4c77592131ed7c312af4044
9e40450c7c820faaa64b0f760ca7c28fe6023aa8
0980843bc140a1b35d4f00b34ca3a54e92b585d24cfac15fc313a31c838e5170
GET /Content/Home/Email/CSS/Email_v2.css HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Thu, 06 Oct 2022 22:44:58 GMT
ETag: "0d7e58bf699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:01 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1958
Connection: keep-alive
results.hemailloginnow.com/Content/CSS/Base_v2.css
200 OK 3.7 kB URL HTTP/1.1 results.hemailloginnow.com/Content/CSS/Base_v2.css
IP
File type ASCII text, with CRLF line terminators
Hash 13d29acfb3c292bf9a169a3937abd2ce
c3ef39dbcb449f86e6c990d226fa54d9ceea23cf
fe075126c80e25cb5e77fce2ea374e80de0b6d2d06ecb675269e9a333108137e
GET /Content/CSS/Base_v2.css HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: text/css
Date: Thu, 06 Oct 2022 22:44:47 GMT
ETag: "89edba8bf699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:01 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 3740
Connection: keep-alive
results.hemailloginnow.com/Scripts/Home/Shared/Base_v2.js
200 OK 1.3 kB URL HTTP/1.1 results.hemailloginnow.com/Scripts/Home/Shared/Base_v2.js
IP
File type ASCII text, with CRLF line terminators
Hash 34c9985adbb356b6a953d56056a4ce33
ad0fd72894719fa7465f91da7b9d1ee263aa62e9
6275654010d92220bdc9b4dd5fa4e76dbd32eab05025ff598fb5270b57671660
Analyzer Verdict Alert fortinet Malware
GET /Scripts/Home/Shared/Base_v2.js HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 22:44:53 GMT
ETag: "646a248ef699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1273
Connection: keep-alive
results.hemailloginnow.com/Scripts/WeatherHelper_v1.js
200 OK 1.5 kB URL HTTP/1.1 results.hemailloginnow.com/Scripts/WeatherHelper_v1.js
IP
File type ASCII text, with CRLF line terminators
Hash 1d8237575ed7434f668873989b3f769a
12430714bc540f62ab8c3cc356d1b009b1589a4b
198e57bb51fb3c84d5f47f50a51488e916c5dda12a414b5245d17aba693ea68d
Analyzer Verdict Alert fortinet Malware
GET /Scripts/WeatherHelper_v1.js HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Type: application/javascript
Date: Thu, 06 Oct 2022 22:44:58 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1517
Connection: keep-alive
results.hemailloginnow.com/Content/Images/Toolbar/yahoo.png
200 OK 4.9 kB URL HTTP/1.1 results.hemailloginnow.com/Content/Images/Toolbar/yahoo.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d0147c64fa4aeb01695c95f351be917
cee44aeace3e20e6d7e607c723235a110bf02e7f
bcdd8290dcee1d8bc7c5cb8798bd27078a9a30dda19e432e8ad43d9520ba921b
GET /Content/Images/Toolbar/yahoo.png HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 06 Oct 2022 22:44:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4863
Connection: keep-alive
results.hemailloginnow.com/Content/Images/Toolbar/outlook.png
200 OK 8.4 kB URL HTTP/1.1 results.hemailloginnow.com/Content/Images/Toolbar/outlook.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash aa6f70a6681c4c8321f28c610545b0a4
3bb0380120a96c3fc906ca551d22ad9fa1ed6ce7
6b1192ebfb3fd93bfdb7b886124862494c86d0045fd6c94a47398a089f5e030b
GET /Content/Images/Toolbar/outlook.png HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 06 Oct 2022 22:44:53 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 8401
Connection: keep-alive
results.hemailloginnow.com/Content/Images/Toolbar/emailv2.png
200 OK 5.0 kB URL HTTP/1.1 results.hemailloginnow.com/Content/Images/Toolbar/emailv2.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Hash dd10e459a0ac71df7bcffa634a077856
cc774bf351b47a74c422c5db5dc17c051536be00
0d7a3679994f6afdc431b78b25fe7ba40963cfe94f807ca7409e9687429bca10
GET /Content/Images/Toolbar/emailv2.png HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 06 Oct 2022 22:44:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4960
Connection: keep-alive
results.hemailloginnow.com/Content/Images/Toolbar/newsv2.png
200 OK 12 kB URL HTTP/1.1 results.hemailloginnow.com/Content/Images/Toolbar/newsv2.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Hash 54d6fb01d95327cccb0a713c0123190d
7a3c40c0a40fba3b51f76266cb9505f8f1a42ef5
71dc8eff83a0ad83594a67273ae6434612a079e25fb2e06180f046ae02f87a68
GET /Content/Images/Toolbar/newsv2.png HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 06 Oct 2022 22:44:47 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 12254
Connection: keep-alive
results.hemailloginnow.com/Content/Images/Toolbar/maps.png
200 OK 10 kB URL HTTP/1.1 results.hemailloginnow.com/Content/Images/Toolbar/maps.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 03f31a86f5fd92f860351577c470b165
bed2a3c0ad6f07458c1822c3e6ac8b89cf937575
f018ecd3437923c9f5af6d16da40d2b32ce2029b6e45c1e2e728f6cc6b3e12ea
GET /Content/Images/Toolbar/maps.png HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 06 Oct 2022 22:44:47 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 10139
Connection: keep-alive
results.hemailloginnow.com/Content/Images/Toolbar/gmail.png
200 OK 4.4 kB URL HTTP/1.1 results.hemailloginnow.com/Content/Images/Toolbar/gmail.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash ea55cde31ffc6f17e1f6252c9ff64c63
e947805941b0c360442d8a05ae22368ce39d82a1
7549b37a194c861d3e0444cae07773212707ad4b2ec7f4182c006be6c8aaff69
GET /Content/Images/Toolbar/gmail.png HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Content-Type: image/png
Date: Thu, 06 Oct 2022 22:44:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4402
Connection: keep-alive
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
200 OK 20 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 19784, version 331.-31196\012- data
Hash c7682b8035fc1d1672d6455631813794
9e2955e5e55b3073e229c218724406425862d4a1
1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:56 GMT
content-type: font/woff2
content-length: 19784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-4d48"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7561ecac3d4fb524-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 61325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
200 OK 23 kB URL HTTP/2 ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23316, version 331.-31196\012- data
Hash e0e8f01313f5061924cb318b031d706e
8ddfde7f46123a327ec627acf520741b1f016eb9
