{"report_id":"de410c84-735d-4138-9fb9-535405c1b7ab","version":6,"status":"done","tags":[],"date":"2025-01-23T13:04:26Z","url":{"schema":"https","addr":"hsb.kazoohr.com/","fqdn":"hsb.kazoohr.com","domain":"kazoohr.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hsb.youearnedit.com/users/sign_in","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"title":"WorkTango"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"","expires_at":"2027-04-03T13:04:26Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"yei-production-images.s3.amazonaws.com","ip":{"addr":"54.231.131.217","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2005-08-18","domain_rank":226805,"first_seen":"2017-05-29T13:32:19Z","last_seen":"2024-12-27T12:37:46.97814Z","alert_count":0,"request_count":1,"received_data":257054,"sent_data":535,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hsb.kazoohr.com","ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-11-27","domain_rank":0,"first_seen":"2025-01-23T13:04:26.43986Z","last_seen":"2025-01-23T13:04:26.43986Z","alert_count":0,"request_count":1,"received_data":1346,"sent_data":470,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hsb.youearnedit.com","ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"1999-12-24","domain_rank":0,"first_seen":"2025-01-23T13:04:26.437509Z","last_seen":"2025-01-23T13:04:26.437509Z","alert_count":0,"request_count":4,"received_data":16420,"sent_data":2229,"comment":"","tags":null,"fingerprints":null},{"fqdn":"d2y682l68cpwit.cloudfront.net","ip":{"addr":"143.204.42.206","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2022-06-09T16:58:18Z","last_seen":"2023-06-06T19:28:55Z","alert_count":0,"request_count":2,"received_data":151502,"sent_data":991,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-01-22T01:50:15.034802Z","alert_count":0,"request_count":1,"received_data":109721,"sent_data":425,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hsb.youearnedit.com/users/sign_in","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"dee0c0c57426287574dd0cf622b1a51474532608b40a1d22ddfdc8242824687485219c","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T09:13:26.931764Z","times_seen":13854115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hsb.youearnedit.com/users/sign_in","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"c710000000000000000000000000000000000000003000000000000000000000000000","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T09:13:26.931764Z","times_seen":13854115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=G-MHGX8N9D52","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"71765ac1ac4389dffd28c506ef502c5b","sha1":"d3de5c434b8b0257d81979b476d1791ea698157f","sha256":"381c199ad19c249f0774d0424e7b63b677d51f638dd39efc08adddc132f7b968","sha512":"481be69eefb6c3992793b42a4f6851dd83b768921ea55a91141f0fab23c97d03a302e7b5400632430004b67929eaaf063c66fed4fb8d00b5567b2f62d270c650","ssdeep":"6144:R4W5CuI+bZvpAk/8azh+RGIzGCC8/4RsZtr7qUHp:qW6+VBP/yARsai","tlshash":"236429ce73c674679296e478507f018ba57b28a2b80cc8d5f1c9c8e42d74a9a4277f7c","size":321731,"data":"","first_seen":"2025-01-23T13:04:28.515579Z","last_seen":"2025-01-23T13:04:28.515579Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2y682l68cpwit.cloudfront.net/assets/login-0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73.js","fqdn":"d2y682l68cpwit.cloudfront.net","domain":"d2y682l68cpwit.