Report - other.landerhq.com/899702433

Report Overview

Submitted URL
other.landerhq.com/899702433
IP
188.240.52.20
ASN
#20857 Signet B.V.
Submitted
2022-09-03 07:58:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	906 B	89 kB	104.21.63.54
accounts.google.com	81	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.8 kB	216.58.207.237
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.218.159.206
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	65 kB	34.120.237.76
other.landerhq.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	212 kB	188.240.52.20
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.21.226
www.spotify.com	1130	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	1.3 kB	35.186.224.25
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	628 B	143.204.55.54
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	21 kB	216.239.38.178
www.dropbox.com	1994	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	3.0 kB	162.125.71.18
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	47 kB	142.250.74.72
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	595 B	709 B	173.194.221.154
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	13 kB	31.13.72.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	19 kB	151.101.85.229
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	143.204.42.88
novidash.com	35171	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	14 kB	188.240.52.20

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-03	medium	novidash.com/smartlink-css/631308e8b1c13c260e79b49a?fingerprintid=9e4947f35751465411fd1a4f5c358c78	Phishing
2022-09-03	medium	novidash.com/smartlink-css/631308e8b1c13c260e79b49a	Phishing
2022-09-03	medium	novidash.com/landing-interaction/899702433	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	other.landerhq.com/899702433	341 B	2023-03-07	2023-08-21
Pretty URL other.landerhq.com/899702433 IP 188.240.52.20 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2023-08-21 19:27:28 Times Seen5 Hash 0f9522c6818e7aa63cad4d069d21529a f8f5840df762222a04ee5908bfb75cc2c25886ce 573e0855fe1796a6393b64ac2b113a32232068b80459d190429aa1feb7b3f6c0 Loading...

	other.landerhq.com/899702433	126 B	2023-03-07	2023-08-21
Pretty URL other.landerhq.com/899702433 IP 188.240.52.20 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2023-08-21 19:58:13 Times Seen37 Hash dc2ab29926e4c4fba68e9d54511c2b0b 49ab59eeed8d75dfc7f9c24db8bb2d51764bddc5 d824bb9444c588471316cc11c51da26b5a1cb691b0ef4f3cae7aea05c450bcb8 Loading...

	other.landerhq.com/899702433	201 B	2023-03-07	2023-03-17
Pretty URL other.landerhq.com/899702433 IP 188.240.52.20 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2023-03-17 12:42:02 Times Seen1 Hash 6a325515b841215a28e5c2fecf2e848f 2d37dbe87f033a179a562d976bae23797d9e2590 7edeab74566fa8c0e6c857da731bf90cf39e37209d6730cf98d3cebefd6f04b5 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TRL5HN2	122 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TRL5HN2 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:38 Last Seen2023-03-07 12:23:38 Times Seen1 Hash af5523f1636411e449750314098cb89c a72f5fe2466112a13c0092d2a9c96e398a82dae8 058ac3bb574ee3cc76e3f33374570280538c7011f5879cec5379b5fb6d19c9df Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 216.239.38.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	other.landerhq.com/899702433	390 B	2023-03-07	2023-08-03
Pretty URL other.landerhq.com/899702433 IP 188.240.52.20 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2023-08-03 19:02:26 Times Seen2 Hash 37ec97eee90db9751691d233b0d7eedd 7963c49b18fe240baf11a12b8db4e5b7cc5df5df 33a1148e5675c3ef76b2c879aadd190a187a7f1937d4279e54cdd65e40b1c4e5 Loading...

	other.landerhq.com/899702433	4.9 kB	2023-03-07	2023-03-07
Pretty URL other.landerhq.com/899702433 IP 188.240.52.20 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:38 Last Seen2023-03-07 12:23:38 Times Seen1 Hash 7093185be2a0356f8e9f40cc30ea0524 6835244caf84febda994d44fd857140c70fdf359 7c1d733b36c224248edb8b3d5b825093c12d4eb09d90313dc9cde776a7f6a93b Loading...

	cdn.jsdelivr.net/npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js	9.0 kB	2023-03-07	2023-12-12
Pretty URL cdn.jsdelivr.net/npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2023-12-12 23:36:16 Times Seen268 Hash 47c385b50143101eb33518d4bdb62b8f 6683889617dc16e817a49c17ce38f358efdf1638 52e6c3e0c3c2d518f8bf787de1e40e557c21e3b072f29c854f6321053e2fbbf3 Loading...

	static.hotjar.com/c/hotjar-2841648.js?sv=6	5.5 kB	2023-03-07	2023-03-07
Pretty URL static.hotjar.com/c/hotjar-2841648.js?sv=6 IP 143.204.55.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:51 Last Seen2023-03-07 12:23:38 Times Seen1 Hash fdf3c01a856640c365e54fa4b5dd3287 9edb85bfc5fd95e6894e978f374193bb1461b8d9 1de0c6259440772f4cf1b5f0c90dd62d457f4653a667b392d855631fcddb530e Loading...

	other.landerhq.com/899702433	838 B	2023-03-07	2023-03-17
Pretty URL other.landerhq.com/899702433 IP 188.240.52.20 ASN #20857 Signet B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2023-03-17 12:42:01 Times Seen1 Hash 41eb3ae5af3910a4fb21fb9c9eb4d2fb 0e54ce90d8f84c9e6dc9594e0556841e6e44d4fa f3f3955531eb040be612e26727126e288f0eee8e1820c0a1acf25f4eabf8fa36 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4dab8f868fb9d17a8ae85d3033a5be4a	5.8 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 12:23:38 Last Seen2023-03-07 12:23:38 Times Seen1 Hash 4dab8f868fb9d17a8ae85d3033a5be4a 2e1ea9f03e91eeb6ec933622e07d638d9a055186 3a1b90c4ea2aac6319902d1c0d30d6ad89e85116963f2ab65379f87a3c89fc94 Loading...

	#2 Eval - 3a7bc1a1c190a965d92fee31ba45446a	523 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:04:00 Last Seen2023-03-17 12:42:02 Times Seen1 Hash 3a7bc1a1c190a965d92fee31ba45446a e11966b702084aea238809a48bf5a30d38d3cae8 823fa8df882c0cf80fa0671c6fdeeb257513904bb6e01b584a4cb81835a8cdd3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 1b70ac0a972fddf1e1a33e6ed9df49c7	14 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:39:47 Last Seen2023-03-17 12:42:02 Times Seen1 Hash 1b70ac0a972fddf1e1a33e6ed9df49c7 6b3c3ed38c382e050cdb1ad72421d57649d42ed4 d3de569b7c2f7f122fba8046d966cd109673d0c87ac58412c3d64f2b2a4c0649 Loading...

