Overview

URL results.hloginnow.net/s?uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&uc=20180323&source=d-ccc3-lp0-bb9-sbe-ab&i_id=email_&ap=appfocus1
IP52.44.203.222
ASNAMAZON-AES
Location United States
Report completed2022-09-24 18:22:09 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-24 2 results.hloginnow.net/Scripts/WeatherHelper_v1.js Malware
2022-09-24 2 results.hloginnow.net/Scripts/Home/Shared/Base_v2.js Malware
2022-09-24 2 results.hloginnow.net/Scripts/NewScripts/AutoComplete_V4.js Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (34)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.google.no (2) 25607 2016-04-05 19:50:59 UTC 2022-09-24 10:22:16 UTC 142.250.74.3
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-24 13:42:18 UTC 142.250.74.164
mnemonic passive DNS stats.g.doubleclick.net (2) 96 2013-06-02 22:47:44 UTC 2022-09-24 04:24:09 UTC 64.233.162.155
mnemonic passive DNS cdn.onesignal.com (1) 3015 2015-04-22 13:41:50 UTC 2022-09-24 10:52:01 UTC 104.18.226.52
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-24 04:21:50 UTC 23.36.77.32
mnemonic passive DNS ocsp.sca1b.amazontrust.com (4) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-24 04:21:47 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-09-24 04:14:02 UTC 157.240.200.35
mnemonic passive DNS results.hloginnow.net (19) 0 2018-04-26 00:21:59 UTC 2022-09-24 09:26:01 UTC 34.195.178.228 Unknown ranking
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2022-09-24 12:29:46 UTC 93.184.220.29
mnemonic passive DNS dailyfeature.net (1) 115370 2019-10-11 11:35:33 UTC 2022-09-24 09:29:12 UTC 3.226.90.104
mnemonic passive DNS kit.fontawesome.com (1) 1868 2019-03-29 02:12:52 UTC 2022-09-24 07:08:07 UTC 104.18.23.52
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-24 10:11:12 UTC 142.250.74.174
mnemonic passive DNS d3ff8olul1r3ot.cloudfront.net (1) 0 2022-09-20 14:30:46 UTC 2022-09-24 09:29:22 UTC 54.230.245.94 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-24 04:21:50 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-24 04:22:23 UTC 34.117.237.239
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-24 04:22:33 UTC 142.250.74.72
mnemonic passive DNS ka-p.fontawesome.com (4) 4489 2019-12-16 20:35:53 UTC 2022-09-24 06:51:02 UTC 104.18.23.52
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-09-24 04:22:29 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-24 15:49:37 UTC 143.204.55.35
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-09-24 14:16:43 UTC 142.250.74.10
mnemonic passive DNS internal_banner.tiles.ampfeed.com (1) 0 2020-01-16 10:44:18 UTC 2022-09-22 20:41:58 UTC 104.110.26.15 Domain (ampfeed.com) ranked at: 27466
mnemonic passive DNS api.openweathermap.org (3) 10906 2013-05-15 05:33:51 UTC 2022-09-24 15:30:56 UTC 188.166.16.132
mnemonic passive DNS dap2y8k6nefku.cloudfront.net (5) 0 2021-11-03 05:48:53 UTC 2022-09-24 08:03:06 UTC 143.204.42.50 Unknown ranking
mnemonic passive DNS connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-09-24 04:21:59 UTC 157.240.200.14
mnemonic passive DNS via.placeholder.com (2) 26595 2021-04-12 05:15:36 UTC 2022-09-24 11:10:43 UTC 172.67.158.148
mnemonic passive DNS ocsp.pki.goog (16) 175 2017-06-14 07:23:31 UTC 2022-09-24 04:23:20 UTC 142.250.74.3
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-24 05:36:42 UTC 52.39.175.179
mnemonic passive DNS imp.onesearch.org (3) 104917 2018-09-24 19:14:48 UTC 2022-09-24 15:33:40 UTC 44.199.122.180
mnemonic passive DNS googleads.g.doubleclick.net (2) 42 2021-02-20 15:43:32 UTC 2022-09-24 12:12:36 UTC 216.58.207.194
mnemonic passive DNS openweathermap.org (6) 11937 2012-10-03 12:34:59 UTC 2022-09-24 10:08:49 UTC 138.201.197.100
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-24 04:26:56 UTC 143.204.55.35
mnemonic passive DNS internal_tiles.tiles.ampfeed.com (1) 0 2019-10-31 06:51:09 UTC 2022-09-22 20:41:58 UTC 104.110.26.15 Domain (ampfeed.com) ranked at: 27466
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-24 14:49:04 UTC 172.64.155.188


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 52.44.203.222

Date UQ / IDS / BL URL IP
2022-10-11 23:32:08 +0000
0 - 0 - 3 results.hloginnow.net/?uc=20180303&ap=appfocu (...) 52.44.203.222
2022-09-24 18:22:09 +0000
0 - 0 - 3 results.hloginnow.net/s?uid=82b44cbb-5af1-455 (...) 52.44.203.222

Last 5 reports on ASN: AMAZON-AES

Date UQ / IDS / BL URL IP
2022-11-30 03:58:02 +0000
0 - 0 - 1 doterra.is/ 34.239.22.13
2022-11-30 03:56:55 +0000
0 - 0 - 1 showlast.com/kaifa 34.205.242.146
2022-11-30 03:54:45 +0000
0 - 0 - 1 trendingbeauty.com/lff 52.71.57.184
2022-11-30 03:52:47 +0000
0 - 0 - 1 freejax.com/jdd 54.209.32.212
2022-11-30 03:50:20 +0000
0 - 0 - 1 123.indiancredits.com/document/3423580-de-va- (...) 3.94.41.167