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.206","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7cf14d1182ef34c19cf80ad0c9e01982","sha1":"6bf7a8dfba696e17e1be65cd3e87902d504da537","sha256":"0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73","sha512":"98906e0e6868bfc0a24147b3dc08914997c50e5ff5159b37cfc98a4bd117e362b4d7705b778c5abb7df5f61b43fd147a38aecfb38c88c9d90d6e4bdfdc2d2130","ssdeep":"6144:KVoRdT8+pXTyUiTrBa2uxLYIGIsal6ezxeGhI:6cZ2WqHalmG2","tlshash":"f394d7ccb1c2b06157ab207440af550bf23aad59750e8590e265e8e8fcbc95e917bf3c","size":436009,"data":"","first_seen":"2025-01-23T13:04:28.513627Z","last_seen":"2025-11-08T01:09:41.224909Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hsb.youearnedit.com/users/sign_in","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"74f02e18f6615e3dba47c8746074dfa16b4a218cd6191b55d87f457f2804d84043f218","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T09:13:26.931764Z","times_seen":13854115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hsb.youearnedit.com/users/sign_in","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"e6012403b15c64790207afe64bb5a4013b2db22a81634244bf689fcf6b2ad43b20131f","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T09:13:26.931764Z","times_seen":13854115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"hsb.kazoohr.com/","fqdn":"hsb.kazoohr.com","domain":"kazoohr.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-23T13:04:02.351Z","timestamp":1737637442351,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kazoohr.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Thu, 05 Dec 2024 14:17:40 GMT","end":"Wed, 05 Mar 2025 14:17:39 GMT"},"fingerprint":{"sha1":"05:A2:AD:70:91:79:C9:BD:1E:A8:40:17:A8:53:64:F5:7D:7C:E8:FD","sha256":"3F:E2:6E:E8:3C:75:76:E2:39:81:79:8D:2D:E4:E6:B7:84:D7:E8:10:E9:35:22:6F:7B:84:B8:93:81:40:D1:0A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hsb.kazoohr.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Thu, 23 Jan 2025 13:04:03 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 476\r\nConnection: keep-alive\r\nX-Powered-By: Express\r\nX-Request-ID: e9acc84fd0fa6d317cf2d8784426c270\r\nSet-Cookie: postLoginRedirect=%2F; Domain=kazoohr.com; Path=/; HttpOnly\r\nLocation: https://hsb.youearnedit.com/kazoo/login?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrd3JlZiI6Imh0dHBzOi8vaHNiLmthem9vaHIuY29tLyIsInJlZGlyZWN0IjoiLyIsImlhdCI6MTczNzYzNzQ0M30.SbdIAa6NN8dvHuVOI9lQN8slzhDmlT_9OkUt3_Z-9UQ\r\nVary: Accept\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nContent-Security-Policy-Report-Only: default-src 'self' 'unsafe-inline' https://cdn.kazoohr.io https://*.datadoghq.com https: data: blob:; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com; form-action 'none'; frame-ancestors 'none';\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":476,"size_decoded":476,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (476), with no line terminators","md5":"f565c9d8d685186402bdb8b32c329c76","sha1":"f731122f641ce7a6116c814ec70341870ba8dc55","sha256":"bfb51a3d14c422ff30c44715525f170e2c6f7baa6d9df892cedd2f262bd14f0d","sha512":"bcf66f1e76eca1f38fd2d9d4e7360229eaef3e43b29363c4f05daf84b7435829c19f3027341818642814c8064d3fdd5ee285549b69423435be6764380e0d9086","ssdeep":"","tlshash":"96f09e862b546b8df6b0fb0820d4250d252e065fac9889ff85590861bd6d383702a0e5","first_seen":"2025-01-23T13:04:28.504419Z","last_seen":"2025-01-23T13:04:28.504419Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1133,"timings":{"blocked":387,"dns":40,"connect":114,"send":0,"wait":358,"receive":0,"ssl":229},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hsb.youearnedit.com/kazoo/login?