HTTP Transactions (58)

URL IP Response Size

other.landerhq.com/899702433

188.240.52.20

200 OK

6.9 kB

URL HTTP/1.1
other.landerhq.com/899702433
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4905)
Size
6.9 kB (6917 bytes)
Hash
7bca9346b94659776a11eb245a83881c
a729615e49fc226af94eb8c62a559a81956e9aa4
d2364d97b16050f1f24a3e514d0d270670cd07fa1eaaaaf5be2cfc94545532db

HTTP Headers

GET /899702433 HTTP/1.1
Host: other.landerhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 03 Sep 2022 07:58:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6InVjTERJdDM4Wit0dGNuU0REZ29OMXc9PSIsInZhbHVlIjoiNkxmWlk4Z2x2Nm4raWVmVzM5VWQxdzJXU3dUZjh2ZTkycXg2MmU1S3J2UFM2Yks2N1JGNXJPOHlaa2JrdVlvTytsOGt5STdlMFQ3ZUpsbGJubDVmNFg3VGdZWXVTU3lsZDdiell1bk9iWHloQmsrZFJYT2VEb1M3TmVXUktjZSsiLCJtYWMiOiI4YzQwMjFkMTg5MDVlZDJjOGU3ZWM2N2VmZjIwNjVmNjkyMDZmNGVmNzY1Y2I5OWUzNTU0MGI1ZDM3Yjk5YTc2IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:08 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6InBsVjZ2NkJNMjRWdlcxTVpreVY1alE9PSIsInZhbHVlIjoiTmp4a2VLdnU0VVphRC9EQjhiOENvTjJkMzNtVm5yVkRYR1ZSeUU5cFI5U0ZKTkZ5R0tzZGhmeGI5YlU2RjBCY1U0c1VuV3U5elBsMmRrUVRzV21KdXZ4UEN0VEo5KzFrOVZxODJmTjA3a2s5MWxDZDRDKzNnL3pnNDlvQklLZWciLCJtYWMiOiI0YTIzMDIwNDVjYjgyYmQwMGZlNWYzNDU3NzdjMjYwOTg1ZmYyMTU0ZmMyZTJhZDg5YTRjNjNlZGFhYzEzOGQ3IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:08 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 07:42:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BQ-99YT3b2VJfi70tQdhg-L8fHNc_ArmWiEEtfC29D3Jsd1Xup9-7Q==
Age: 914

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7315
Expires: Sat, 03 Sep 2022 10:00:03 GMT
Date: Sat, 03 Sep 2022 07:58:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PoaAjUEYtCsahw7yTBj5sUvHRd3DIyo1_b4nzR1MfFd3VvollDBIPA==
age: 24171
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 07:58:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js

151.101.85.229

200 OK

3.1 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (8836)
Size
3.1 kB (3067 bytes)
Hash
b066530dd980f68abf6d92414bc4c7ed
34ad41df121cf682a0471d60e19ca4590fb5314f
b494f22ff0e7d3f34e58eed4232718aec04e61857777fff1bee495f488a52084

HTTP Headers

GET /npm/@fpjs-incubator/botd-agent@0/dist/botd.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.1.20
x-jsd-version-type: version
etag: W/"2349-ZoOIlhfcFugXpJwXzjjzWO/fFjg"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Sep 2022 07:58:08 GMT
age: 38477
x-served-by: cache-fra19148-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 3067
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js

151.101.85.229

200 OK

14 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (33348)
Size
14 kB (14137 bytes)
Hash
e7b94e944315bb48c9b9820ad324718d
f77317565b6243287bd3ee74fe96a9632fef559a
4c8e188a605e3090b34c87622bf7038d6699cb06af2f242eb77843ff3966f97a

HTTP Headers

GET /npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.3.5
x-jsd-version-type: version
etag: W/"8392-Rfi4DUKsZmgOw+7TcNmFhcx8ixc"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Sep 2022 07:58:08 GMT
age: 24886
x-served-by: cache-fra19145-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 14137
X-Firefox-Spdy: h2

other.landerhq.com/landingpages/mcafee/os_versions.png

188.240.52.20

200 OK

3.1 kB

URL HTTP/2
other.landerhq.com/landingpages/mcafee/os_versions.png
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
PNG image data, 135 x 26, 8-bit/color RGBA, interlaced\012- data
Size
3.1 kB (3073 bytes)
Hash
e662ac219b9626c6488250a2b09640c5
45636878adece610ed4d2c44bb177ac53e68adfb
cb28be8a2c6c7ef36afd59c211b5a1f50ad26229c14ae714c39df687c96ab823

HTTP Headers

GET /landingpages/mcafee/os_versions.png HTTP/1.1
Host: other.landerhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:08 GMT
content-type: image/png
content-length: 3073
last-modified: Wed, 31 Aug 2022 12:57:27 GMT
etag: "630f5ab7-c01"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
09cc85e393be40001c85a75a981837a2
48aa6ea3ca3a06fff3c1185c43ed0c2cbf1b42a1
9f8a0a95d5bb45b6e19249dc737e539b77adde323cc0d0a9bbaaf42eec7d6f2a

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 07:58:08 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "34DC65A5BBE187D6B5F0EE9767EEBD94C1C117FA"
Expires: Sat, 03 Sep 2022 18:00:00 GMT
Last-Modified: Sat, 03 Sep 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2994
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744cf0481a290b39-OSL

other.landerhq.com/landingpages/mcafee/360.png

188.240.52.20

200 OK

38 kB

URL HTTP/2
other.landerhq.com/landingpages/mcafee/360.png
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
PNG image data, 125 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (38110 bytes)
Hash
15f432f9006e7256a9452bdd27835619
7042133d844e198542a7cc1fadcc513059130fe6
010ba660952072e4c859f26dd1f74bc21cc2d7bdbf7c37b90d9e3ed279ad500f

HTTP Headers

GET /landingpages/mcafee/360.png HTTP/1.1
Host: other.landerhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:08 GMT
content-type: image/png
content-length: 38110
last-modified: Wed, 31 Aug 2022 12:57:28 GMT
etag: "630f5ab8-94de"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

other.landerhq.com/landingpages/mcafee/logo.png

188.240.52.20

200 OK

30 kB

URL HTTP/2
other.landerhq.com/landingpages/mcafee/logo.png
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
PNG image data, 1280 x 257, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30211 bytes)
Hash
26740ccd6ca2d5d3542f4b0d540bd30c
13c7ccbb771765399a7aeb351a9c8d79e668c480
9db2bed7f1778805e72f7f079f0b8789eaf039e3d9124145d2e88dab53e22ae2