78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0
GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:56 GMT
content-type: font/woff2
content-length: 23316
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35c-5b14"
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7561ecac5d83b524-OSL
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b96716195701cf8034c5b780a75d112d
128b0d6287d7b8e457578c4debcc42b1c1cf9a07
ea4888f897ac74b5e83bea913330c3df783a3b24c1906da1008a497879988fef
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 22:44:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 04 Oct 2022 16:42:22 GMT
Expires: Tue, 11 Oct 2022 16:42:21 GMT
Etag: "128b0d6287d7b8e457578c4debcc42b1c1cf9a07"
Cache-Control: max-age=409644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7561ecadbce0b512-OSL
api.openweathermap.org/data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
200 OK 465 B URL HTTP/1.1 api.openweathermap.org/data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (465), with no line terminators
Hash b00e03779d3048fd5dc73cd259b5f62b
626f0d00c26c06de2fbf5204f4a578aaf5c17795
0e09cc28eebe1073d1e91f75aa1767045b8218abd96efafee82c87a5f5dedf23
GET /data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 22:44:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 465
Connection: keep-alive
X-Cache-Key: /data/2.5/weather?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 66896ba938dfa68dd4e8c06adcab0de2
963fc933e736cabb28c0dbdf548f6f36a3625d05
c3c9ab5ed8b02c7272c848055d2077326f507ef6830e8d0fcd4b75da8062c2b4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:56 GMT
Last-Modified: Thu, 06 Oct 2022 21:46:40 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Ykr88fxi-856_iuzfQ-8vbZkSU3P45Jyb-vLyUGN4FY8XyyzAS6d7w==
Age: 3496
dap2y8k6nefku.cloudfront.net/js/term_mappings.json
200 OK 163 kB URL HTTP/2 dap2y8k6nefku.cloudfront.net/js/term_mappings.json
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 163 kB (163302 bytes)
Hash ad5616114dc91d3881715e52566797b3
312f6d64483c845bafcf351900fc693edede7844
ac1495485cd9445d294d444b352b4c109f5f0e341e92e6451b0853a6759e5948
GET /js/term_mappings.json HTTP/1.1
Host: dap2y8k6nefku.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 163302
date: Thu, 06 Oct 2022 00:46:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 30 Apr 2021 12:58:49 GMT
etag: "ad5616114dc91d3881715e52566797b3"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X2k7IV3-kT2OTJbhM3afi9WQTVDDILNn14VTqMcXMznzNqGL4iEckA==
age: 79122
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
200 OK 62 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9e9197b21204c6327e31224ed2f59991
9655a0e560bbe855d9cf06394be1226197a4f931
5095ef3bb51b16b056a39f711ab86505bbd7d9abd0882c0417b333328d8b5c5b
GET /AdServer/js/pwt/160835/4933/pwt.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 08 Jul 2022 20:07:19 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: application/javascript
content-length: 62062
cache-control: max-age=160120
expires: Sat, 08 Oct 2022 19:13:36 GMT
date: Thu, 06 Oct 2022 22:44:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2634
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Last-Modified: Thu, 06 Oct 2022 22:01:02 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
d3ff8olul1r3ot.cloudfront.net/email.png
200 OK 22 kB URL HTTP/2 d3ff8olul1r3ot.cloudfront.net/email.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash bc1358a45bd24711cb0f3829f3a82de9
64983a7920541e68a439ac7c9f32f7921f052e89
91b363d9176e930a04aece4274f06f03722c8aa4513df97132cf1340f76402cf
GET /email.png HTTP/1.1
Host: d3ff8olul1r3ot.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 22346
date: Thu, 06 Oct 2022 07:30:15 GMT
last-modified: Thu, 05 Apr 2018 19:17:35 GMT
etag: "bc1358a45bd24711cb0f3829f3a82de9"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pLjjKQ4j_bjQ7Y2POC0QWXPfa9z51m_QsALvkbsweQxiRrVrIJpplA==
age: 54882
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 06 Oct 2022 22:41:09 GMT
expires: Fri, 07 Oct 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 227
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /XGPQjjTNRyVaamAjl3OD+Dc3PNmLCcbe/dEpnShz6cJTw6tt/zRpKn3RkjD577Pa8X34li9oP97ny2sSugZwQ==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Thu, 06 Oct 2022 22:44:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Oct 2022 22:44:56 GMT
expires: Thu, 06 Oct 2022 22:44:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash ecc594c8ad8a58175abca6f74592cad0
bc3eb5409877f214ca5d45c39d39754fd80997ae
4376e30946f541ed958cbbff449d18b6acb24608aa48fa078440cb99291dc7d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2634
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Last-Modified: Thu, 06 Oct 2022 22:01:02 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
api.openweathermap.org/data/2.5/forecast?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
200 OK 16 kB URL HTTP/1.1 api.openweathermap.org/data/2.5/forecast?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (15787), with no line terminators
Hash cf9677c3f1944e894816d2a06149afc3
c11632536d220122b55b5cb262ee40ea82e1ec91
5d1f4a5f8cfed5af3fc2058c0fe1915baa2fa530dc95e267f385dcb1fce28af8
GET /data/2.5/forecast?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 22:44:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 15787
Connection: keep-alive
X-Cache-Key: /data/2.5/forecast?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
dailyfeature.net/dailyfeature/df?url=hemailloginnow.com&uc=20180706&cid=app@EmailLoginNow&purpose=hp&type=internal
200 OK 760 B URL HTTP/1.1 dailyfeature.net/dailyfeature/df?url=hemailloginnow.com&uc=20180706&cid=app@EmailLoginNow&purpose=hp&type=internal
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1587012799476da40e53b6e2ab1d782b
8cc17cf3a77c924a2b78cb0b0e677d937666b075
5b2883c38d9690104017ff600bdcad9c29199de5b08c058915c63fc176c8bc33
GET /dailyfeature/df?url=hemailloginnow.com&uc=20180706&cid=app@EmailLoginNow&purpose=hp&type=internal HTTP/1.1
Host: dailyfeature.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 06 Oct 2022 22:44:58 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 760
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 87465c15992fe10c24c62a185f8c171d