Last 4 reports on domain: hloginnow.net

Date UQ / IDS / BL URL IP
2022-10-11 23:32:08 +0000
0 - 0 - 3 results.hloginnow.net/?uc=20180303&ap=appfocu (...) 52.44.203.222
2022-09-24 18:22:09 +0000
0 - 0 - 3 results.hloginnow.net/s?uid=82b44cbb-5af1-455 (...) 52.44.203.222
2022-09-19 22:44:37 +0000
0 - 0 - 3 results.hloginnow.net/?uc=20180701&ap=appfocu (...) 34.195.178.228
2022-09-10 18:06:02 +0000
0 - 0 - 3 results.hloginnow.net/?uc=20180225&ap=appfocu (...) 52.54.194.93

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-11 23:32:08 +0000
0 - 0 - 3 results.hloginnow.net/?uc=20180303&ap=appfocu (...) 52.44.203.222
2022-09-26 17:58:43 +0000
0 - 0 - 4 search.hemailaccessonline.com/?source=googled (...) 34.201.176.68
2022-09-22 20:42:08 +0000
0 - 0 - 4 search.hemailaccessonline.com/?source=googles (...) 50.16.65.99
2022-09-21 09:14:40 +0000
0 - 0 - 4 search.hemailaccessonline.com/?source=googles (...) 50.16.65.99
2022-09-19 22:44:37 +0000
0 - 0 - 3 results.hloginnow.net/?uc=20180701&ap=appfocu (...) 34.195.178.228


JavaScript

Executed Scripts (30)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (106)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 17:43:52 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _QOiX0CpeDrq245HN2bYT6B7eDVQD7zPS1Hyr1pqsshNjEJS3c4cGg==
Age: 2286


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET /s?uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&uc=20180323&source=d-ccc3-lp0-bb9-sbe-ab&i_id=email_&ap=appfocus1 HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.195.178.228
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Date: Sat, 24 Sep 2022 18:21:57 GMT
Location: /?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Set-Cookie: adprovider=appfocus1; domain=hloginnow.net; expires=Fri, 24-Sep-2032 18:21:57 GMT; path=/ uid=82b44cbb-5af1-4553-91dc-e80063e7ba46; domain=hloginnow.net; expires=Fri, 24-Sep-2032 18:21:57 GMT; path=/ iid=email_; domain=hloginnow.net; expires=Fri, 24-Sep-2032 18:21:57 GMT; path=/
X-Content-Type-Options: nosniff
Content-Length: 258
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   258
Md5:    6e2832b06a06b2ca6887af775898da84
Sha1:   1a60376ec797a5fb90881e774b2a80914483f925
Sha256: df8eea11c956f8b7b85ce9b739e38c05c5590bc9d73865c1249e75800813245a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5880
Expires: Sat, 24 Sep 2022 19:59:58 GMT
Date: Sat, 24 Sep 2022 18:21:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N8PDdTOXRtbSz_LsBvZH5AFn71XtwhcjxYN0Fn19AoqgsNuRP2dCBA==
age: 49604
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: adprovider=appfocus1; uid=82b44cbb-5af1-4553-91dc-e80063e7ba46; iid=email_
Upgrade-Insecure-Requests: 1

                                         
                                         34.195.178.228
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Date: Sat, 24 Sep 2022 18:21:57 GMT
Location: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
X-Content-Type-Options: nosniff
Content-Length: 287
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   287
Md5:    a0437bcf38aada7179f677bc1af80e69
Sha1:   785e84b51735cee57c03c808570a27291fa26c25
Sha256: b6753bae440ffad502b750670bc62fef64f9279a6e9ce0cb7d516f5259cdb302
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 24 Sep 2022 18:21:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 18:04:17 GMT
Expires: Sat, 24 Sep 2022 18:56:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1HHQ1QNroLq5JvJWa_usQ9YKVBOPAnhbfgj9sLYs0wPtVmqUEaikVQ==
Age: 1061


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:58 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ycUaZdSEmrXChn0s1Oyn8V_kimp9h8o7TCTcmQC99fbxOur6OPXaQg==

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2070
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Sat, 24 Sep 2022 17:47:28 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:57 GMT
Set-Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; domain=hloginnow.net; expires=Sun, 25-Sep-2022 18:21:57 GMT; path=/ nts=t; domain=hloginnow.net; path=/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 13761
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (811), with CRLF line terminators
Size:   13761
Md5:    6b2db09ce881c3d3ae458a6e28f05c04
Sha1:   da8a694e800a753cfb80b4bf96da2dab573707c8
Sha256: 63f69e17127ec7d9abfcdf5020360ac55c268115f0bd8b2c49816d2c0ad15254
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6546
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Sat, 24 Sep 2022 16:32:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5272
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Sat, 24 Sep 2022 16:54:06 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /get/js/impression?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&cid=app@LoginNow HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:58 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 668
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   668
Md5:    1ba26a9ed23ad92ec6765d3a3fad18e0
Sha1:   0ab1e148b0007911391e850a458cba6793e39a09
Sha256: 7939d6117e4fdda9a1f7da8344b61a7c8ab051b089ff228c7f2c2795235cf94c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5272
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Sat, 24 Sep 2022 16:54:06 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /gtag/js?id=UA-178002442-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 18:21:58 GMT
expires: Sat, 24 Sep 2022 18:21:58 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42203
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   42203
Md5:    309b71f8509a879663b482565087f7e4
Sha1:   2fbdbd4b027ca9597428261e0cb9c9996a4ad06f
Sha256: dd9dd897e45f8c479e8630a570352110a8a70e0db80eaa90b561a0b90d2d2068
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zevMdbl/UPVZEL6GwT/ZOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.39.175.179
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p+93Xr7UwL8LR4VQuUIyXW/TLLE=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /Scripts/WeatherHelper_v1.js HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:58 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1517
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1517
Md5:    1d8237575ed7434f668873989b3f769a
Sha1:   12430714bc540f62ab8c3cc356d1b009b1589a4b
Sha256: 198e57bb51fb3c84d5f47f50a51488e916c5dda12a414b5245d17aba693ea68d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b9b2ba83c3 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.23.52
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 24 Sep 2022 18:21:58 GMT
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74fd8afb6edab529-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27832)
Size:   2603
Md5:    eaaabd3f60063923cd5333eb1d7a20a1
Sha1:   0da69706105e28896a1f6eeaa91d5bec1b82f7f1
Sha256: f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
                                        