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrd3JlZiI6Imh0dHBzOi8vaHNiLmthem9vaHIuY29tLyIsInJlZGlyZWN0IjoiLyIsImlhdCI6MTczNzYzNzQ0M30.SbdIAa6NN8dvHuVOI9lQN8slzhDmlT_9OkUt3_Z-9UQ","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-23T13:04:03.104Z","timestamp":1737637443104,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youearnedit.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Dec 2024 20:24:48 GMT","end":"Wed, 19 Mar 2025 20:24:47 GMT"},"fingerprint":{"sha1":"4D:42:C6:4C:1D:8B:51:2D:A9:FC:23:B4:69:D4:3B:1C:F7:05:42:31","sha256":"4F:8B:14:5D:FD:7E:30:27:1B:AF:09:16:CD:0C:DF:05:65:55:4A:DA:7D:B0:2F:96:E0:D3:2F:53:0C:1F:5D:79"}}},"request":{"raw":"GET /kazoo/login?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrd3JlZiI6Imh0dHBzOi8vaHNiLmthem9vaHIuY29tLyIsInJlZGlyZWN0IjoiLyIsImlhdCI6MTczNzYzNzQ0M30.SbdIAa6NN8dvHuVOI9lQN8slzhDmlT_9OkUt3_Z-9UQ HTTP/1.1\r\nHost: hsb.youearnedit.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Thu, 23 Jan 2025 13:04:03 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nStatus: 302 Found\r\nCache-Control: no-cache\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-Id: 12b2bbc980dfefb1a16111b80612e442\r\nLocation: https://hsb.youearnedit.com/\r\nX-Download-Options: noopen\r\nX-Runtime: 0.009751\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nSet-Cookie: _session_id=1ff297b3ccc69f703f124f6b841182c0; path=/; secure; HttpOnly; SameSite=None\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nContent-Security-Policy: default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":94,"size_decoded":94,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"d6374d727bb699fe981017b6e9919471","sha1":"3503bc8c85b74a9bd6ae013f54a06690795efc8e","sha256":"3a7eea28a15afb99c92de32a193b9ca1075e23f0b72b0c03c7c117ec52e942da","sha512":"442ca526e47983d1a2f004c68f2e8714f659e0fcdaeb7d07c5d4d33d00ac9e74aee8914cf78a695d071cb103549316aed97fe1d467656f82ff36a39374ac1bd3","ssdeep":"","tlshash":"78b012e236c223089b70838808c0211c84c741651d88c2a58086586d4820384d93249a","first_seen":"2025-01-23T13:04:28.506742Z","last_seen":"2025-01-23T13:04:28.506742Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1225,"timings":{"blocked":546,"dns":205,"connect":114,"send":0,"wait":131,"receive":1,"ssl":225},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hsb.youearnedit.com/","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-23T13:04:03.787Z","timestamp":1737637443787,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youearnedit.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Dec 2024 20:24:48 GMT","end":"Wed, 19 Mar 2025 20:24:47 GMT"},"fingerprint":{"sha1":"4D:42:C6:4C:1D:8B:51:2D:A9:FC:23:B4:69:D4:3B:1C:F7:05:42:31","sha256":"4F:8B:14:5D:FD:7E:30:27:1B:AF:09:16:CD:0C:DF:05:65:55:4A:DA:7D:B0:2F:96:E0:D3:2F:53:0C:1F:5D:79"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hsb.youearnedit.