fa938b624d06d1e2927c8eda6a44b2a32d930f59
239ef7fe5df8c396d96a928c20d66c842a5ec3e9ff71a3cd7c0068906fc3e537
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
results.hemailloginnow.com/favicon.ico
200 OK 472 B URL HTTP/1.1 results.hemailloginnow.com/favicon.ico
IP
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
GET /favicon.ico HTTP/1.1
Host: results.hemailloginnow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/?uc=20180706&ap=appfocus1&source=d-ccc2-lp0-bb8-sbe&uid=8f1e6901-5b8e-4089-8222-68d5dc842abd&i_id=email_1&page=newtab
Cookie: user_id=8f1e6901-5b8e-4089-8222-68d5dc842abd; nts=t; noact_v2=true; _gcl_au=1.1.979873120.1665096297
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Type: image/x-icon
Date: Thu, 06 Oct 2022 22:44:54 GMT
ETag: "342c678ef699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:06 GMT
X-Content-Type-Options: nosniff
Content-Length: 112173
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1665096296915&cv=9&fst=1665096296915&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&auid=979873120.1665096297&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1665096296915&cv=9&fst=1665096296915&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&auid=979873120.1665096297&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2660), with no line terminators
Hash 04437601d07f4d06c78ef76b0d78ca00
85e8c211745ddaaaf0bb867fd0c8dfb514d48945
9d99400658b8f4885d99297473530006a90ca7c65579cf4ecb6319c19b3bc801
GET /pagead/viewthroughconversion/713545727/?random=1665096296915&cv=9&fst=1665096296915&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&auid=979873120.1665096297&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:44:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1166
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 06-Oct-2022 22:59:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1665096296913&cv=9&fst=1665096296913&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&auid=979873120.1665096297&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/713545727/?random=1665096296913&cv=9&fst=1665096296913&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&auid=979873120.1665096297&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2536), with no line terminators
Hash 5cbf464a316cfe92913951b598a530de
bbcad6e0aaa2367a6e458fcbf9dd156a3947affd
787cb86d4b4ff31d7304ba7e08973166967d03ecf3b21802f700530f8ab0d821
GET /pagead/viewthroughconversion/713545727/?random=1665096296913&cv=9&fst=1665096296913&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&auid=979873120.1665096297&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:44:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1132
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 06-Oct-2022 22:59:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.openweathermap.org/data/2.5/forecast/daily?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
200 OK 2.8 kB URL HTTP/1.1 api.openweathermap.org/data/2.5/forecast/daily?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial
IP
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (2793), with no line terminators
Hash fe6d003735c5fb4b11ea95819909134e
d6832aa260cae07a6bd708307ffb5c579ba86c18
3f4cec62d9953a4f64a0e1636141e269d49c49887093ffd92f2775afb7146c75
GET /data/2.5/forecast/daily?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1
Host: api.openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2793
Connection: keep-alive
X-Cache-Key: /data/2.5/forecast/daily?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4c61c34f1f9a1c98ee06a0afa116b1c2
be05e9c6460f7192be116bc2e3b07f730a2d1d49
ab983eacf132b0581dd2e3b7a23a34a1d176606bdc1c1b70dd3848aebf29d920
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:57 GMT
Last-Modified: Thu, 06 Oct 2022 22:11:41 GMT
Server: ECS (nyb/1D24)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: z8VY-9xQX4wtzy2VYK-AAuHI6zHCN1ObkzAiEdHCweatx-OBV_MEDQ==
Age: 1996
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 4c61c34f1f9a1c98ee06a0afa116b1c2
be05e9c6460f7192be116bc2e3b07f730a2d1d49
ab983eacf132b0581dd2e3b7a23a34a1d176606bdc1c1b70dd3848aebf29d920
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:57 GMT
Last-Modified: Thu, 06 Oct 2022 22:41:01 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mVErUk1FxLfw5xrWGm2aLTC3ud93aK4LJaXTDjtUmu70_AJxF3YtrQ==
Age: 236
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-219278292-1&cid=998851958.1665096297&jid=611350121&gjid=94353508&_gid=596470590.1665096297&_u=YEDAAUABAAAAACAAI~&z=492661858
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-219278292-1&cid=998851958.1665096297&jid=611350121&gjid=94353508&_gid=596470590.1665096297&_u=YEDAAUABAAAAACAAI~&z=492661858
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-219278292-1&cid=998851958.1665096297&jid=611350121&gjid=94353508&_gid=596470590.1665096297&_u=YEDAAUABAAAAACAAI~&z=492661858 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://results.hemailloginnow.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 22:44:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178002442-1&cid=998851958.1665096297&jid=1229342295&gjid=1709368474&_gid=596470590.1665096297&_u=YEBAAUAAAAAAACAAI~&z=1224022162
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178002442-1&cid=998851958.1665096297&jid=1229342295&gjid=1709368474&_gid=596470590.1665096297&_u=YEBAAUAAAAAAACAAI~&z=1224022162