                                            GET /css?family=Open+Sans:400,600,700,800&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 18:21:58 GMT
date: Sat, 24 Sep 2022 18:21:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54117)
Size:   54940
Md5:    96d62559de554137b6e1b8e00775b941
Sha1:   237328d34a9673e90d52f8f39e72c9655cb01e2f
Sha256: 2aa774911c293a145239e75bfdc58ba27005e4f38d1482b98b55f8ffdd18ad95
                                        
                                            GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b9b2ba83c3 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.23.52
HTTP/2 200 OK
content-type: text/css
                                        
date: Sat, 24 Sep 2022 18:21:59 GMT
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74fd8afb6ed9b529-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (26366)
Size:   4194
Md5:    7fd743485fa194e25e2a207bff6c258a
Sha1:   97c999d752b95ee1ed6271a29aa58109dc17281e
Sha256: dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
                                        
                                            GET /Content/Home/Email/CSS/Email_v2.css HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:58 GMT
ETag: "0d7e58bf699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:01 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1958
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (662), with CRLF line terminators
Size:   1958
Md5:    31b208481db5232f2d7f9584db7ba1df
Sha1:   b2bcf99c7f6eb685c69d291a86e65c1a38866d22
Sha256: 3892aaefc6ae283355f512a284f3ff77feb9171bd95366ac0b527dc0f8411ec5
                                        
                                            GET /Content/CSS/Base_v2.css HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:58 GMT
ETag: "80445f8bf699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:01 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 2846
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2846
Md5:    c9946249c90f0badfdf55a4559c476a5
Sha1:   f58f7668a3cd3453c31dd64d651a52099eaf8210
Sha256: 492fa88aec13f70306f900b005ce781c35d00df8e3e20072f55ddb3110ddf743
                                        
                                            GET /styles/home/monetizedquicklinks?v=Pf1P8ZTmx0EpcmDfisgZsKM0LGXZ0OckHk-F2hmrmqQ1 HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:58 GMT
Expires: Sun, 24 Sep 2023 18:21:59 GMT
Last-Modified: Sat, 24 Sep 2022 18:21:59 GMT
Vary: User-Agent,Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 2397
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (12948), with no line terminators
Size:   2397
Md5:    b265f2647d729ce2ed972bfce64cdc51
Sha1:   e3901bd30437e65ef4f0bc4ab0cf22730131f0f7
Sha256: fc96374178471800e80a82f7c99dfb3d8ac3d4f823f2eb09e7ec4a0582d4e77c
                                        
                                            GET /Scripts/Home/Shared/Base_v2.js HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:58 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 1043
Connection: keep-alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1043
Md5:    920fd729704c26bd93785b4fd1b6c643
Sha1:   ee2832de76e73a498a229a6d56c28b33fa524cd6
Sha256: 39a30cd129a89443137bc57dc906a53057d365a51d1f0b3ce195de5699c002a5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /Content/Images/Toolbar/gmail.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4402
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   4402
Md5:    ea55cde31ffc6f17e1f6252c9ff64c63
Sha1:   e947805941b0c360442d8a05ae22368ce39d82a1
Sha256: 7549b37a194c861d3e0444cae07773212707ad4b2ec7f4182c006be6c8aaff69
                                        
                                            GET /Content/Images/Toolbar/outlook.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 8401
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   8401
Md5:    aa6f70a6681c4c8321f28c610545b0a4
Sha1:   3bb0380120a96c3fc906ca551d22ad9fa1ed6ce7
Sha256: 6b1192ebfb3fd93bfdb7b886124862494c86d0045fd6c94a47398a089f5e030b
                                        
                                            GET /Content/Images/Toolbar/yahoo.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:59 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4863
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   4863
Md5:    2d0147c64fa4aeb01695c95f351be917
Sha1:   cee44aeace3e20e6d7e607c723235a110bf02e7f
Sha256: bcdd8290dcee1d8bc7c5cb8798bd27078a9a30dda19e432e8ad43d9520ba921b
                                        
                                            GET /Content/Images/Toolbar/maps.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 10139
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   10139
Md5:    03f31a86f5fd92f860351577c470b165
Sha1:   bed2a3c0ad6f07458c1822c3e6ac8b89cf937575
Sha256: f018ecd3437923c9f5af6d16da40d2b32ce2029b6e45c1e2e728f6cc6b3e12ea
                                        
                                            GET /Content/Images/Toolbar/newsv2.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 12254
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Size:   12254
Md5:    54d6fb01d95327cccb0a713c0123190d
Sha1:   7a3c40c0a40fba3b51f76266cb9505f8f1a42ef5
Sha256: 71dc8eff83a0ad83594a67273ae6434612a079e25fb2e06180f046ae02f87a68
                                        