HTTP Headers

GET /landingpages/mcafee/logo.png HTTP/1.1
Host: other.landerhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:08 GMT
content-type: image/png
content-length: 30211
last-modified: Wed, 31 Aug 2022 12:57:34 GMT
etag: "630f5abe-7603"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2

104.21.63.54

200 OK

74 kB

URL HTTP/2
use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
IP
104.21.63.54:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064\012- data
Size
74 kB (74348 bytes)
Hash
462806316fea535a6a57651bc2b000b0
80644191098f863f25be27841c0d92c452cf2327
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

HTTP Headers

GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 07:58:08 GMT
content-type: font/woff2
content-length: 74348
x-amz-id-2: ipmjsYqApdE13lzFJtkgI16C8MyH0+1tb26hBNmU1VJo9ruqkI4qlPUioKXF3c3lMLh7+R7WvPI=
x-amz-request-id: 8XED2RMXQCCT4398
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 46981
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S96jIb3cZJqUW8sLXuHHjHawaCA28tecfvuzDxYix3S%2FDcbDY4QNBmGFiIoNITpRqIZCqzO2Uj2m%2Bzj9hILWaDKU%2B8zVU6jI7Vvulc5Q9%2F%2FlVDaUCHmhTTdOIuAlllq%2FR%2F6e7ka8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744cf0489e8a0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

other.landerhq.com/landingpages/mcafee/bg.jpg

188.240.52.20

200 OK

130 kB

URL HTTP/2
other.landerhq.com/landingpages/mcafee/bg.jpg
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x613, components 3\012- data
Size
130 kB (129948 bytes)
Hash
444f46588f202bb38dceb8191f606f3e
f4eb55005df6be8068bb9c78d7fc0cd70651a1dc
86102483f8cb9a2d5bd4771914f960e1ea0bf6b1866aa1c2b86f75a1018b94ce

HTTP Headers

GET /landingpages/mcafee/bg.jpg HTTP/1.1
Host: other.landerhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:08 GMT
content-type: image/jpeg
content-length: 129948
last-modified: Wed, 31 Aug 2022 12:57:34 GMT
etag: "630f5abe-1fb9c"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
83e3d33a839e98a66b23f4a26305b129
c375830304419b0cc288784df314bb88dda3d32e
fb0390d995766277c47bf2a08f6fe23e001af8c757c37cd6931024acf59d9379

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6375
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:08 GMT
Last-Modified: Sat, 03 Sep 2022 06:11:53 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
51a291e63c81686bc72df6b5ce3b5e00
2dfe01912533530665cf52e3ac1b5a7d7704667f
2449cea77a21367beb4a8fb25248883f24c60ea8868487b20fad1aa735c21cf1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3868
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:08 GMT
Last-Modified: Sat, 03 Sep 2022 06:53:40 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
51a291e63c81686bc72df6b5ce3b5e00
2dfe01912533530665cf52e3ac1b5a7d7704667f
2449cea77a21367beb4a8fb25248883f24c60ea8868487b20fad1aa735c21cf1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6557
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:08 GMT
Last-Modified: Sat, 03 Sep 2022 06:08:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtm.js?id=GTM-TRL5HN2

142.250.74.72

200 OK

46 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TRL5HN2
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (3238)
Size
46 kB (46452 bytes)
Hash
66f4e88cd6d38a4f0d3f570f2735ccd6
0a303bcea4839955e9017b2a1545cbef7a910064
9d46d60155ef6a483d770ae1caf8398141679c869dffc442354f8784862eb999

HTTP Headers

GET /gtm.js?id=GTM-TRL5HN2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 07:58:08 GMT
expires: Sat, 03 Sep 2022 07:58:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46452
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 07:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 08:35:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ovT29VBdU7dskhsvZBCHWCZwR6fa8q-Zmfu-57F5zHO6eGkYBQ5zlA==
Age: 1193

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2adcafd0a5b64c19e2101d5510862850
fc6f0e06f9ee59375c0d34cd935a5e758a2ae8ac
8ea610df7f926b58c0d20255b3aea40f854362d3b1995498ed0244b2bde7179d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 07:58:09 GMT
Last-Modified: Sat, 03 Sep 2022 06:10:20 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 43vQhAuNO9snzOSf6xuxOxJ71kIG20hadUbHqV0lNnrEpbJEIt-BsA==
Age: 6469

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:09 GMT
Last-Modified: Sat, 03 Sep 2022 06:55:34 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

other.landerhq.com/landingpages/mcafee/favicon.ico

188.240.52.20

200 OK

1.2 kB

URL HTTP/2
other.landerhq.com/landingpages/mcafee/favicon.ico
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
ff7441c3264d89023f376e5319dad793
1f0be835d947eb2de35d945ea5b9b92578a8cbd7
93130759a18703dcad5862bc2fd2973edf9ab7e48ba2c0b4cd4fcfaf832df223

HTTP Headers

GET /landingpages/mcafee/favicon.ico HTTP/1.1
Host: other.landerhq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:09 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Wed, 31 Aug 2022 12:57:35 GMT
etag: "630f5abf-47e"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.2/css/all.css

104.21.63.54

200 OK

12 kB

URL HTTP/2
use.fontawesome.com/releases/v5.7.2/css/all.css
IP
104.21.63.54:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (54456), with no line terminators
Size
12 kB (12160 bytes)
Hash
c3acb51c1f7ccc46582ce61eb26ca5d7
33e52b9c6de57ba026d5fb7cc6037da100bf135b
396059c4f5fd1ecdf79d3f9534cd2e51b380e62163d52f972396aee10bf8ddca

HTTP Headers

GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Sep 2022 07:58:08 GMT
content-type: text/css
x-amz-id-2: smagYpWl0+bc8zt8JQf0gO9viJr7oDexr8sMwGXw9NcG2r42NcmGKSCW6fIuwp4ohGFJAU1y0dE=
x-amz-request-id: 7ZX7D2Q905N7DGQP
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 367396
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZyacOsWe3eTkA2HC8tF1DKUs7N%2F7AI%2BmWwOhaEwTmZgIGR9Oj3nVuwnJpNUPgQrlqyTdtf4Wj78r0q%2BqSqUXeGH0gflzGdL%2Br8T1qT3RnPDxkHAwDKcn6ESg9XD5ia8DyRclBF4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744cf0478d3b0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5523
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:09 GMT
Last-Modified: Sat, 03 Sep 2022 06:26:06 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