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178002442-1&cid=998851958.1665096297&jid=1229342295&gjid=1709368474&_gid=596470590.1665096297&_u=YEBAAUAAAAAAACAAI~&z=1224022162 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://results.hemailloginnow.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 22:44:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/713545727/?random=1665096296915&cv=9&fst=1665093600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&async=1&fmt=3&is_vtc=1&random=343582107&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/713545727/?random=1665096296915&cv=9&fst=1665093600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&async=1&fmt=3&is_vtc=1&random=343582107&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/713545727/?random=1665096296915&cv=9&fst=1665093600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&async=1&fmt=3&is_vtc=1&random=343582107&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:44:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/713545727/?random=1665096296913&cv=9&fst=1665093600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&async=1&fmt=3&is_vtc=1&random=184124479&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/713545727/?random=1665096296913&cv=9&fst=1665093600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&async=1&fmt=3&is_vtc=1&random=184124479&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/713545727/?random=1665096296913&cv=9&fst=1665093600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaa50&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&tiba=Email%20Login%20Now&async=1&fmt=3&is_vtc=1&random=184124479&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 22:44:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
openweathermap.org/img/wn/01n@2x.png
200 OK 945 B URL HTTP/1.1 openweathermap.org/img/wn/01n@2x.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash fb82c56f21511270701f0f68741618eb
5b9dd5c7734d65e68e5467f34daa5d39a6dcdfdd
7bd4657936b44fb4e8f568b6c09fbdc1a7936df1ceb1407fc46c24c7ef3d7848
GET /img/wn/01n@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Type: image/png
Content-Length: 945
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-3b1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Thu, 13 Oct 2022 22:44:57 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
openweathermap.org/img/wn/04n@2x.png
200 OK 1.9 kB URL HTTP/1.1 openweathermap.org/img/wn/04n@2x.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f2aafb2dc3b9d387d58567acfe3ffa5
76bfa452fe904c4acdd0f6563614d5051ee5f142
5b93d1d05564bfdedf759cd96adff916da7b9af18fb30064f5a99a5270d599f0
GET /img/wn/04n@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Type: image/png
Content-Length: 1869
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-74d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Thu, 13 Oct 2022 22:44:57 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
openweathermap.org/img/wn/04d@2x.png
200 OK 1.9 kB URL HTTP/1.1 openweathermap.org/img/wn/04d@2x.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f2aafb2dc3b9d387d58567acfe3ffa5
76bfa452fe904c4acdd0f6563614d5051ee5f142
5b93d1d05564bfdedf759cd96adff916da7b9af18fb30064f5a99a5270d599f0
GET /img/wn/04d@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Type: image/png
Content-Length: 1869
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-74d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Thu, 13 Oct 2022 22:44:57 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
openweathermap.org/img/wn/01d@2x.png
200 OK 948 B URL HTTP/1.1 openweathermap.org/img/wn/01d@2x.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 05e38c599f10a0306d7014d43ada886d
7591e549db3bc54f959c0d431fb3374135dd1a30
4d97d68ba45f75d6f63fea2575659c8d48ae087894f58adce61cab400845dba2
GET /img/wn/01d@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Type: image/png
Content-Length: 948
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-3b4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Thu, 13 Oct 2022 22:44:57 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
openweathermap.org/img/wn/03n@2x.png
200 OK 837 B URL HTTP/1.1 openweathermap.org/img/wn/03n@2x.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d3c430e1aa80cf67b11cf4d8d451eefb
3253f5b16fd282e1b36645b9c89644f05fb8ac91
d67ed35d7dbf10d139bf85b2632fffaaa2e338177d56f0240bce6d3a401ba9f0
GET /img/wn/03n@2x.png HTTP/1.1
Host: openweathermap.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.9.7.1
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Type: image/png
Content-Length: 837
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-345"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Thu, 13 Oct 2022 22:44:57 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10494
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 22:44:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10494
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 22:44:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10494
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 22:44:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10494
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 22:44:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:01:58 GMT
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
age: 2579
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg
200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1a9bad9942d25ecf711a6b2e137a270
1ac4d5e32010b78b9599d7db12c64a4f11f75c32
a4e8eb30784a461fbac9df587eb8b06c84f827d8ef6cfe5d302d45f0cbb5e3ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8325
x-amzn-requestid: c190f0ac-92e7-4d58-b70d-06c6986292c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmihDHP_oAMFc9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ad3-11f93f222ee59f8c61feb974;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Q2Tmr5IEgSZ13V6JCFu75ypdw2faw01Y7FSMZX-xp5rmmLmuuuuotw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:38:27 GMT
age: 3990
etag: "1ac4d5e32010b78b9599d7db12c64a4f11f75c32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iClOZEPMiFmpeprT8McJ2HI0dCmyxkhEdfYr0qP0YK3U_Pcd9N0Fhg==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 11:10:12 GMT
age: 41685
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccc2005-2e35-42eb-8f79-f2155e9eb404.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccc2005-2e35-42eb-8f79-f2155e9eb404.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0611d96a8a76ee2b104a70372860f979
579dea2edcf3f3fa3e18530d1f254132589a2f6b
70996e9eb0aac2a5befff12fd63c57c5120f59e061af60b60c975694307a6be3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccc2005-2e35-42eb-8f79-f2155e9eb404.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8050
x-amzn-requestid: 7332406c-4a06-4c0d-a4c3-d59e089b511d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJw3jHaooAMF6bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333c830-4513d4852dc064a812c23cea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 04:06:08 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ytF_TxhiRg0wYUJod7-t0FEv_p7EkIXJNe2rygTGxW6TnebbTy8DCw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:02 GMT