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _session_id=1ff297b3ccc69f703f124f6b841182c0\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Thu, 23 Jan 2025 13:04:03 GMT\r\nContent-Type: text/html\r\nContent-Length: 107\r\nConnection: keep-alive\r\nStatus: 302 Found\r\nCache-Control: no-cache\r\nX-Request-Id: 2129529fece0d2b8bdc147fa23704181\r\nLocation: https://hsb.youearnedit.com/users/sign_in\r\nX-Runtime: 0.004750\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nContent-Security-Policy: default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":107,"size_decoded":107,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"8f358f5a2db1b53c60491502ede6c5ee","sha1":"ab7c59fcca4e2ed7f2d551556b53d402222fb98c","sha256":"66dc2b526f06853dcf35812ef5b1f5e903688a08ec3bf540330322d56deb619c","sha512":"9c8491e835aea836f31901e1c7cb24b20f91c6a8441809b79b1b22af2846aa8e093949f7b9c046c0277d242689e51de75b1dea43a04a8d49a3371c0150b1e08f","ssdeep":"","tlshash":"d2b012e6b6c266085bb18bc818c0221d849741641ecac2a580a548bd48347ccda328bb","first_seen":"2025-01-23T13:04:28.508348Z","last_seen":"2025-01-23T13:04:28.508348Z","times_seen":1,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hsb.youearnedit.com/users/sign_in","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-01-23T13:04:03.919Z","timestamp":1737637443919,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youearnedit.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Dec 2024 20:24:48 GMT","end":"Wed, 19 Mar 2025 20:24:47 GMT"},"fingerprint":{"sha1":"4D:42:C6:4C:1D:8B:51:2D:A9:FC:23:B4:69:D4:3B:1C:F7:05:42:31","sha256":"4F:8B:14:5D:FD:7E:30:27:1B:AF:09:16:CD:0C:DF:05:65:55:4A:DA:7D:B0:2F:96:E0:D3:2F:53:0C:1F:5D:79"}}},"request":{"raw":"GET /users/sign_in HTTP/1.1\r\nHost: hsb.youearnedit.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _session_id=1ff297b3ccc69f703f124f6b841182c0\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 23 Jan 2025 13:04:04 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nStatus: 200 OK\r\nCache-Control: no-store\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nX-Permitted-Cross-Domain-Policies: none\r\nX-XSS-Protection: 1; mode=block\r\nX-Request-Id: bc465f47d8b95ddeda5dc9c411074198\r\nX-Download-Options: noopen\r\nETag: W/\"1000daaef3b908a397bd168cb44464c9\"\r\nX-Runtime: 0.763776\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nContent-Security-Policy: default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5437,"size_decoded":5437,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (464)","md5":"f742f8262e84b9be265d97c9309653e2","sha1":"f213c5fdbf6b7300c1cea13b4e9ec358c8d91c2c","sha256":"1000daaef3b908a397bd168cb44464c9fade0e2c80394a619c8970eb99e51e2b","sha512":"29b60d764c618751dc6cacd6b4db47e72e331a0623bc62c707fc5c06a484d1c8bcfe9ec990560b1223f71daf63fa29e264ee0d89dda41d35dd7fd861610e4a59","ssdeep":"48:XLPbUt1b+Mu/IANwwxmzHepXcE2VNYkp2Qk+9Chpq2HBbw4y1XZhV3ZuA2g2ZsaN:ra1b+MfAKRwAYkkQU5M4y1XZh5Bface","tlshash":"64b1732274a09c3b198388f02471bb09358ed667850299509bfd8bef1fd6fc3a92271c","first_seen":"2025-01-23T13:04:28.509939Z","last_seen":"2025-01-23T13:04:28.509939Z","times_seen":1,"resource_available":false,"data":null}},"time_used":885,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":884,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2y682l68cpwit.cloudfront.net/assets/login-06bf30c6bf8e2728fc34f7420b78068db215f2912c5a38a9440da6f673e3153b.css","fqdn":"d2y682l68cpwit.cloudfront.net","domain":"d2y682l68cpwit.