216.239.38.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.38.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 03 Sep 2022 06:29:41 GMT
expires: Sat, 03 Sep 2022 08:29:41 GMT
cache-control: public, max-age=7200
age: 5308
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4d6c49cdfc9ba8e2c35c0864cdd02a9a
ea1b2234ca6f8e87594c1cd3329d61ccf1e6c8a2
662b1013ed12b05bebf54a1cb3040105777d022f0768b3e3fe532b1d8239bfbe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4d6c49cdfc9ba8e2c35c0864cdd02a9a
ea1b2234ca6f8e87594c1cd3329d61ccf1e6c8a2
662b1013ed12b05bebf54a1cb3040105777d022f0768b3e3fe532b1d8239bfbe

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?fingerprintid=9e4947f35751465411fd1a4f5c358c78

188.240.52.20

200 OK

398 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?fingerprintid=9e4947f35751465411fd1a4f5c358c78
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Size
398 B (398 bytes)
Hash
acdd51120f5d08b2f176a975fefc9a84
d37ab8352b7a362fa63360eee85f74c3ca24e710
7a18eec3eb771421acfedbd361d1cdb5bf5df56dff97528bb0f898ec0fe0472a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /smartlink-css/631308e8b1c13c260e79b49a?fingerprintid=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 22286
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:09 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImVqeW4rd1NCVlFRWGYxRk1mSVlKWGc9PSIsInZhbHVlIjoiOVNCLythbnQ0b0duOXNNSHZsV1V1dXk5TVVNY0d2SDlNY0xURlVBVk1LTkE1ZjI2N1VNWFlmUTc3N0Y1UGFNZ2svZzNKVk1rV1gyd3dFaWVmRkN1MnUyQ1F2MURTVzhXUFRiZXN2VXNHK29FeEdxTTZ5VlFnN0ZHdVB4TldCZEkiLCJtYWMiOiJjZTIzMDJhNWU1NjZjZGMxNGJiOWVkZTgzZDY1OTQxMjA2YzIzZjU2YmVlOTM1ODg5MzczNDI2M2JkOTk3Y2QyIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:09 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6InN0cE04VW5RTjJYeGlhRGJBUXNPdkE9PSIsInZhbHVlIjoiaTIxQmYxclZXbWViUFpHL2VDYUw4emxWV1hPSStRM2ZwbFNCejN4bkljcVh4NlU5M1prYkR6MUlER0xhTUNyQzhMSWpYckxZRXFScXE5a3haUjhiN1d4bWROZkc5Z2t0cDE5NXA0VUt6UkJ6a3kzenRiRlFWdDg3eXRYbGZ4YWMiLCJtYWMiOiJhNWI4ZmU2ZTU2M2RiYjdhZWZiMGE4YjVkYjQ2ZjljNjMxMmIxYTI4Y2Q3NWYwMTkyY2FlMzM2NWUyYmVjMzg0IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a

188.240.52.20

200 OK

472 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type
data
Size
472 B (472 bytes)
Hash
9665d92cfb2f9db5f7032ed692dff0e0
2ca6220de116f04429a7ce3f3c8f95cae61db137
5cc77ac9117df4aa52cc268287bf82f9dde172f1bcd7f640d3f0ef04a5ed07c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /smartlink-css/631308e8b1c13c260e79b49a HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 352
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:09 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImpYeGgrNVJyaDU2ZkdPdGFMY1R4akE9PSIsInZhbHVlIjoiMzJFVjJaWGdBMjRWbTVjRDdWVmVSTEFDU1d3ZVBUL2x1bVVITkxzeXlnSTlpZXVQQng3RHRMN1BqRE9ZU1dhQXlJOTQ5U2x2VGJndlNTOEJDMzlqWTZJcFJjdzhzczFPRUZqdkJ3em1HTVNiMXRUd1p4dVBETlRDaEVXdW1ndTgiLCJtYWMiOiJkOGRmYjkwNmVkMmYzOWY5N2MzMTY3NTQzODc4NjAyNGMzMmFiNzk0ZDkyZDUyZmQyMDA1M2RmMzQ2NjMzZDZiIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:09 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IlZzRFJjOVNSZk9QcHZDem5obnVmMkE9PSIsInZhbHVlIjoiOUlIZmZYaUpxYXozZG1ZcVg2UjNkNWdwSDdzeUJPZ1FwOXJrVUFjck1lV2g0clJHdHFDZnprdndRVUhPa1BKUEJLeDQyazdrS1V0S0dseVR6Q2NuU1dXUlBoeEhLeTJZTkNmWHp3VEZSeERiNnA3QllaODIzOC92S2g3dVQ5cVMiLCJtYWMiOiI3MjlkMWYxZDIxOGRjYTBmN2QyMTVkYTQ3ZjJiNmM1NjhlZGQ2NTJhMGNhMjc5MDk4ODI1NjNkMjgyZGY1YzFhIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

216.58.207.237

302 Found

396 B

URL HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Size
396 B (396 bytes)
Hash
2d5c9e4d490b2bbb8621e0920ea706e4
386bef502a3f9cec43ae582fb2b542aa604028b5
d7768944192a781b22cd3712bbc0ffff12ee960e09f1ee117704128bddf0e555

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Sep 2022 07:58:09 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1240615434%3A1662191889522208&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmUanfycHhTY_w1hkCu8DsgseOAnoBkTIwKol91HddgPLHSyhxX_cubK_jfxd7UpEAPzkD3gnw
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-K3_zUShjmF09aMwQ88zgww' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:L-zcMFneAztg4hGmeW4SUOxHBJph4Q:c2HbAc-rOomzxuJ1;Path=/;Expires=Mon, 02-Sep-2024 07:58:09 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6166
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:09 GMT
Last-Modified: Sat, 03 Sep 2022 06:15:23 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

31.13.72.36

200 OK

9.9 kB

URL HTTP/2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
data
Size
9.9 kB (9923 bytes)
Hash
464cb9fa3fb92c782318590b9422e16e
8015b2c9c726cffa33c3dbbe0cf72f2a1d404116
ef69feea465e37090dd5ca93f9ec7d603648d6af73e64009320a87cf14c79580