age: 2215
etag: "579dea2edcf3f3fa3e18530d1f254132589a2f6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17df62c3e2ed48ba9c788f5e1b3b702f
854c326016059d67fae42cc34905d0feb58cb6fc
d0bee7a7e629f6594a79bad563bb91c71a17768c2f347fd4a366f7f0daf94fda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2da6f7a-675a-45e2-af30-4afd851d825d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: ed2a2dca-5367-42c1-b982-07a39762063e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmigWFvGIAMF9CQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ace-6fabb7845e4d04613897a866;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GFxAiO1AQfV1-pVy0NBmc9VoQoxBuBeOWsbPkVpOuT06D8Tw_YuZfA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:09 GMT
etag: "854c326016059d67fae42cc34905d0feb58cb6fc"
content-type: image/jpeg
age: 2208
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54e5cb120b19e849a196a1ead868e4c4
15e26ce930dc747f058810837c47a4728efe0b75
a95640f974032f37a613af7648bd83697c72bb4ddf4a459e1393f7c9e8f926c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc902aef-d39a-4522-af06-32745f1f98f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6662
x-amzn-requestid: ea908895-144e-4211-8363-b721f2e4490a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmi9BFvFoAMF89A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b86-1514f8460877c8c31b7136f9;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:41:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Treo-1cuzxPXE9k1k8y0DLbXX-i5wMV_Gxff-RWkWZ8ZXdUyXqigLA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "15e26ce930dc747f058810837c47a4728efe0b75"
content-type: image/jpeg
age: 3639
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 97cb0e2dd3edce2e62a78e9139f9275d
afbba1a59032c6c2625caca7a05f3b9cb9a5eb0e
ad2a8d98570a21f95d763a53a2421818144fd8706da7be06a657d8d111b6d467
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:57 GMT
Last-Modified: Thu, 06 Oct 2022 21:31:50 GMT
Server: ECS (dcb/7F82)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: i_hauGmVNBJq7jRLBihAAUjl7zKH7vZbJXQeh_-9VvO3B_kgllXmnw==
Age: 4387
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 17b2a3d954e4e89f548ecaa579973a5c
29c540e1aad45cc556f22a076b9965aba32a58c2
e2f663cc2c6927a80b054df65951c9408322e078a7ac51fee48a3720e2502c5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:57 GMT
Last-Modified: Thu, 06 Oct 2022 21:07:12 GMT
Server: ECS (nyb/1D33)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: eH_3d0jmGM3q1L4B0r4Kkd9uE0jfFZ6Hky1odn586ORdSN-zX55wvg==
Age: 5865
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 17b2a3d954e4e89f548ecaa579973a5c
29c540e1aad45cc556f22a076b9965aba32a58c2
e2f663cc2c6927a80b054df65951c9408322e078a7ac51fee48a3720e2502c5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:57 GMT
Last-Modified: Thu, 06 Oct 2022 21:51:37 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yK_wk04UrjK3Rd4K1pk9Qe6Jcrlafcv9w-ooIWoXbAJzS_0cw015Jw==
Age: 3201
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 17b2a3d954e4e89f548ecaa579973a5c
29c540e1aad45cc556f22a076b9965aba32a58c2
e2f663cc2c6927a80b054df65951c9408322e078a7ac51fee48a3720e2502c5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:57 GMT
Last-Modified: Thu, 06 Oct 2022 21:11:32 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WTPyInZ-3iocu9rpo193EJYIVZxsTisWaBS_JxKMZyjKNWRkYLcY8w==
Age: 5605
yeet.revcontent.com/yeet/events/api-errors
200 OK 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/api-errors
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /yeet/events/api-errors HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 1
imp.onesearch.org/impression.do?event=push_modal_shown&page=results.hemailloginnow.com&source=d-ccc2-lp0-bb8-sbe&subid=20180706&i_id=email_
503 Service Unavailable 162 B URL HTTP/2 imp.onesearch.org/impression.do?event=push_modal_shown&page=results.hemailloginnow.com&source=d-ccc2-lp0-bb8-sbe&subid=20180706&i_id=email_
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 81df4d3863debf3eceb5cf84251fd472
4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
GET /impression.do?event=push_modal_shown&page=results.hemailloginnow.com&source=d-ccc2-lp0-bb8-sbe&subid=20180706&i_id=email_ HTTP/1.1
Host: imp.onesearch.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: awselb/2.0
date: Thu, 06 Oct 2022 22:44:57 GMT
content-type: text/html
content-length: 162
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 17b2a3d954e4e89f548ecaa579973a5c
29c540e1aad45cc556f22a076b9965aba32a58c2
e2f663cc2c6927a80b054df65951c9408322e078a7ac51fee48a3720e2502c5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 22:44:57 GMT
Last-Modified: Thu, 06 Oct 2022 21:36:42 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8P2D3nzWZyROeYl205pLwUKbk1A-Y8QuDtS--eo2EuZ4_QUhd7M-wg==
Age: 4096
www.facebook.com/tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&rl=&if=false&ts=1665096297640&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665096297640.584836869&it=1665096296905&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&rl=&if=false&ts=1665096297640&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665096297640.584836869&it=1665096296905&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&rl=&if=false&ts=1665096297640&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665096297640.584836869&it=1665096296905&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 06 Oct 2022 22:44:57 GMT
X-Firefox-Spdy: h2
yeet.revcontent.com/yeet/events/api-errors
204 No Content 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/api-errors
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /yeet/events/api-errors HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Content-Type: application/json
Origin: https://results.hemailloginnow.com
Content-Length: 293
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 06 Oct 2022 22:44:57 GMT
Connection: keep-alive
access-control-allow-origin: *
vary: Origin
x-envoy-upstream-service-time: 1
yeet.revcontent.com/yeet/events/api-errors
200 OK 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/api-errors