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.206","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hsb.youearnedit.com/users/sign_in","date":"2025-01-23T13:04:05.203Z","timestamp":1737637445203,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 30 Jul 2024 00:00:00 GMT","end":"Thu, 03 Jul 2025 23:59:59 GMT"},"fingerprint":{"sha1":"28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62","sha256":"41:BA:3A:6D:EE:23:CF:F9:B5:B7:FA:8C:6F:F5:D9:E5:89:D2:DD:DA:17:35:5C:E8:15:8F:DA:8E:2A:C8:5C:5E"}}},"request":{"raw":"GET /assets/login-06bf30c6bf8e2728fc34f7420b78068db215f2912c5a38a9440da6f673e3153b.css HTTP/1.1\r\nHost: d2y682l68cpwit.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hsb.youearnedit.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 3177\r\ndate: Thu, 23 Jan 2025 01:58:27 GMT\r\nlast-modified: Mon, 13 Jan 2025 16:35:26 GMT\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-request-method: *\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: l7pKKWsYGMsulJk5yrz4IQwol-ncbIoewOrgRsUT4EZLo7tX9-s0og==\r\nage: 39938\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3177,"size_decoded":12389,"mime_type":"text/css","magic":"ASCII text, with very long lines (12388)","md5":"c7faf297620e9de59fe52587b4b8d7b3","sha1":"c4832694f91c2a50d531766822cf7971cbdd5148","sha256":"06bf30c6bf8e2728fc34f7420b78068db215f2912c5a38a9440da6f673e3153b","sha512":"842b37dbff0a51276ec5c44b814f8caba7cf48b62c7aa010ac76d0fd45b14756ce14d6cf06bf25dd84d530a8f6e81360817eeb273d7d654aaad2a60499c53e3e","ssdeep":"192:njsd3aecrZDcRqHZDPy4iy6izYqHD1n95glfK91wfxerKJvX9z:cm9c8HJzYqj198GSfxeYt","tlshash":"b642c7215569203df42bc527f1d0a26ab2248553d26befbfde767176c68a0c62333b0c","first_seen":"2025-01-23T13:04:28.511718Z","last_seen":"2025-11-08T01:09:41.232825Z","times_seen":3,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":38,"dns":30,"connect":1,"send":0,"wait":23,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2y682l68cpwit.cloudfront.net/assets/login-0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73.js","fqdn":"d2y682l68cpwit.cloudfront.net","domain":"d2y682l68cpwit.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.206","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hsb.youearnedit.com/users/sign_in","date":"2025-01-23T13:04:05.206Z","timestamp":1737637445206,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 30 Jul 2024 00:00:00 GMT","end":"Thu, 03 Jul 2025 23:59:59 GMT"},"fingerprint":{"sha1":"28:D3:87:79:3C:E8:8B:3C:D9:10:45:E5:F7:64:7A:6D:44:4E:5A:62","sha256":"41:BA:3A:6D:EE:23:CF:F9:B5:B7:FA:8C:6F:F5:D9:E5:89:D2:DD:DA:17:35:5C:E8:15:8F:DA:8E:2A:C8:5C:5E"}}},"request":{"raw":"GET /assets/login-0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73.js HTTP/1.1\r\nHost: d2y682l68cpwit.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hsb.youearnedit.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-length: 146533\r\ndate: Thu, 23 Jan 2025 08:52:05 GMT\r\nlast-modified: Mon, 13 Jan 2025 16:40:27 GMT\r\ncontent-encoding: gzip\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-request-method: *\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: 6hxQPgfsi_MdfgiO51V1ojrC7PlKzC9oyZ-XHNgtC8KbFbJ9ebb0Eg==\r\nage: 15120\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":146533,"size_decoded":436009,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32765)","md5":"7cf14d1182ef34c19cf80ad0c9e01982","sha1":"6bf7a8dfba696e17e1be65cd3e87902d504da537","sha256":"0a036d562a9a3fd1dc5d83ea5af297861aff331341d04f4fa20258bed0695c73","sha512":"98906e0e6868bfc0a24147b3dc08914997c50e5ff5159b37cfc98a4bd117e362b4d7705b778c5abb7df5f61b43fd147a38aecfb38c88c9d90d6e4bdfdc2d2130","ssdeep":"6144:KVoRdT8+pXTyUiTrBa2uxLYIGIsal6ezxeGhI:6cZ2WqHalmG2","tlshash":"f394d7ccb1c2b06157ab207440af550bf23aad59750e8590e265e8e8fcbc95e917bf3c","first_seen":"2025-01-23T13:04:28.513627Z","last_seen":"2025-11-08T01:09:41.224909Z","times_seen":3,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":36,"dns":28,"connect":3,"send":0,"wait":24,"receive":19,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=G-MHGX8N9D52","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hsb.youearnedit.com/users/sign_in","date":"2025-01-23T13:04:05.511Z","timestamp":1737637445511,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Dec 2024 08:36:18 GMT","end":"Mon, 03 Mar 2025 08:36:17 GMT"},"fingerprint":{"sha1":"BB:2E:7E:AD:26:E1:69:CA:59:9D:25:40:5F:20:4A:82:34:E8:D2:04","sha256":"5A:6F:35:5B:E3:09:08:2E:14:FC:4D:A7:BE:0C:A9:0A:CF:D1:DF:F0:C7:6B:B3:B6:D9:0A:7B:4E:DB:0F:92:F2"}}},"request":{"raw":"GET /gtm.js?id=G-MHGX8N9D52 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hsb.youearnedit.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 23 Jan 2025 13:04:05 GMT\r\nexpires: Thu, 23 Jan 2025 13:04:05 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting\r\nreport-to: {\"group\":\"coop_reporting\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 108724\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":108724,"size_decoded":321731,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5960)","md5":"71765ac1ac4389dffd28c506ef502c5b","sha1":"d3de5c434b8b0257d81979b476d1791ea698157f","sha256":"381c199ad19c249f0774d0424e7b63b677d51f638dd39efc08adddc132f7b968","sha512":"481be69eefb6c3992793b42a4f6851dd83b768921ea55a91141f0fab23c97d03a302e7b5400632430004b67929eaaf063c66fed4fb8d00b5567b2f62d270c650","ssdeep":"6144:R4W5CuI+bZvpAk/8azh+RGIzGCC8/4RsZtr7qUHp:qW6+VBP/yARsai","tlshash":"236429ce73c674679296e478507f018ba57b28a2b80cc8d5f1c9c8e42d74a9a4277f7c","first_seen":"2025-01-23T13:04:28.515579Z","last_seen":"2025-01-23T13:04:28.515579Z","times_seen":1,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":135,"dns":2,"connect":21,"send":0,"wait":42,"receive":50,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yei-production-images.s3.amazonaws.com/uploads/company_setting/login_image/55ccdfd869702d13160f0000/mini_magick20150814-15917-2kxyck.png","fqdn":"yei-production-images.s3.amazonaws.com","domain":"yei-production-images.s3.amazonaws.com","tld":"s3.amazonaws.com"},"ip":{"addr":"54.231.131.217","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hsb.youearnedit.com/users/sign_in","date":"2025-01-23T13:04:05.209Z","timestamp":1737637445209,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.s3.amazonaws.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 22 Apr 2024 00:00:00 GMT","end":"Mon, 07 Apr 2025 23:59:59 GMT"},"fingerprint":{"sha1":"57:FE:C9:73:13:31:CA:2C:91:7F:05:C3:3B:16:FF:3F:1B:D8:7D:E2","sha256":"77:0B:A1:DF:CF:D6:D6:42:87:B1:85:76:0E:AD:C5:67:47:8F:1B:32:07:D7:73:F1:47:8D:39:ED:3F:29:20:41"}}},"request":{"raw":"GET /uploads/company_setting/login_image/55ccdfd869702d13160f0000/mini_magick20150814-15917-2kxyck.png HTTP/1.1\r\nHost: yei-production-images.s3.amazonaws.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hsb.youearnedit.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nx-amz-id-2: 6CqSNTXqTWI8WdCmhWUsXYfyWVr/AY3+p3IXpuESQ0MmgN/8esA0EMXPQ1+HKBKlMMG1suoR8mg=\r\nx-amz-request-id: 5DPVNEMA046KY686\r\nDate: Thu, 23 Jan 2025 13:04:06 GMT\r\nLast-Modified: Wed, 29 Jun 2016 15:59:32 GMT\r\nETag: \"d8fb499a99aa3aa473d0c440f646f655\"\r\nCache-Control: max-age=315576000\r\nx-amz-version-id: null\r\nAccept-Ranges: bytes\r\nContent-Type: image/png\r\nContent-Length: 256639\r\nServer: AmazonS3\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":256639,"size_decoded":256639,"mime_type":"image/png","magic":"PNG image data, 2048 x 510, 8-bit/color RGB, non-interlaced","md5":"d8fb499a99aa3aa473d0c440f646f655","sha1":"2b10f89c38d408ce9cb0fc0c23cd89881c8d749e","sha256":"cfc179a3dff85441326e7d2fb737cd2b62756f1c2b13aefeb8a17a6b24726213","sha512":"d56e185e06b6386fb03f60dc909f4554c2e13b87708aea28ebc5e81aa16fc21272d9ccab2034881a410902e8a206dbcfabd0f495876974feec2f04eabe7ee45f","ssdeep":"6144:VzAoZ7K1wkd4Lq6CukLCdXCat9t2T844bc9++0+lmyy:VUoZ7Apmq6XkECjT8IAt","tlshash":"904412a515e94b0dcc2ab73ebee2944f5a0be89504ff9478e705de97a40cb1e0e14c93","first_seen":"2025-01-23T13:04:28.517545Z","last_seen":"2025-01-23T13:04:28.517545Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1040,"timings":{"blocked":279,"dns":50,"connect":93,"send":0,"wait":185,"receive":290,"ssl":140},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hsb.youearnedit.com/favicon.ico","fqdn":"hsb.youearnedit.com","domain":"youearnedit.com","tld":"com"},"ip":{"addr":"35.199.32.36","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hsb.youearnedit.com/users/sign_in","date":"2025-01-23T13:04:05.847Z","timestamp":1737637445847,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.youearnedit.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Dec 2024 20:24:48 GMT","end":"Wed, 19 Mar 2025 20:24:47 GMT"},"fingerprint":{"sha1":"4D:42:C6:4C:1D:8B:51:2D:A9:FC:23:B4:69:D4:3B:1C:F7:05:42:31","sha256":"4F:8B:14:5D:FD:7E:30:27:1B:AF:09:16:CD:0C:DF:05:65:55:4A:DA:7D:B0:2F:96:E0:D3:2F:53:0C:1F:5D:79"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hsb.youearnedit.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hsb.youearnedit.com/users/sign_in\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _session_id=1ff297b3ccc69f703f124f6b841182c0\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 23 Jan 2025 13:04:05 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 7886\r\nConnection: keep-alive\r\nLast-Modified: Mon, 13 Jan 2025 16:35:26 GMT\r\nETag: \"678540ce-1ece\"\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nAccept-Ranges: bytes\r\nContent-Security-Policy: default-src 'self' 'unsafe-inline' https: data: 'unsafe-eval'; font-src 'self' data: 'unsafe-inline' https://fonts.googleapis.com https://fonts.gstatic.com https://*.cloudfront.net https://*.kazoohr.io https://cdnjs.cloudflare.com\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7886,"size_decoded":7886,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel","md5":"0fe0255dfced7478884e7a44fd2add61","sha1":"0ef8e40f93647bc4a331438c6ae3f7ebe1227b43","sha256":"14967ca639c8371c13fc74e6c861b4d75304104bfb21a1289e7cf89dc238bd22","sha512":"a55ec0d8bb2a4eeab05085ef4988d0d0ba7b05872878dddf7d25263a4e7f3bbba1c95f3c4e7c425e5f1681a1398c667a8c8519c95cd99305d43c64d4f604ebff","ssdeep":"96:97NXUN3cxeZwDQwD88dk86b3h2XlBHHtZ:97NXuchDXDLV6A","tlshash":"a6f19841de30092ff8cd8ffee4780e4946532eb210973a9648d97bd60ab711f287c94a","first_seen":"2024-08-19T18:19:11.816434Z","last_seen":"2026-04-13T13:59:20.216007Z","times_seen":6,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":128,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}