HTTP Headers

GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: IyIMCZbYOtCPCvY6s/G6+yh9yET2G+nzWS2mj77x3DhbBn9kKUkZjjggAOd9Beow2jwK8QunrNo6WEYIXUbrGA==
date: Sat, 03 Sep 2022 07:58:09 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-165133312-2&cid=1118185794.1662191887&jid=833097932&gjid=1856240006&_gid=1445478010.1662191887&_u=YEBAAEAAAAAAAC~&z=869079944

173.194.221.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-165133312-2&cid=1118185794.1662191887&jid=833097932&gjid=1856240006&_gid=1445478010.1662191887&_u=YEBAAEAAAAAAAC~&z=869079944
IP
173.194.221.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-165133312-2&cid=1118185794.1662191887&jid=833097932&gjid=1856240006&_gid=1445478010.1662191887&_u=YEBAAEAAAAAAAC~&z=869079944 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://other.landerhq.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Sep 2022 07:58:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.218.159.206

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.159.206:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D0ldP1JJSmtPREhWb41jFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FYDAYxEPQFij7+cL+HRifwcayQA=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 07:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15247
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 07:58:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15247
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 07:58:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15247
Expires: Sat, 03 Sep 2022 12:12:17 GMT
Date: Sat, 03 Sep 2022 07:58:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7501 bytes)
Hash
23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:34 GMT
age: 35736
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6976 bytes)
Hash
c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SORUPJgJ_gKKs4hSa4EzCCQA6B1dmyO1EC-gCBvFKl2R2hV0mYTeA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:39:01 GMT
age: 33549
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dce7ca4-6ed1-4f00-8943-1ea59bc2cfd0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11776 bytes)
Hash
940d722cca434f3267ad6a1567b92e7b
8f8d5827588201a2b6aa883cbf812b0db2318df2
33c16b50e7c317df2b91def5625e8e39c8c2ecc75054ee40f82d4b22c80eb831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dce7ca4-6ed1-4f00-8943-1ea59bc2cfd0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11776
x-amzn-requestid: 59dcda55-4c16-4842-828d-2588c43178c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XqdN-FzkIAMFy4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630da8bf-37b930cb3e54dfa21883ead4;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 06:05:51 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eVOxXB-DBdvXLiSeG8b7tDD2oLU6x_F5EUSh-JjIW7SQJ1j9kOA6hg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:00:51 GMT
age: 35839
etag: "8f8d5827588201a2b6aa883cbf812b0db2318df2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13241 bytes)
Hash
d9ae49d397bc8300ce0eceda8175a3ad
087b7d14d84ebb179126c9dcd8964d22f24f30ab
b9daa2fc390a97a4bd622dbdec7fe0fff7e6527ffb844a46b9b87b2bd6e0f006