                                            GET /releases/v5.15.4/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.23.52
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Sat, 24 Sep 2022 18:21:59 GMT
content-length: 19784
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35f-4d48"
last-modified: Wed, 04 Aug 2021 18:58:39 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74fd8afd595db529-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19784, version 331.-31196\012- data
Size:   19784
Md5:    c7682b8035fc1d1672d6455631813794
Sha1:   9e2955e5e55b3073e229c218724406425862d4a1
Sha256: 1b50aa1d36ea249991fb44f8f6ad2aa74fe360df9cc04c564b5edf3b053b739c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /releases/v5.15.4/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1 
Host: ka-p.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.18.23.52
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Sat, 24 Sep 2022 18:21:59 GMT
content-length: 23316
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "610ae35c-5b14"
last-modified: Wed, 04 Aug 2021 18:58:36 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 74fd8afd89c1b529-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23316, version 331.-31196\012- data
Size:   23316
Md5:    e0e8f01313f5061924cb318b031d706e
Sha1:   8ddfde7f46123a327ec627acf520741b1f016eb9
Sha256: 78f2234a60cbe6920db07df9663c0b035d9a602d8f7b82e174fc9e0f5bf89ad0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 18:01:25 GMT
expires: Sun, 24 Sep 2023 18:01:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 1234
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /Scripts/NewScripts/AutoComplete_V4.js HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:59 GMT
ETag: "809ec18df699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:05 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 74940
Connection: keep-alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1602), with CRLF line terminators
Size:   74940
Md5:    8bbb0bc9c1fb1e218deceec495fbfb7a
Sha1:   e41b435847fd6fd56cae9ee06abb7bff6da3cadb
Sha256: 624a7d78be7b43606b0a3aed037652f1e91af071ea6ed0f8ac2f165dbc6f34f0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /Content/Images/quicklinkIcons/hq/weather.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 9105
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size:   9105
Md5:    c73cae6072224041a7e28492e966537a
Sha1:   7a52c159cfa027646d40ff974eaef4805ec9a969
Sha256: fa25bf2809d53a6218b7eb54f168fb0bc9d6427c12cac5a6689205816bee0672
                                        
                                            GET /Content/Images/Toolbar/emailv2.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:58 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 4960
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGB, non-interlaced\012- data
Size:   4960
Md5:    dd10e459a0ac71df7bcffa634a077856
Sha1:   cc774bf351b47a74c422c5db5dc17c051536be00
Sha256: 0d7a3679994f6afdc431b78b25fe7ba40963cfe94f807ca7409e9687429bca10
                                        
                                            GET /Content/Images/quicklinkIcons/hq/myemailsimplified.png HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Date: Sat, 24 Sep 2022 18:21:59 GMT
Last-Modified: Wed, 25 Aug 2021 21:17:02 GMT
X-Content-Type-Options: nosniff
Content-Length: 7740
Connection: keep-alive


--- Additional Info ---
Magic:  PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Size:   7740
Md5:    cde49619d2e9336942237b4965e1df3e
Sha1:   8a754330cce76b36725ec12689ba349d7af78f7e
Sha256: c60e91abccb6a9d706f9613c22abb713554dd75fbd4ea1bd8494d28b423ce936
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tiles?partner=internal_banner&v=1.3&sub1=10055&sub2=email&results=10&BOC=1664043718310&callback=amp_fn HTTP/1.1 
Host: internal_banner.tiles.ampfeed.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.26.15
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
server: akka-http/10.0.0
content-length: 20
x-country-check: NO, NO
x-ip-check: 84.213.65.126, 127.0.0.1, 84.213.65.126
date: Sat, 24 Sep 2022 18:21:59 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   20
Md5:    7f3ddf32c69b12d8da247ab32bcf7c0a
Sha1:   e0d8baa7114b5126d38cf731ad44527af3467280
Sha256: f1a514c273a93178f053ad889969bb58d6d5c44e913cbf3abbbbb667b4acda48
                                        
                                            GET /tiles?partner=internal_tiles&v=1.3&sub1=10058&sub2=email&results=10&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F71.0.3578.80%20Safari%2F537.36&BOC=1664043718309&callback=admtilecallback HTTP/1.1 
Host: internal_tiles.tiles.ampfeed.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.110.26.15
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
server: akka-http/10.0.0
content-encoding: gzip
content-length: 46
x-country-check: NO, NO
x-ip-check: 84.213.65.126, 127.0.0.1, 84.213.65.126
date: Sat, 24 Sep 2022 18:21:59 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   46
Md5:    fe5db27d2eae551ca45d872688cc2bcb
Sha1:   5a99184fde35329d754349c64a45bb5ba64b4252
Sha256: 1f7af0b538726086e9bb5ce0c8fd64ca0a7baab3e6ae4d725979abf1014f48d9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:59 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GekzLHePqEhmsLy9bN5jh7vcTWITmy2qUi9xfYBMMmrEtniOfTfhVg==

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:59 GMT
Last-Modified: Sat, 24 Sep 2022 17:43:30 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gUAJh61Np59trvUV9B0x4Zh6njku4dwFH-l4cFKuj_Zx9GZNw1TJgA==
Age: 2309

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:59 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 04:42:22 GMT
Expires: Sat, 01 Oct 2022 04:42:21 GMT
Etag: "9e6ba1deb55e2d5f194b408fcef5913d297a0e83"
Cache-Control: max-age=555021,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fd8affff5eb500-OSL

                                        
                                            GET /impression.do?event=ex_banner_show&user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46&source=d-ccc3-lp0-bb9-sbe-ab&traffic_source=appfocus1&subid=20180323&implementation_id=email_&page=adm&referrer=&offer_id=~app@LoginNow HTTP/1.1 
Host: imp.onesearch.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         44.199.122.180
HTTP/2 503 Service Unavailable
content-type: text/html
                                        
server: awselb/2.0
date: Sat, 24 Sep 2022 18:21:59 GMT
content-length: 162
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    81df4d3863debf3eceb5cf84251fd472
Sha1:   4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
Sha256: 258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
                                        
                                            GET /impression.do?event=ex_ql_impression&user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46&source=d-ccc3-lp0-bb9-sbe-ab&traffic_source=appfocus1&subid=20180323&implementation_id=email_&page=mailbird::thenewscorner_email::thenewscorner::myemailsimplified::nationalweatheragency::early_chirp&referrer=&offer_id=~app@LoginNow HTTP/1.1 
Host: imp.onesearch.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         44.199.122.180
HTTP/2 503 Service Unavailable
content-type: text/html
                                        
server: awselb/2.0
date: Sat, 24 Sep 2022 18:21:59 GMT
content-length: 162
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    81df4d3863debf3eceb5cf84251fd472
Sha1:   4ba7843a4cc062123f5f4caacbb9a3fa7d381eac
Sha256: 258c66556e2e065b0d04f6ae39a98fcf182e3e584cd0b7bdb20d0a395796347b
                                        
                                            GET /data/2.5/weather?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1 
Host: api.openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         188.166.16.132
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: openresty
Date: Sat, 24 Sep 2022 18:21:59 GMT
Content-Length: 465
Connection: keep-alive
X-Cache-Key: /data/2.5/weather?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (465), with no line terminators
Size:   465
Md5:    145be5c22db2c5d8fea54f371e97bb1c
Sha1:   b085e50b8ad59b8032b80b007218e66e98358efe
Sha256: 095523ecdd87cc90f97e80a4d18a9ce24e45524dc4b658eb2ae889909e7283bf
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.118
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:59 GMT
Last-Modified: Sat, 24 Sep 2022 17:00:33 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lfxvhQXKk2kNZtAbfs9O5Q1nOrW_qzQ2L8Ty_O41eIb-2fJHjTZzVQ==
Age: 4886

                                        
                                            GET /impression.do?event=push_modal_shown&page=results.hloginnow.net&source=d-ccc3-lp0-bb9-sbe-ab&subid=20180323&i_id=email_ HTTP/1.1 
Host: imp.onesearch.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         44.199.122.180
HTTP/2 503 Service Unavailable
content-type: text/html
                                        
server: awselb/2.0
date: Sat, 24 Sep 2022 18:21:59 GMT
content-length: 162
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4536
Md5:    d76d9db802335349e5ed5c673d81266d
Sha1:   723530534d533d42dd96cddae4b82c8d3b378011
Sha256: 069a9795bb1b7e9e80ae8eba2a0ca741a285a56be5397653d77257bae2d3b2d5
                                        
                                            GET /data/2.5/forecast?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1 
Host: api.openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         188.166.16.132
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: openresty
Date: Sat, 24 Sep 2022 18:21:59 GMT
Content-Length: 15909
Connection: keep-alive
X-Cache-Key: /data/2.5/forecast?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (15909), with no line terminators
Size:   15909
Md5:    9a6f753aca8b2c0a6e75b0bf2ac311e8
Sha1:   b17f046abd8214759985bfdd15b2d231b3c97e1d
Sha256: d64ee27e9433e1b54da7345d14bfe4246ead0941d8b1ded1aca12ad5e373be99
                                        
                                            GET /dailyfeature/df?url=hloginnow.net&uc=20180323&cid=app@LoginNow&purpose=hp&type=internal HTTP/1.1 
Host: dailyfeature.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         3.226.90.104
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 18:21:59 GMT
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Content-Length: 752
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   752
Md5:    7f9dad7908f096c06788f5ac35eaa2ba
Sha1:   8c385a9d2b051046bd3022daba9f4882f3276e1f
Sha256: 0065bed4d3e8f9d3008fcb1be6fb15d75e0f89cebce1c876f19518e3adb9ea51
                                        
                                            GET /quicklinkicons/early_chirp.png HTTP/1.1 
Host: dap2y8k6nefku.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.50
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 10871
last-modified: Thu, 21 Jul 2022 21:16:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 03:02:22 GMT
etag: "2d9855aaf48a48f9ed6f205c93ea73ff"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XU-lyI8P7Peml1cDIrThH1IwHXpzCB7vMXdf6MX8xPeaIXyuMka1iQ==
age: 55177
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 361 x 361, 8-bit/color RGB, non-interlaced\012- data
Size:   10871
Md5:    2d9855aaf48a48f9ed6f205c93ea73ff
Sha1:   109080dd51f9466fcc19a872f8db84fa93848de9
Sha256: 39fd4d8ea8a16bccf296cd5aed492305fab38e4d5d42d99a9c897111ed3d66ef
                                        
                                            GET /js/term_mappings.json HTTP/1.1 
Host: dap2y8k6nefku.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.50
HTTP/2 200 OK
                                        
content-length: 163302
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Fri, 30 Apr 2021 12:58:49 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 19:36:51 GMT
etag: "ad5616114dc91d3881715e52566797b3"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8AROyOrRCaIFRD5tBmym8yUIL0NXo7fGudXbG_GdxV52ICoMgucCaw==
age: 81909
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   172055
Md5:    d3c58bb79f4a40817c60a1bb7e24891c
Sha1:   5baf5863fed5e9060d2ab2c6158ddf9f3df09649
Sha256: a2eafff5ec15645e4fb208e7451ae0b8bacd21decbd9f39355652d1837ee92f9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4086
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:21:59 GMT
Last-Modified: Sat, 24 Sep 2022 17:13:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /quicklinkicons/mailbird.png HTTP/1.1 
Host: dap2y8k6nefku.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.50
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 4311
date: Sat, 24 Sep 2022 03:51:20 GMT
last-modified: Fri, 21 Aug 2020 14:24:20 GMT
etag: "97f8c087f80e2216d6ba0de1f84f4f70"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NZ43IEPKbTp_4DHZFjuyU4PPY9aZFUHgh-BEcOfHgd-tlJD__YUbxg==
age: 52240
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   6502
Md5:    6afc910c24b87b07dd81dd9897f5bcd9
Sha1:   211d4dcf2c284dacc5d14f7b604bb6e9c29706ce
Sha256: cfb5776d06e1626e7be7a69d69f279766a557395cc43d2260b97ce8cfc130e65
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sat, 24 Sep 2022 16:41:09 GMT
expires: Sat, 24 Sep 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 6050
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   30944
Md5:    d36c7f594f801167a3ad4632d26b099f
Sha1:   23684f06ad7d375382239fb9ead9429506b5e086
Sha256: 37a8a6d99e7bebe58740e8d51fb507c704c2ebce64e019c0040159733f4c89ad
                                        
                                            GET /email.png HTTP/1.1 
Host: d3ff8olul1r3ot.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.245.94
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 22346
last-modified: Thu, 05 Apr 2018 19:17:35 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 18:21:59 GMT
etag: "bc1358a45bd24711cb0f3829f3a82de9"
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jwgYxs32uTUwtPPatFsClrCWCvvO2heaAEYZiuihc617jln9OQzX8A==
age: 9368
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size:   22346
Md5:    bc1358a45bd24711cb0f3829f3a82de9
Sha1:   64983a7920541e68a439ac7c9f32f7921f052e89
Sha256: 91b363d9176e930a04aece4274f06f03722c8aa4513df97132cf1340f76402cf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:21:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /quicklinkicons/thenewscorner.png HTTP/1.1 
Host: dap2y8k6nefku.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.50
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 3058
last-modified: Tue, 11 Aug 2020 13:35:43 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 03:22:38 GMT
etag: "416b547a3c3b19e4134a37ae8a342de0"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XDH7ShmXazng1qQS0jIL-ZnqFty2Y1XQ6pnHvBc3CLSsHA-3sYvcZg==
age: 53962
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5243
Md5:    a7258aaf0e01d0e23d0924cf485fcb7a
Sha1:   65ed28a591f9a12def2cb9cb91986d520590e57c
Sha256: 74a0d37b5783125c0bc538c75e3cec4cc5ada68ad9e34987c78c2c0cd25bb5f4
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.14
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: iOLAOBy5tzwRhFePLMfrmve0oqc0RryfZsBQwXfZW+A5tfu5wUEvXPr67PMibi68dWwxSFQzgfsnso4pZnuqUA==
content-length: 26839
x-fb-trip-id: 1679558926
date: Sat, 24 Sep 2022 18:21:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   26839
Md5:    9ecd89752214ef749272eef344b9089a
Sha1:   70a58a49c08934265ee34c74efb01d6b3124095d
Sha256: f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
                                        
                                            GET /pagead/conversion_async.js HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 24 Sep 2022 18:21:59 GMT
expires: Sat, 24 Sep 2022 18:21:59 GMT
cache-control: private, max-age=3600
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1654)
Size:   15693
Md5:    890f716858b5f72587e47c5eca121cb5
Sha1:   91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
Sha256: 7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
                                        
                                            GET /quicklinkicons/thenewscorner_email.png HTTP/1.1 
Host: dap2y8k6nefku.cloudfront.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.42.50
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2439
date: Sat, 24 Sep 2022 04:06:41 GMT
last-modified: Thu, 30 Jul 2020 15:10:49 GMT
etag: "d45e5aed6673a9f169e1cdc7549b3885"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3LdhWDRa6IEqqfNFKD-sLx50-WazX3PVWUWfKnlHai_XsS0g7O-lpw==
age: 51320
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size:   2439
Md5:    d45e5aed6673a9f169e1cdc7549b3885
Sha1:   106615391a16233cedd4139113908956b96e9a0e
Sha256: 22f1e2680c093309a7e954fe94e702dd12e36d4f89ee5d62e9e9a838cf5ec318
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4087
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 18:22:00 GMT
Last-Modified: Sat, 24 Sep 2022 17:13:53 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /data/2.5/forecast/daily?appid=beac7c40c6ebee3f7f54a7a3544c9986&zip=10001&type=accurate&units=imperial HTTP/1.1 
Host: api.openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://results.hloginnow.net/
Origin: https://results.hloginnow.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         188.166.16.132
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: openresty
Date: Sat, 24 Sep 2022 18:22:00 GMT
Content-Length: 2824
Connection: keep-alive
X-Cache-Key: /data/2.5/forecast/daily?type=accurate&units=imperial&zip=10001
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST


--- Additional Info ---
Magic:  data
Size:   5012
Md5:    f8111942bd3f3fd0af65f9077029d19c
Sha1:   f733d9fadc18fbd12bffb445d032a3303efb02fb
Sha256: a2890bf1fd901ccd0b5f62e94c3de9e7302479be769f059cc8fa61950a6e5368
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: results.hloginnow.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/?uc=20180323&ap=appfocus1&source=d-ccc3-lp0-bb9-sbe-ab&uid=82b44cbb-5af1-4553-91dc-e80063e7ba46&i_id=email_1&page=newtab
Cookie: user_id=82b44cbb-5af1-4553-91dc-e80063e7ba46; nts=t; _gcl_au=1.1.691057042.1664043718
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                         
                                         34.195.178.228
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Date: Sat, 24 Sep 2022 18:21:59 GMT
ETag: "342c678ef699d71:0"
Last-Modified: Wed, 25 Aug 2021 21:17:06 GMT
X-Content-Type-Options: nosniff
Content-Length: 112173
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   123115
Md5:    c0475d4d648bc672c4df71f64e1d82b8
Sha1:   cfc6f19e036ce0b72f5561adbcb27082b2b1dfdd
Sha256: e136606845953ddaaa7425afccde83189064ed7cc16e8d7fc3936934c0553d23
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2658
Md5:    47675f540094d6f2d2d976314c35781f
Sha1:   95a7429c67f1ef3cc2fdcf28b814b73a529546d4
Sha256: 56482af70e0d9d5d1437fe7e1f2b72b878175d167fabb45e16163ff111569f0d
                                        
                                            GET /pagead/viewthroughconversion/713545727/?random=1664043718859&cv=9&fst=1664043718859&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&ig=0&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180323%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb9-sbe-ab%26uid%3D82b44cbb-5af1-4553-91dc-e80063e7ba46%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=691057042.1664043718&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1165
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Sep-2022 18:37:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2640), with no line terminators
Size:   1165
Md5:    58c81d8a569ef60faa5cd96fb2b727e7
Sha1:   56b57c4c0afe28005ea65b8ae9ee8d748ffd3e90
Sha256: e52497a0f3fcabbd8cc45a988eeb469a71f8419af1270cf4c5992bc26a400342
                                        
                                            GET /pagead/viewthroughconversion/713545727/?random=1664043718857&cv=9&fst=1664043718857&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180323%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb9-sbe-ab%26uid%3D82b44cbb-5af1-4553-91dc-e80063e7ba46%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&auid=691057042.1664043718&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.194
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1130
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Sep-2022 18:37:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3319
Md5:    16f993ae321a967caba9f4cf15a6b375
Sha1:   0eb2f6c3af756263280478e40c2dbad4e7ff4cb4
Sha256: 0a6c972bb2afb8a3217e01674a7f9fbf3bdc48af016767c7f529bfa092547993
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:22:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8011
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 18:22:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:22:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:27 GMT
age: 74013
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6386
Md5:    d8d9af95acfc8b9b431eb1e020157f6d
Sha1:   f6f926be6e265a597aaede424f05fcd7c76fcc20
Sha256: 0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pVtBCTCGh0DCF_1Vf9qMWttoDUQO_xSCkpdis9Gu3o4_cVEqaHngVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:30 GMT
age: 74010
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8354
Md5:    e1087dcce202bbbc8c84196bd2050662
Sha1:   670d89082f8da643e1196b11fb64bf71707f0e8d
Sha256: f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:26 GMT
age: 74014
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10221
Md5:    904315aab0ffe76f89ce21fe29782a39
Sha1:   e9c1d640bbd04fce90f2a334c66bf5d81372f06c
Sha256: 6c68200dec078131f3e958202150d6ed9cb3d670543aedf8bea8237c4763997c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 73844
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10032
Md5:    aa150280eb113504d61a25935c0f0127
Sha1:   ed04f74fbb4c77b21e2babc51a82857f5e23d169
Sha256: 07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8011
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 18:22:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8056
Expires: Sat, 24 Sep 2022 20:36:16 GMT
Date: Sat, 24 Sep 2022 18:22:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 05:14:28 GMT
age: 47252
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:23 GMT
age: 73417
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9935
Md5:    55d224ac83a417772c98bc5080fb6689
Sha1:   a30f9044330824e70dde0dcc785890d981e6fdf5
Sha256: b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
                                        
                                            GET /img/wn/01d@2x.png HTTP/1.1 
Host: openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.197.100
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty/1.9.7.1
Date: Sat, 24 Sep 2022 18:22:00 GMT
Content-Length: 948
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-3b4"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Sat, 01 Oct 2022 18:22:00 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   3140
Md5:    dbd0373bdb5d27c2900885cdfbcda8ce
Sha1:   2f07ce6fd414237c0fdd023e273c807daeee3510
Sha256: 6eaa2c43904c5090af36330d1db97d866b692e2199cc7a1f764bc2f1892064f5
                                        
                                            GET /img/wn/01n@2x.png HTTP/1.1 
Host: openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.197.100
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty/1.9.7.1
Date: Sat, 24 Sep 2022 18:22:00 GMT
Content-Length: 945
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-3b1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Sat, 01 Oct 2022 18:22:00 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   945
Md5:    fb82c56f21511270701f0f68741618eb
Sha1:   5b9dd5c7734d65e68e5467f34daa5d39a6dcdfdd
Sha256: 7bd4657936b44fb4e8f568b6c09fbdc1a7936df1ceb1407fc46c24c7ef3d7848
                                        
                                            GET /img/wn/03n@2x.png HTTP/1.1 
Host: openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.197.100
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty/1.9.7.1
Date: Sat, 24 Sep 2022 18:22:00 GMT
Content-Length: 837
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-345"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Sat, 01 Oct 2022 18:22:00 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   837
Md5:    d3c430e1aa80cf67b11cf4d8d451eefb
Sha1:   3253f5b16fd282e1b36645b9c89644f05fb8ac91
Sha256: d67ed35d7dbf10d139bf85b2632fffaaa2e338177d56f0240bce6d3a401ba9f0
                                        
                                            GET /img/wn/10d@2x.png HTTP/1.1 
Host: openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.197.100
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty/1.9.7.1
Date: Sat, 24 Sep 2022 18:22:00 GMT
Content-Length: 2584
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-a18"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Sat, 01 Oct 2022 18:22:00 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   2584
Md5:    7efb7efb9dfabda61d89d29187508b6f
Sha1:   45578ae531f6dba58efc6037696727b687425079
Sha256: 649bddef1d5b18d1ad2a9bcc9394f9a21c06617a5a1530f6c258ed75d2de5ede
                                        
                                            GET /img/wn/04n@2x.png HTTP/1.1 
Host: openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.197.100
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty/1.9.7.1
Date: Sat, 24 Sep 2022 18:22:00 GMT
Content-Length: 1869
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-74d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Sat, 01 Oct 2022 18:22:00 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   1869
Md5:    1f2aafb2dc3b9d387d58567acfe3ffa5
Sha1:   76bfa452fe904c4acdd0f6563614d5051ee5f142
Sha256: 5b93d1d05564bfdedf759cd96adff916da7b9af18fb30064f5a99a5270d599f0
                                        
                                            GET /img/wn/04d@2x.png HTTP/1.1 
Host: openweathermap.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         138.201.197.100
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: openresty/1.9.7.1
Date: Sat, 24 Sep 2022 18:22:00 GMT
Content-Length: 1869
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Connection: keep-alive
ETag: "5d10d0f0-74d"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: origin, content-type, accept
Expires: Sat, 01 Oct 2022 18:22:00 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size:   1869
Md5:    1f2aafb2dc3b9d387d58567acfe3ffa5
Sha1:   76bfa452fe904c4acdd0f6563614d5051ee5f142
Sha256: 5b93d1d05564bfdedf759cd96adff916da7b9af18fb30064f5a99a5270d599f0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-178002442-1&cid=1035186895.1664043719&jid=33687214&gjid=838250721&_gid=730060096.1664043719&_u=YEBAAUAAAAAAAC~&z=2014651143 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.162.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://results.hloginnow.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Sep 2022 18:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-219278292-1&cid=1035186895.1664043719&jid=1275607967&gjid=2065119880&_gid=730060096.1664043719&_u=YEDAAUABAAAAAC~&z=1601000957 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         64.233.162.155
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://results.hloginnow.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 24 Sep 2022 18:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            GET /pagead/1p-user-list/713545727/?random=1664043718859&cv=9&fst=1664042400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&data=event%3DHomepageView%3Bevent_category%3Demail_%3Bevent_label%3DFirefox%2096.0.0.0&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180323%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb9-sbe-ab%26uid%3D82b44cbb-5af1-4553-91dc-e80063e7ba46%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=467537488&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/713545727/?random=1664043718857&cv=9&fst=1664042400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180323%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb9-sbe-ab%26uid%3D82b44cbb-5af1-4553-91dc-e80063e7ba46%26i_id%3Demail_1%26page%3Dnewtab&tiba=Login%20Now&async=1&fmt=3&is_vtc=1&random=751167858&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:22:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /tr/?id=332720671379986&ev=PageView&dl=https%3A%2F%2Fresults.hloginnow.net%2F%3Fuc%3D20180323%26ap%3Dappfocus1%26source%3Dd-ccc3-lp0-bb9-sbe-ab%26uid%3D82b44cbb-5af1-4553-91dc-e80063e7ba46%26i_id%3Demail_1%26page%3Dnewtab&rl=&if=false&ts=1664043719261&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1664043719260.1343019681&it=1664043718853&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         157.240.200.35
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sat, 24 Sep 2022 18:22:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 24 Sep 2022 18:22:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:25 GMT
age: 73482
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   128218
Md5:    a7e8095a16fb07de5b3f2642629ae3df
Sha1:   14750b28135f11573390bdae6c9f10f7c6467410
Sha256: e181d1a2b4e5e49480251405295b020029e9a11a5e58ed85d6c73b3bfb031fa2
                                        
                                            GET /b9b2ba83c3.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://results.hloginnow.net
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.23.52
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Sat, 24 Sep 2022 18:21:58 GMT
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fxd6NIJ_cy9-CFhjdNUi
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 74fd8afade2ab529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /300x300?Text=. HTTP/1.1 
Host: via.placeholder.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.158.148
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                        
date: Sat, 24 Sep 2022 18:21:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgYOzAV3MujA77nlqLrw8OzAC0udTq%2FKwZXHhSA%2BZuhm3yFiBKVJe5PU6ArrrpyH%2FIK%2Fa3KgGMSet2vVpHksHn29GzcGZ0rQBuk7k5sCiehE45nXjat6YaxjOZjixH10QgUm4lpl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd8afe29390b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /300x300?Text=. HTTP/1.1 
Host: via.placeholder.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.158.148
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
                                        
date: Sat, 24 Sep 2022 18:21:59 GMT
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vdNQkQo%2Bd41S%2BePF1fgFhFS8SuCYRbtAHEK6qWowowkUTNBbmQtXXZg2FHEQkS1IARU4HV1XOGD2Jjr7S%2FiiSBtFJBcWA2WLJ1J0up8pva2H%2BofBNHWhRQ%2BWi%2FO3E%2BBcNbwydKP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fd8afe08fb0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sdks/OneSignalSDK.js HTTP/1.1 
Host: cdn.onesignal.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://results.hloginnow.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.18.226.52
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sat, 24 Sep 2022 18:21:58 GMT
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 33
expires: Tue, 27 Sep 2022 18:21:58 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 74fd8afae8b90af6-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---