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /yeet/events/api-errors HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 22:44:57 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 1
trends.revcontent.com/api/delivery/?is_blocked=undefined&w=137745&width=1280&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&icr_url=&va=0&user_uuid=undefined&time=1665096297113&up=pc&bn=firefox&bv=96&widget_width=700&style_id=0&idhub[pubcid]=f98aed87-5027-47cd-9d34-73c95ccc2777
200 OK 8.7 kB URL HTTP/2 trends.revcontent.com/api/delivery/?is_blocked=undefined&w=137745&width=1280&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&icr_url=&va=0&user_uuid=undefined&time=1665096297113&up=pc&bn=firefox&bv=96&widget_width=700&style_id=0&idhub[pubcid]=f98aed87-5027-47cd-9d34-73c95ccc2777
IP
File type JSON data\012- , ASCII text, with very long lines (20944), with no line terminators
Hash 4e072c5f8107151858271c20417eea5b
354cfa7fe10f46ceaedb8288022f144f48ee97fc
af4a00e2a98df2c3576250c7eb0fc9dfeff2a17b1b844c5485d68ac0510fcc71
GET /api/delivery/?is_blocked=undefined&w=137745&width=1280&rev_allow_cookies=undefined&site_url=https%3A%2F%2Fresults.hemailloginnow.com%2F%3Fuc%3D20180706%26ap%3Dappfocus1%26source%3Dd-ccc2-lp0-bb8-sbe%26uid%3D8f1e6901-5b8e-4089-8222-68d5dc842abd%26i_id%3Demail_1%26page%3Dnewtab&icr_url=&va=0&user_uuid=undefined&time=1665096297113&up=pc&bn=firefox&bv=96&widget_width=700&style_id=0&idhub[pubcid]=f98aed87-5027-47cd-9d34-73c95ccc2777 HTTP/1.1
Host: trends.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:57 GMT
content-type: text/html; charset=UTF-8
content-length: 8658
server: Apache/2.4.38 (Debian)
access-control-allow-credentials: true
access-control-allow-origin: *
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=931536000; includeSubDomains
X-Firefox-Spdy: h2
yeet.revcontent.com/yeet/events/api-errors
204 No Content 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/api-errors
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /yeet/events/api-errors HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Content-Type: application/json
Origin: https://results.hemailloginnow.com
Content-Length: 295
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 06 Oct 2022 22:44:57 GMT
Connection: keep-alive
access-control-allow-origin: *
vary: Origin
x-envoy-upstream-service-time: 0
trends.revcontent.com/event/impression
204 No Content 0 B URL HTTP/2 trends.revcontent.com/event/impression
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event/impression HTTP/1.1
Host: trends.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://results.hemailloginnow.com
Content-Length: 2443
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 22:44:57 GMT
server: Grizzly/2.4.4
access-control-allow-origin: https://results.hemailloginnow.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains
X-Firefox-Spdy: h2
assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
200 OK 7.0 kB URL HTTP/2 assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
IP
File type ASCII text, with very long lines (23181)
Hash 592d8cea88717e0cfd53ab92c37315b6
a29a52321ef212d0fc10e7b16eefa87712c4ffba
10ebf39b42cca90fed641281902cb87eef44a3ec89dadcc0c0ef25c811f30418
GET /master/defaultWidget~feedWidget.delivery.js HTTP/1.1
Host: assets.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:57 GMT
content-encoding: gzip
content-length: 7035
content-type: application/x-javascript
last-modified: Tue, 04 Oct 2022 17:48:30 GMT
accept-ranges: bytes
x-amz-id-2: WR2Oe0NkgiMmqZFpNUb96S52+Zq89D59YbT86maK3JY0w5EymAJ07dJ8H0lKGB21bJlQkRfmH0I=
x-amz-request-id: 8W6M0WBAWG8A9A0J
etag: "351385d31fb2e83e9d7a3840a2818b72"
cache-control: public,max-age=60
server: AmazonS3
x-hw: 1665096297.cds256.sk1.hn,1665096297.cds247.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.revcontent.com/master/commonModal.delivery.js
200 OK 1.7 kB URL HTTP/2 assets.revcontent.com/master/commonModal.delivery.js
IP
File type ASCII text, with very long lines (3463)
Hash cf217d656f2788770542ec9a2404e92a
7d0829bd80217b0d2b77fc5b816bdf9ab60ee564
33805881ae19e8cbbfa50223f20cceac9e3cce7b531325cd4bed56d91a68017d
GET /master/commonModal.delivery.js HTTP/1.1
Host: assets.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:57 GMT
content-encoding: gzip
content-length: 1662
content-type: application/x-javascript
last-modified: Tue, 04 Oct 2022 17:48:28 GMT
accept-ranges: bytes
x-amz-id-2: zVlPtjJFG1HhDd0zcTu/qIvOuhp3GRFsd0JGH8ds91o4mzie4UA7LaLWAPnLlcjE3vVPUouWGMA=
x-amz-request-id: 9VZ4RJH7CNZ93WXP
etag: "31b911a57f4f1286ef1e738a4a981ab7"
cache-control: public,max-age=60
server: AmazonS3
x-hw: 1665096297.cds256.sk1.hn,1665096297.cds245.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.revcontent.com/master/defaultWidget.delivery.js
200 OK 6.2 kB URL HTTP/2 assets.revcontent.com/master/defaultWidget.delivery.js
IP
File type ASCII text, with very long lines (17205)
Hash 01a4ff099daabf9eef8207d1b78b543e
dda09f73986fa0a3a417e36dbaf9976d48c9f74f
f4256683657325885bb3aaaf3fd2a6bcddef4cf019ef839ea52a69adb1d3ab53
GET /master/defaultWidget.delivery.js HTTP/1.1
Host: assets.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:57 GMT
content-encoding: gzip
content-length: 6207
content-type: application/x-javascript
last-modified: Tue, 04 Oct 2022 17:48:28 GMT
accept-ranges: bytes
x-amz-id-2: /K/LRuHuH6mnm4iL2+6Cmu+0d6ikX2SuVjlLzZXP7EUk0XxXSQ13Zot+IScIPPygk4hUEiidwLc=
x-amz-request-id: 8W6SRDXVAVEJKJ4B
etag: "34d477546dbfca7a957b80c00dfd7ecd"
cache-control: public,max-age=60
server: AmazonS3
x-hw: 1665096297.cds256.sk1.hn,1665096297.cds228.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
200 OK 1.4 kB URL HTTP/2 img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
IP
File type PNG image data, 64 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 624cba89d4a9bbe9c882fdbe4c11621d
a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
GET /?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true HTTP/1.1
Host: img.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:57 GMT
etag: "1654183362"
cache-control: max-age=31536000
content-length: 1351
content-type: image/png
last-modified: Thu, 02 Jun 2022 15:22:42 GMT
accept-ranges: bytes
x-hw: 1665096297.cds023.sk1.hn,1665096297.cds242.sk1.c
X-Firefox-Spdy: h2
cdn.revcontent.com/assets/img/rc-logo.png
200 OK 2.1 kB URL HTTP/2 cdn.revcontent.com/assets/img/rc-logo.png
IP
File type PNG image data, 250 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash 4405c6e8202f91988ee39d113f8fb197
7915a09abe40508407ddcca88050b43c0e570bc1
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
GET /assets/img/rc-logo.png HTTP/1.1
Host: cdn.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:57 GMT
etag: "1664898860"
cache-control: max-age=37968
content-length: 2091
content-type: image/png
last-modified: Tue, 04 Oct 2022 15:54:20 GMT
accept-ranges: bytes
x-hw: 1665096297.cds241.sk1.hn,1665096297.cds204.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/602e2ca2badd89-69137814.jpg
200 OK 7.9 kB URL HTTP/2 images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/602e2ca2badd89-69137814.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 225x150, components 3\012- data
Hash 92108780e3be82eac1bee5b33f1c2352
efcbda357f453d13ccd6889d7cbe4dd0ab204211
fe7f991069d9edb8fa5f8515c6611044a81550bccc1e726ea3511f31c8e7de36
GET /revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/602e2ca2badd89-69137814.jpg HTTP/1.1
Host: images.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:58 GMT
content-length: 7887
content-type: image/jpeg
last-modified: Thu, 11 Nov 2021 18:30:39 GMT
accept-ranges: bytes
etag: "92108780e3be82eac1bee5b33f1c2352"
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2022-10-06T21:56:35.006Z;desc=hit,rtt;dur=0
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
vary: Save-Data
x-hw: 1665096298.cds214.sk1.hn,1665096298.cds213.sk1.c
X-Firefox-Spdy: h2
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/611275ce23dd88-07971041.jpg
200 OK 7.2 kB URL HTTP/2 images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/611275ce23dd88-07971041.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 225x150, components 3\012- data
Hash fe74ad96af5b955428e1f435ee6c1482
b9f93bfe61f0a8486f00bc58c766f6c34562185d
43083889d378072e36a3960d1f478574f9217e0441a2b393ba48f72c23c09bcc
GET /revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/611275ce23dd88-07971041.jpg HTTP/1.1
Host: images.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:58 GMT
content-length: 7222
content-type: image/jpeg
last-modified: Thu, 11 Nov 2021 17:39:22 GMT
accept-ranges: bytes
etag: "fe74ad96af5b955428e1f435ee6c1482"
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2022-10-06T21:13:37.997Z;desc=hit,rtt;dur=1
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
vary: Save-Data
x-hw: 1665096298.cds214.sk1.hn,1665096298.cds255.sk1.c
X-Firefox-Spdy: h2
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5ebbc1e059ec86-17679074.jpg
200 OK 8.8 kB URL HTTP/2 images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5ebbc1e059ec86-17679074.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 225x150, components 3\012- data
Hash 62cf360251fc102a242af3d3112ff070
623fcdfaf778bdad34dceb45484ab9a2b7da3034
505bc6b0ba130464e9357ba95257a805b7a02ed7a73580b9c0a0da368406d933
GET /revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/5ebbc1e059ec86-17679074.jpg HTTP/1.1
Host: images.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:58 GMT
content-length: 8757
content-type: image/jpeg
last-modified: Thu, 11 Nov 2021 17:39:18 GMT
accept-ranges: bytes
etag: "62cf360251fc102a242af3d3112ff070"
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2022-04-05T11:15:27.424Z;desc=hit,rtt;dur=0
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
vary: Save-Data
x-hw: 1665096298.cds214.sk1.hn,1665096298.cds244.sk1.c
X-Firefox-Spdy: h2
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/9955ebc35862110f040d95fd5464fb28.jpeg
200 OK 11 kB URL HTTP/2 images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/9955ebc35862110f040d95fd5464fb28.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 225x150, components 3\012- data
Hash b3d07e692e13cea3c776161f2559650f
ba512c56b309b71cccd9f7ca826ec1ba4555cbc8
8dc01285a0ea92c4e0e919c19828d34b84f5682492f2e1406805b4cfd9f515f7
GET /revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/9955ebc35862110f040d95fd5464fb28.jpeg HTTP/1.1
Host: images.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:58 GMT
content-length: 10571
content-type: image/jpeg
last-modified: Thu, 11 Nov 2021 17:39:17 GMT
accept-ranges: bytes
etag: "b3d07e692e13cea3c776161f2559650f"
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=172;cpu=0;start=2022-07-25T21:40:04.982Z;desc=miss,rtt;dur=1,cloudinary;dur=69;start=2022-07-25T21:40:05.031Z
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
vary: Save-Data
x-hw: 1665096298.cds214.sk1.hn,1665096298.cds252.sk1.c
X-Firefox-Spdy: h2
yeet.revcontent.com/yeet/events/page-view
200 OK 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/page-view
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /yeet/events/page-view HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 22:44:58 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
yeet.revcontent.com/yeet/events/widget-loaded
200 OK 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/widget-loaded
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /yeet/events/widget-loaded HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 06 Oct 2022 22:44:58 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 1
yeet.revcontent.com/yeet/events/page-view
204 No Content 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/page-view
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /yeet/events/page-view HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Content-Type: application/json
Origin: https://results.hemailloginnow.com
Content-Length: 284
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 06 Oct 2022 22:44:58 GMT
Connection: keep-alive
access-control-allow-origin: *
vary: Origin
x-envoy-upstream-service-time: 2
yeet.revcontent.com/yeet/events/widget-loaded
204 No Content 0 B URL HTTP/1.1 yeet.revcontent.com/yeet/events/widget-loaded
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /yeet/events/widget-loaded HTTP/1.1
Host: yeet.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Content-Type: application/json
Origin: https://results.hemailloginnow.com
Content-Length: 311
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: openresty
Date: Thu, 06 Oct 2022 22:44:58 GMT
Connection: keep-alive
access-control-allow-origin: *
vary: Origin
x-envoy-upstream-service-time: 2
trends.revcontent.com/event/view
204 No Content 0 B URL HTTP/2 trends.revcontent.com/event/view
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event/view HTTP/1.1
Host: trends.revcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hemailloginnow.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://results.hemailloginnow.com
Content-Length: 2234
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 06 Oct 2022 22:44:58 GMT
server: Grizzly/2.4.4
access-control-allow-origin: https://results.hemailloginnow.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 75fa992cdd38422c02becf97f2fba44c
32ae97abe59ccfa477e58fb92830a4f87210c005
54f3984974bc5bd26ca6333d2631f0830c3da42fc3ceca1a20df8ea384268322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:58 GMT
Last-Modified: Thu, 06 Oct 2022 22:03:25 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
200 OK 313 B IP
Hash 75fa992cdd38422c02becf97f2fba44c
32ae97abe59ccfa477e58fb92830a4f87210c005
54f3984974bc5bd26ca6333d2631f0830c3da42fc3ceca1a20df8ea384268322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 22:44:58 GMT
Last-Modified: Thu, 06 Oct 2022 22:03:25 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 2217e05128418b49ae8206ded831a52a
7c333d8e6468ea99ddb8efa577f023d84fe97ae3
c68b94fff511fda5588a1ccfdfc87e26d0085b191578e76723568a1037897725
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 22:44:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 10 Oct 2022 19:19:51 GMT
ETag: "7c333d8e6468ea99ddb8efa577f023d84fe97ae3"
Last-Modified: Thu, 06 Oct 2022 19:19:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 600
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7561ecbcbd460b59-OSL
match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 390b073dfacd422627d0244a800b4e8e
4781c4d265be4d70a442ec9f1f333afc42dd737d
ffa8d1dfc114096606426daee246d16f2bfda9fe6606bab2807f9c5996e89ba6
GET /track/rid?ttd_pid=pubmatic&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:59 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Sat, 05 Nov 2022 22:44:59 GMT
vary: Origin
access-control-allow-origin: https://results.hemailloginnow.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 1fb90d8bc6f966d9d065425a8953375c
31bb6460259fc76f0bf08e26dcf0905c6cdb29ae
71d42216e89ff3fea31404aef0be7d8c58592b23d9ec651dda6d58d6daf6ac9b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 06 Oct 2022 22:44:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 22:31:08 GMT
Expires: Fri, 07 Oct 2022 22:31:08 GMT
ETag: "31bb6460259fc76f0bf08e26dcf0905c6cdb29ae"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sectigo.com/
200 OK 471 B IP
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 22:44:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=485273,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7561ecbc68a8b512-OSL
id.crwdcntrl.net/id
200 OK 63 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 429dc488434ca2c88e80b164b92a19e8
d58f3a8dce8886458ce9ffc87552030131b78f47
8bfe4249457fefaf0259cb1e9b02a0dfa1c13d6fa0393b553673264efffa186b
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:59 GMT
content-type: application/json;charset=utf-8
content-length: 63
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.24.71
access-control-allow-credentials: true
access-control-allow-origin: https://results.hemailloginnow.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
api.rlcdn.com/api/identity/envelope?pid=13781
401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=13781
IP
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=13781 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Thu, 06 Oct 2022 22:44:59 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash da760bd41ef8ff9370254bfa22f58538
d2913d670acf488ba2460758095e8238c1d47966
92af768a29358479e72788fbbb20cfd27aad26588b07a3218968710da11a2d37
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 22:44:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 13:42:54 GMT
Expires: Wed, 12 Oct 2022 13:42:53 GMT
Etag: "d2913d670acf488ba2460758095e8238c1d47966"
Cache-Control: max-age=485273,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7561ecbe2a01b512-OSL
cdn.onesignal.com/sdks/OneSignalSDK.js
200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:55 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 515
expires: Sun, 09 Oct 2022 22:44:55 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7561eca96cd20b55-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
IP
GET /css?family=Open+Sans:400,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 22:44:55 GMT
date: Thu, 06 Oct 2022 22:44:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresults.hemailloginnow.com%2F&domain=results.hemailloginnow.com&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresults.hemailloginnow.com%2F&domain=results.hemailloginnow.com&cw=1&lsw=1
IP
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fresults.hemailloginnow.com%2F&domain=results.hemailloginnow.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://results.hemailloginnow.com/
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://results.hemailloginnow.com
server-processing-duration-in-ticks: 423160
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresults.hemailloginnow.com%2F&domain=results.hemailloginnow.com&cw=1&lsw=1
200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fresults.hemailloginnow.com%2F&domain=results.hemailloginnow.com&cw=1&lsw=1
IP
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fresults.hemailloginnow.com%2F&domain=results.hemailloginnow.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://results.hemailloginnow.com
Connection: keep-alive
Referer: https://results.hemailloginnow.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 06 Oct 2022 22:44:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://results.hemailloginnow.com
server-processing-duration-in-ticks: 679780
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
34.201.79.11
23.36.77.32
104.18.22.52
31.13.72.12
138.201.197.100
93.184.220.29
37.139.1.159
178.250.2.146
99.81.25.188