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9669117-bdb7-4eca-9f0c-900e888a9a98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13241
x-amzn-requestid: 80083a05-9884-48f8-983b-d4132d7c8a0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMHFgPIAMF9qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-16fd2f06541cb4bc027f153f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zugAT8FgWA5gShTMABbCTZbZzaCXxM6du0zskoXn-LtzDNb5j4ByeA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:18:36 GMT
age: 34774
etag: "087b7d14d84ebb179126c9dcd8964d22f24f30ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1a25fee-f3d6-472f-81bc-e6c0a5fb3126.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6629 bytes)
Hash
68ab3b487c83fa2b50f774f1ed7e2e00
761c970aa19a87625a60a80f74dc9ae9d8c54ab0
4c483c7ad3b7f20a4566daf558fbd308158068accbbaca38089da192c2bc722c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1a25fee-f3d6-472f-81bc-e6c0a5fb3126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: 2542bbcd-b962-4397-9c6a-359fa9b33b4d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0mhjF06oAMF62Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b7a3-281acf5f7c4982e26c723e42;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:58:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ygiWF4CCLws5zXLxKz79hEJ5eZEFIUsg41lhMvr9NeWjaFLLTX2OeQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:00:54 GMT
age: 35836
etag: "761c970aa19a87625a60a80f74dc9ae9d8c54ab0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12853 bytes)
Hash
945f8c7bc247f564fc18e434049b8eaa
a74869b1d9551896ba6f911d167e192b2d9fd45e
143e84c6bbba21b868d2a443a365129e625614caa8f6eb7247cf971ce24417af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F284d1308-98de-4954-a408-a2c074e0e7ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 2faea4f9-2bc2-4f09-98ff-753202d8a4e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMHHfpIAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-00ba3cea36308cea4a092141;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9qJg8ABexAQhpVPxIuH1gRIE9m62F5jPWWnaiMcF0RD9N-Wt30JTEw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:00:18 GMT
age: 35872
etag: "a74869b1d9551896ba6f911d167e192b2d9fd45e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=2&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=2&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=2&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:10 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IktYZXhHc1g3Z3VSeWl3ZmV3TkFRaVE9PSIsInZhbHVlIjoiNTVUbzFISnZ6aEFOUWlVVXMyUjdrTURDNG1LMWJNSytIYk5iKzBQZGkwRWtiMzV6clRoRWpmZWRSMWlXTXNTcEwrUWxONUl6eTJVZXY0Tk40dzJ1WjdRZE9YUUZDM1BZelIzL0oyaFFibnYzQ1o1anIrYnIrS2tzSldpUTkxOUciLCJtYWMiOiIzM2JiN2VkYjFjYzJlZjA2NmE0NDczMmQ4MmNjYjA4YjY0N2M4NGM3ZDQ1MzUwMjIzOGFhNzJiNzU2ZjhmY2I4IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:10 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6ImU0VHFEVlIxK1QrNk9OZFI5djM4Y2c9PSIsInZhbHVlIjoiL1pSTmwvNDFCandDeVM4ZzdoMUIzRmxWSktDVEhMV0U1N3hGWWd5QU84V0FiZ2xYSjVOYUNGWnkyTGpROUE1Z3c1bDVkYWNhS2t3ZzFYTk94Z2lkWXgwRnhEUlVRaGVIZ0gzNzljVlcrSjltVmNCaFBQdjhEWnQzTHdzaDU5bEMiLCJtYWMiOiI1NzgxNTkzYjQzZmY2NmQ4ODM4MDVmZTM3NDY3M2VjMjE0M2M1YzBjOGYzNjIyOTBlMjE1MGUzZTI4YTU1MzA3IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:10 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=3&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=3&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=3&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:11 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImJ2L09rVHNHRHp4WGNoenAySjNwZmc9PSIsInZhbHVlIjoibTc3dXlvLzBUb3dPeXZrQStRTW9DRDFvVFFveWpBZm1Sa3NOVys4b1IzRjFqb0Z2dFdkVjhmSzlBSm80dW00ZC9nOFRSeERJb3RqTGpUTk90UkIwMGpOUWVocVVnMlYyZzhmVk5aNUpHREhuaWkwM3ltQ0Y3ZTNXM2QvU25vdnQiLCJtYWMiOiJmZDk4ZjBhYTcwZDI2MGRmNjZhNzFjM2YxMzk4NGE3NTU2NTJhMzg0ZTJlMjk3NzFhMmNmYTcxZWM0ZWMyNzljIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:11 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6InEyVndmYUdXUmdtcGhEWEdwT2kvRWc9PSIsInZhbHVlIjoiR1BrdHpPQm5uZDNKVE5QdHFlNzVjanJOc093b2xuN1R1bEhDZzB5dDI1L3BNNVRPVi90ZmVzMFRXUEp3ZDRhRlVwZFA0c01MS1V3dzdLMUhKWFBseGJtMlYzcVN5NG5hSFV3RnNvcjQyM0RZZkpia0hISHR3U1JBejdONFdXL0ciLCJtYWMiOiIzY2ZhOTg3NTRmMzgzNzUyOWVkNDg4MWY1MWFlNDY1OWQzNjMyNDBlYjM3YmM2OWY0NTIzZmIzYWUwY2JmMTZiIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:11 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=6&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=6&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=6&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:14 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjVadlp6QUt1WVNMVGJFbEYwWFFqZ0E9PSIsInZhbHVlIjoiTyswMlU5T0hqYkRYZ0xTYjBpRTJFVlFicUNYbEljYkpWN3hhUlB2M1NSamtwREo1QTJLVHM3ZTZQQlJuMEh4eGc2NVdNd1h2cmtXVC9qK1JLSkV0Q0c0azlCRm40MDdIemJRNWRxSjZGdk5sSjdsMlhSSE1ITEoxVlpySktFcHUiLCJtYWMiOiI0YzgyYjM5YWRkM2M1NjY0MzI0NTJlNDdkMmQzNWNmZGU0N2I0MTgxYzgzOTBkYWExOWY5ZmZiZTU4ZDQ2OGE0IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:14 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkFDcW9HZjNwek5UdUdGb2gyYjFSMkE9PSIsInZhbHVlIjoiN2QybThBZ2JZQ2tzbnBhZitGUlcyZGZPZWhMVTk0aXpleXhuYkZkQXhDSUluQXFaUU9XejVJTzBLL05hNzh4bUtkbzNZaE5Ndlltb1hyV3hvUkpiWHlLU1AyU3lsSEVRdW0va1YrZFJCd0JyQnBuNWZWLzFOK2ZRYWJBcldoeksiLCJtYWMiOiIxYTIyNWEwY2UzOTI5ZGQ5MTNmNDc3NTg0NWE5MTc3ZjBmZjUwMjNiODRiYjg0MmQzNDBmYjBkNjRiZjUxYWQxIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:14 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=7&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=7&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=7&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:15 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IkdFWXFPYkphck5vbGFNWEVTZEd4VXc9PSIsInZhbHVlIjoiQWVtdmZCMHhkT1dDRFVpVEdha2lHeW96ZFhWRHVUbG82bkV1Z0hCdUdEZnFRa0dEWFFvVlhUOEU4RGprbUxlOVBSTGdSb09pTlc2M0o1b3Y1TjhuYk9rQkU1SStDYmFXcXFKLzljR1ROdUZYV3VRRktMREFObldYZitML1FwckIiLCJtYWMiOiI1ZDQ0MWZhOTI2YmY5N2U0NzQyYjc4MzcwMTliY2YxYjM4MjljYzE0NDVkYWM2YmFjMTgwMWM1NTU5MGQ2MDhjIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:15 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkFVS0hzOHNWOGNzTjE2b2pFRlhFTFE9PSIsInZhbHVlIjoiWUh5bm0xZFk4V2ZMTkdkdnlCMWdMaGdFaitnUjd1Y3hhaHZZWlIyYmpnc2pCY3E4bVdqMk5la1VNcTF0Y2twZ3B2ZEtSMWYrOWZKR0orcUlaL1JtZmJhY1pXbXdtMllDSFB4emhaZTEyQ1JrVXBLWFFJaUFvVGhLa1BFdjZiZzAiLCJtYWMiOiIwNzI0YmRmMDNjZjZhZjlmY2JjZDkzYjk1NjY2NDNmMGIyMjIwNjg4ZTE5NmE1ZjJhMWNmNzZmOWJkOWY2ZThhIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:15 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

www.spotify.com/de/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico

35.186.224.25

302 Found

0 B

URL HTTP/2
www.spotify.com/de/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico
IP
35.186.224.25:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /de/login/?forward_url=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico HTTP/1.1
Host: www.spotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Sat, 03 Sep 2022 07:58:08 GMT
x-powered-by: Express
set-cookie: sp_usid=00568c54-3602-4ebd-bf77-0f54c9958b3e; Max-Age=1800; Domain=spotify.com; Path=/; Secure
sp_m=de; Path=/; Domain=.spotify.com; Max-Age=115516800; Expires=Sat, 02 May 2026 07:58:08 GMT; Secure; HttpOnly; SameSite=Lax
sp_t=02fa7feb-d12b-42db-af1a-5b7678018cd0; Path=/; Domain=.spotify.com; Max-Age=31536000; Expires=Sun, 03 Sep 2023 07:58:08 GMT; Secure
sp_new=1; Path=/; Domain=.spotify.com; Max-Age=86400; Expires=Sun, 04 Sep 2022 07:58:08 GMT; Secure
sp_landing=https%3A%2F%2Fwww.spotify.com%2Fde%2Flogin%2F; Path=/; Domain=.spotify.com; Max-Age=86400; Expires=Sun, 04 Sep 2022 07:58:08 GMT; Secure; HttpOnly
location: https://accounts.spotify.com/login?continue=https%3A%2F%2Fwww.spotify.com%2Ffavicon.ico&_locale=de-DE
content-security-policy: base-uri 'none'; connect-src https: wss:; form-action https:; frame-ancestors 'self' https://*.spotify.com https://*.spotify.net; object-src 'none'
x-join-the-band: https://www.spotify.com/jobs/
sp-trace-id: 703c6844416a08d6
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding
server: envoy
via: HTTP/2 edgeproxy, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.dropbox.com/login?cont=https%3A%2F%2Fwww.dropbox.com%2Fstatic%2Fimages%2Ficons%2Ficon_spacer-vflN3BYt2.gif

162.125.71.18

200 OK

0 B

URL HTTP/2
www.dropbox.com/login?cont=https%3A%2F%2Fwww.dropbox.com%2Fstatic%2Fimages%2Ficons%2Ficon_spacer-vflN3BYt2.gif
IP
162.125.71.18:0
ASN
#19679 DROPBOX

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /login?cont=https%3A%2F%2Fwww.dropbox.com%2Fstatic%2Fimages%2Ficons%2Ficon_spacer-vflN3BYt2.gif HTTP/1.1
Host: www.dropbox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: no-cache,no-cache, no-store
content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client 'nonce-71SetU7sjT39hm+4zL2x' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-71SetU7sjT39hm+4zL2x' 'nonce-CZLZ8Njd4n97Qi8ItNLB'
referrer-policy: strict-origin-when-cross-origin
set-cookie: gvc=MTEzMzExMjIwNTcxMTQyOTc1NzQwOTkyNDIxMjY0Njc4NjY2MTQw; expires=Thu, 02 Sep 2027 07:58:09 GMT; HttpOnly; Path=/; SameSite=None; Secure
t=nsDOfJeK_o_LUhw1mXStf8V-; Domain=dropbox.com; expires=Tue, 02 Sep 2025 07:58:09 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=nsDOfJeK_o_LUhw1mXStf8V-; expires=Tue, 02 Sep 2025 07:58:09 GMT; Path=/; SameSite=None; Secure
__Host-ss=cvuJhcsXEk; expires=Tue, 02 Sep 2025 07:58:09 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
locale=en; Domain=dropbox.com; expires=Thu, 02 Sep 2027 07:58:09 GMT; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-server-response-time: 198
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
date: Sat, 03 Sep 2022 07:58:08 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 2159041de97b4a39825f92fd72c22614
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=1&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=1&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=1&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:09 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlJmZzhXWW9nUklQMEZjekJUeE80V0E9PSIsInZhbHVlIjoiRWlOMHNEbVlmeTd4WlJsVjU5aHZ3QUZPbXZaenlQUWowMm0zVU1aRENwdFJCaVNaaUtWaVZqdmFCZ29EWDQrelRnenpwbXFmSzBpZEdpcXZldis5dC9LSC9ZSUw1RDhBOTVWZkYwdWM1alB4YjBmWEM2QWs2M0J3NnkrTkVSTUoiLCJtYWMiOiI5OGM2NDdiMzFkYTNlYWY0MzkwNDlmMGE0MjRjNmEzZTI0MDlhMmQ0OTgyNzRjMDg3Mzc2ZWEwODYwMWM2NjZmIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:09 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IkJHWHNyN1FEYWtPMmY1MU0vUmdVbUE9PSIsInZhbHVlIjoia3VvekZYNHlqeHpDYk5QaDU5cEo2SmdDVjY2TGRNRzlWNXhMVGMzOGpBSUxwUmNaeDl3c1Z1UmdTY2xaeEVURml1NDU5T01LR1V6Uk9kazAzamdmdVViZUJTcy9pdklLeS9ObWFzME00eStlS2I2QTJPb1UxaDB5TXhZOTFKTHYiLCJtYWMiOiIwMWY5MDJkNzY3MzkxNmRmOWYwNDJiOTY2MWIxYTg3Yjk5YjY0NjA0MjUwYjI4NDBhY2Q0YzlkOTE0NzU2Mjg0IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=5&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=5&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=5&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:13 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImJ5MkZjMWNRRDBCYTdkeHd6SjNXbEE9PSIsInZhbHVlIjoiV2xKSVExUEU0djdQVFVvZ0Z6cWc0K2dqL0V1Nyt5N0NUOCthWFVDR0hWNG1sUzFTSDBCN2xldi9lWmxEMUovT3BWRHNaKy9ncFBydUxzN1RpODdWTGtaczNxWGZmZGxRcUM3bnU4ZVVEa2F1UFBjTUlKMVJHRHA4Zm9sMkdzYU4iLCJtYWMiOiIxNWU4Y2JjZjdiOTQ5NGU1ZWVjNjNhYTZjOWI0MzljNTlmOTlkMDc5MzQyZDg1MzgxNWY3ODc0MDRjMjlmMzgzIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:13 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IlVVQlpkU0pnSHNvdS9TeEl6K1BVR2c9PSIsInZhbHVlIjoiaWpRK2UwYmFNdTlydGRmSlFEUzFseUNKSmdsNkdXTnBmRVBmZ0h0MWNaT3JhTFhBM2kwL3JYK2Z2K1RycGUzS1RPb3ZuNWNhYjBoUmZtdnZsWUNnSkp4ZVZjZmxySnhmRmxSazU0VDZOenNxVE1LWk9lYnNuNUFHR1NVcE1qKy8iLCJtYWMiOiIzYjM2NzU3MWIyMzE4YzUwOTNkNTU1OWVjZDk3MmIyMDMzZDU4NTFlNjYxMDA2MGIwMmYyMGEyODMxOTJiNGIyIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:13 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=8&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=8&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=8&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:16 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjhWYUJKejdUQkJYMWRGSVlpUXlTenc9PSIsInZhbHVlIjoiajRJU2RGdC9LaEhEamNUYnoxeGJMUVlYMjhCVG1FUnN1QXd2MzFYMFhxL0JMVm5Rb0dJVk1Zc2xwRW9aSzVLMDIzKzJ1QmFVbEZtd0plQmRKUHNNeDMvdzNvTU9NdDJCRWZMRU43ZWhxRkhWZXVydnFwcVJBcDI1MTJ2cGMrREMiLCJtYWMiOiJlYTk5NDdjZDY4MGQwZjFkN2RhYmNhMTJhOWZmODkzNjMwNzNmMTk2ZmFmZDIxZGViZWE5MDhiNjEyMjhmN2FhIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:16 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjBZU2R6OHppc0JnbWpqcVN0SitRN0E9PSIsInZhbHVlIjoiajBFMEFEa1VMc0hhZ0VrMHdGaDNHNTlYTEZDNEt3ZlJnampZTndZTWZpbVV4anhnd0ZZNjhSNWdYTGlvdURORzVVMFpXcVl0R21vZGNISEtxL3hRNVBFQkdoQ2Y4aGNXZDJpSWtnOVBuYXI0dGNwdHc3aUlyTVg3Tkhma3dOdnEiLCJtYWMiOiJjOTViOWJjZTRhZTQ2YTllZmIyZTg1MjNlMmVmNTk4NjNkY2Q2N2VjN2Q5ODI5Mjk3YjU5ODJmM2RlOGNkNjEwIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:16 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

novidash.com/landing-interaction/899702433

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/landing-interaction/899702433
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /landing-interaction/899702433 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:17 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IjBkYlJXb0dDYzhGWlpGbW1oK2dET2c9PSIsInZhbHVlIjoieklmY291T3FsNXhtNGZ6Vm1jQS9BKy94VGJ0bUc2U1hsUGJYRzJuQXJxL2NwYnZDNXFmUmR2WTJoSm9tR29HQTFwZitrY1FqWUUyemRlbkR4ckZUajFCT05MQUszblNQMmZTbVVJMWpUbWE1bmR0MEtuWER6NFZBUEltN3lsTysiLCJtYWMiOiI4N2YyM2E1NmZkNjdiNmY4NDFjYWE4MTA3ZDAxOGIxMjQyZmZlZThjMGE3MzkyMjg4ZmMzMGM0MjFhYTQ5YWJmIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:17 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjJCQXBDSEo5d3NoaEt4VXdDQXBIM1E9PSIsInZhbHVlIjoiRzdXKytrbnd5QmRNa2dRRWhCOTYwUU5TQzQyMkRQd2tLaE00ZkRoeDZZdWkyN0p5blNCY0NjWktTaUhTd0RwdytCdEF6TFA1ZWVqK1J0YXdUNkpxRHZJR0IreFl2UmhWeU5uOStzTk9NWHJURUptak5xSFZUSzIwelRQVHI3Q1kiLCJtYWMiOiIwMjY1NmVlYjBiZTE0YWJmNTljZDRjM2E2YjE0MDYxMWNiNmViYjgzZGI1Mzk2MmRlZDhlNWU5OTQwMGI1Zjg4IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:17 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2841648.js?sv=6

143.204.55.54

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-2841648.js?sv=6
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-2841648.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Sat, 03 Sep 2022 07:58:09 GMT
cache-control: max-age=60
etag: W/fdf3c01a856640c365e54fa4b5dd3287
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EHdZ5PqTs36YKYHmX4H722WfKo-upcjHxKJu-ZbhXSm6pL6BhcmgrA==
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?dsh=S-686906961%3A1662191889471537&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWhpdEYQL2-eJAPGMBk2FrMmfZH2viraf-zJnlzR-LxnU3OyyqXEUJBMFGzDMQ52vN5hB5__A

216.58.207.237

403 Forbidden

0 B

URL HTTP/2
accounts.google.com/v3/signin/identifier?dsh=S-686906961%3A1662191889471537&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWhpdEYQL2-eJAPGMBk2FrMmfZH2viraf-zJnlzR-LxnU3OyyqXEUJBMFGzDMQ52vN5hB5__A
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/signin/identifier?dsh=S-686906961%3A1662191889471537&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWhpdEYQL2-eJAPGMBk2FrMmfZH2viraf-zJnlzR-LxnU3OyyqXEUJBMFGzDMQ52vN5hB5__A HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Sep 2022 07:58:09 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-IKhij5YS4L3ov1NPWUrUHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=YBcOsVvmn6XdKvObjiAi67TK_v6j9rAYZvKngOMX7vmM0sDlK6K9CbS2c8lc_dMEqaTpaOwElZN9di-6_XiDCwrt_LPtESS-uVpsZxDSQS8AtV0wbm-1JiBRJQU8Gd3mUKynW9cPfpxAqbabPqIueio-Bekfs235xBc3DJUI7Nk; expires=Sun, 05-Mar-2023 07:58:09 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=4&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0

188.240.52.20

200 OK

0 B

URL HTTP/2
novidash.com/smartlink-css/631308e8b1c13c260e79b49a?sop=4&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0
IP
188.240.52.20:0
ASN
#20857 Signet B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smartlink-css/631308e8b1c13c260e79b49a?sop=4&mouse_movements=0&mouse_distance=0&mouse_clicks=0&mouse_active=0&mouse_speed=0 HTTP/1.1
Host: novidash.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://other.landerhq.com
Connection: keep-alive
Referer: http://other.landerhq.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx/1.19.10
date: Sat, 03 Sep 2022 07:58:12 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6ImlCa3JadmFoa2pZaFg4dDNXV29haFE9PSIsInZhbHVlIjoiT2hXb01OaHpKMlVzSG1HNDZpbTVBcSszZElWdHNIYWpEUFBzbTZrbTNLK3JOTjNYLzExMG1RamxYYzdRajJOOU9VWjVscGFKNTZMY1BNL2pCNHE2SmNTazNXZVhzSTBVbHJTSUM3YnRrNXB3YnhaR0h5NzRmY1J2MXVEYjFhWSsiLCJtYWMiOiI5MWE1ZjVhYWEyZGIzNzY1YWNiZDY2NDAxOTc2ZGI1YTVhMTAzMDJlNjA2MzkyZWE3ZTA2MjY3NWUzMDJjNDE2IiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:12 GMT; Max-Age=7200; path=/; samesite=lax
novidash_session=eyJpdiI6IjVNbGp4YmtuYmR1WjQ1WTdKNUpFYmc9PSIsInZhbHVlIjoiMVVMczhtN2owNzJzc3V6bTgySi9ZczRyVmpQeXRhUWxGNnhGMk9Wa3lqbUs4L25VUWZwTmpWY3ordU1xSVlwRUpkejNhV0JJSlhNblMzYWtpcmliS0NPZkhYSy9udE5WTDJHM1BzeVV0UW1DUXd5Rmd0dkRKSWloOTZHMjBCSjgiLCJtYWMiOiJmZmVkNWMwOWM5NjYwMDhlYTRkNzliYzYzMmExNDgwY2RhOTBlOTZlYWZhMDU5NTc1OTlkYzhjNmFjODgwMGYwIiwidGFnIjoiIn0%3D; expires=Sat, 03-Sep-2022 09:58:12 GMT; Max-Age=7200; path=/; httponly; samesite=lax
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations