login4all.com Open in urlscan Pro
167.99.98.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login4all.com/beacon-portal-ncid
Submission: On February 09 via api (February 9th 2021, 5:47:32 pm UTC) from US

Summary HTTP 56 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 17 domains to perform 56 HTTP transactions. The main IP is 167.99.98.35, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is login4all.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 30th 2020. Valid for: a year.

This is the only time login4all.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	167.99.98.35 167.99.98.35	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	139.45.196.195 139.45.196.195	9002 (RETN-AS) (RETN-AS)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:bdf::13 2620:1ec:bdf::13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1	2600:9000:206... 2600:9000:206f:4600:1c:d1ac:7800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	204.211.136.231 204.211.136.231	6559 (NCIH) (NCIH)
1	12.204.168.100 12.204.168.100	27529 (CSC-EMEDNY) (CSC-EMEDNY)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	184.86.251.15 184.86.251.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	139.45.197.254 139.45.197.254	9002 (RETN-AS) (RETN-AS)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
56	19

12 167.99.98.35 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

login4all.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.195 (Ascension Island)

ASN9002 (RETN-AS, GB)

shaidolt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4600:1c:d1ac:7800:93a1 (United States)

ASN16509 (AMAZON-02, US)

files.nc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.211.136.231 (Raleigh, United States)

ASN6559 (NCIH, US)
PTR: idpprod.nc.gov

idpprod.nc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 12.204.168.100 (Durham, United States)

ASN27529 (CSC-EMEDNY, US)
PTR: nctracks.com

www.nctracks.nc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

somehowluxuriousreader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.86.251.15 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-15.deploy.static.akamaitechnologies.com

png.pngtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

ugyplysh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	login4all.com login4all.com	244 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	147 KB
7	google.com adservice.google.com fundingchoicesmessages.google.com	78 KB
5	taboola.com cdn.taboola.com trc-events.taboola.com	126 KB
4	clarity.ms www.clarity.ms	20 KB
3	doubleclick.net googleads.g.doubleclick.net
3	nc.gov files.nc.gov idpprod.nc.gov www.nctracks.nc.gov	45 KB
3	shaidolt.com shaidolt.com	45 KB
2	ugyplysh.com ugyplysh.com	543 B
1	google-analytics.com www.google-analytics.com	61 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	642 B
1	pngtree.com png.pngtree.com	596 B
1	somehowluxuriousreader.com somehowluxuriousreader.com
1	googletagmanager.com www.googletagmanager.com	52 KB
0	Failed function sub() { [native code] }. Failed
56	17

	Domain	Requested by
12	login4all.com	login4all.com
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	login4all.com pagead2.googlesyndication.com
4	www.clarity.ms	login4all.com www.clarity.ms
3	trc-events.taboola.com	login4all.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	shaidolt.com	login4all.com shaidolt.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	ugyplysh.com	login4all.com
2	cdn.taboola.com	login4all.com cdn.taboola.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	png.pngtree.com	login4all.com
1	somehowluxuriousreader.com	login4all.com
1	www.googletagmanager.com	login4all.com
1	www.nctracks.nc.gov	login4all.com
1	idpprod.nc.gov	login4all.com
1	files.nc.gov	login4all.com
0	Failed	login4all.com
56	22

This site contains links to these domains. Also see Links.

Domain
feed.cf-se.com
pdf4pro.com
ncgov.procurement3.ariba.com
searchfeed.seccint.com
www.findarticles.com
per.nctracks.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
login4all.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2021-07-30`	a year	crt.sh
shaidolt.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
files.nc.gov DigiCert Global CA G2	`2020-09-14` - `2021-06-18`	9 months	crt.sh
idpprod.nc.gov DigiCert Global CA G2	`2020-04-03` - `2021-04-15`	a year	crt.sh
www.nctracks.nc.gov DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2020-12-07` - `2022-01-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
somehowluxuriousreader.com R3	`2021-01-02` - `2021-04-02`	3 months	crt.sh
pikbest.com DigiCert Secure Site ECC CA-1	`2020-08-06` - `2021-08-07`	a year	crt.sh
ugyplysh.com R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://login4all.com/beacon-portal-ncid
Frame ID: E431776174A29A6AAA16542B07423F18
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210203/r20190131/zrt_lookup.html
Frame ID: F8BFC3C2A75A75EBF93EA4461B5A5996
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7790726024372832&output=html&adk=1812271804&adf=3025194257&lmt=1612892833&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&ea=0&flash=0&pra=5&wgl=1&dt=1612892833084&bpp=13&bdt=132&idt=122&shv=r20210203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3029656599197&frm=20&pv=2&ga_vid=1606127201.1612892833&ga_sid=1612892833&ga_hid=1172948412&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C21068769%2C21068893&oid=3&pvsid=3542749357350346&pem=395&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=161
Frame ID: 3D099E6F4DE3D86848A00F7D9164A796
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.1.0.4.2.2.0.0&us_privacy=1---&client=ca-pub-7790726024372832&output=html&h=280&adk=432735925&adf=155783186&pi=t.aa~a.801403108~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1612892833&rafmt=1&to=qs&pwprc=7152277728&psa=0&format=360x280&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612892833489&bpp=5&bdt=536&idt=5&shv=r20210203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db1f7ff877690694a-22139bc75eba00f0%3AT%3D1612892833%3ART%3D1612892833%3AS%3DALNI_MbX91x-7xrgvlH10FYb-masBC3DLQ&prev_fmts=0x0&nras=1&correlator=3029656599197&frm=20&pv=1&ga_vid=1606127201.1612892833&ga_sid=1612892833&ga_hid=1172948412&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C21068769%2C21068893&oid=3&pvsid=3542749357350346&pem=395&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6Pmn9v4Ern&p=https%3A//login4all.com&dtd=146
Frame ID: 6CD6A0EF001EF2E014AA1D695CFF001B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: A55D0960DE1C3E66D6BD49228A8BA664
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

56
Requests

96 %
HTTPS

44 %
IPv6

17
Domains

22
Subdomains

19
IPs

4
Countries

787 kB
Transfer

2071 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://feed.cf-se.com/v2/click/?gd=SY1001213&uid=&sid=&q=beacon%20nc%20employee%20portal&searchProvider=2&searchSource=80&searchTagId=ptvl!%3D!tracingTag%253DC0!%26!ptnvls!%3D!%257B%257D!%26!ptvls!%3D!%257B%2522C%2522%253A%25220%2522%257D&original=https%3A%2F%2Fmybeacon.its.state.nc.us%2Firj%2Fservlet%2Fprt%2Fportal%2Fprtroot%2Fcom.sap.portal.pagebuilder.IviewModeProxy%3Fiview_id%3Dpcd%253Aportal_content%252Fgov.nc.beacon.pct%252Froles%252Fess%252FmydataESS%252Femployee_self_service%252Farea_working_time%252Fquotaoverview%252Fquotaoverview%26iview_mode%3Ddefault&linktype=Organic&referrer=&agent=&page=0&mkt=&c=0&d=&td=&n=&af=1&at=search&AdUnitId=11706724&AdUnitName=Hiyo2&tid=cb9e0a31-1e95-4d5a-a4d7-88a76ffc0de0&adPosition=5&isid=&ab_isSticky=&ab_startDate=&ab_endDate=&ab_per=&nu=true&ptv=2&templateName=AdsTags_AdsBlock_algo_side_imagesTab_videoTab_shoppingTab_related_relatedSideBar_imgWidget_videoWidget_productAds_hamburger&templateCounts=0_3_10_6_1_1_0_8_8_1_1_0_1&geo=us&url=http%3A%2F%2Fwww.onlyonesearch.com%2FSearch%2F%3Fq%3Dbeacon%2520nc%2520employee%2520portal&displayUrl=https%3A%2F%2Fmybeacon.its.state.nc.us%2Firj%2Fservlet%2Fprt%2Fportal%2Fprtroot%2Fcom...&resultType=organic
Title: OSC - Login to BEACON

Search URL Search Domain Scan URL

URL: https://pdf4pro.com/cdn/changing-your-ncid-password-ncda-amp-cs-portal-3a7432.pdf
Title: Changing Your NCID Password

Search URL Search Domain Scan URL

URL: https://feed.cf-se.com/v2/click/?gd=SY1001213&uid=&sid=&q=doc%20intranet%20north%20carolina&searchProvider=2&searchSource=80&searchTagId=ptvl!%3D!tracingTag%253DC0!%26!ptnvls!%3D!%257B%257D!%26!ptvls!%3D!%257B%2522C%2522%253A%25220%2522%257D&original=https%3A%2F%2Fwww.nc.gov%2Fstate-employees&linktype=Organic&referrer=&agent=&page=0&mkt=&c=0&d=&td=&n=&af=1&at=search&AdUnitId=11706724&AdUnitName=Hiyo2&tid=d274478c-e6e2-454f-af1f-4a37c646f9a2&adPosition=10&isid=&ab_isSticky=&ab_startDate=&ab_endDate=&ab_per=&nu=true&ptv=2&templateName=AdsTags_AdsBlock_algo_side_imagesTab_videoTab_shoppingTab_related_relatedSideBar_imgWidget_videoWidget_productAds_hamburger&templateCounts=0_3_10_6_1_1_0_8_8_1_1_0_1&geo=us&url=http%3A%2F%2Fwww.onlyonesearch.com%2FSearch%2F%3Fq%3Ddoc%2520intranet%2520north%2520carolina&displayUrl=https%3A%2F%2Fwww.nc.gov%2Fstate-employees&resultType=organic
Title: State Employees - NC.gov

Search URL Search Domain Scan URL

URL: http://ncgov.procurement3.ariba.com/
Title: NCID

Search URL Search Domain Scan URL

URL: https://searchfeed.seccint.com/v2/click/?gd=SY1001284&uid=&sid=&q=parole%20leads%20log%20in&searchProvider=2&searchSource=80&searchTagId=ptvl!%3D!tracingTag%253DC0%2526tracingTag%253DM1%2526tracingTag%253DL1%2526tracingTag%253DN1!%26!ptnvls!%3D!%257B%257D!%26!ptvls!%3D!%257B%2522C%2522%253A%25220%2522%252C%2522M%2522%253A%25221%2522%252C%2522L%2522%253A%25221%2522%252C%2522N%2522%253A%25221%2522%257D&original=https%3A%2F%2Fit.nc.gov%2Fservice-desk&linktype=DeepLink&referrer=&agent=&page=0&mkt=&c=0&d=&td=&n=1&af=1&at=search&AdUnitId=11706971&AdUnitName=Onlyonesearch2&tid=1c74a5b2-8cfd-44ee-a5c1-5c255b5735e4&adPosition=2&isid=&ab_isSticky=&ab_startDate=&ab_endDate=&ab_per=&nu=true&ptv=2&templateName=AdsTags_AdsBlock_algo_side_imagesTab_videoTab_shoppingTab_related_relatedSideBar_imgWidget_videoWidget_productAds_hamburger&templateCounts=0_3_10_0_1_1_0_8_8_1_1_0_1&geo=us&url=http%3A%2F%2Fwww.onlyonesearch.com%2FSearch%2F%3Fgd%3DSY1001284%26l%3D1%26m%3D1%26n%3D1%26q%3Dparole%2520leads%2520log%2520in&resultType=organic
Title: Service Desk | NC Information Technology

Search URL Search Domain Scan URL

URL: http://www.findarticles.com/fwd?ux=EQ0dZHAqsRI6lDh8Au2Qd-D-DMOfOMzHYKrLtJ8MnqwOlj3KjukNAMBhJ0rhLCrJvyi2_NEfzmvPe44rqHDdqZ7jV4u_029n9y2DJVNmzHIVLgnTmAZMJLDJi5IM646Im74ExvhiP_AfP9IVpCGnhB4zwOR8YUYGiJPwnCEcfG8,&p=m_GxXu8d2LySSuqJDZBrHF7S9tfXIfqrCr4V8m-s-T3fpMT2ilNT2CLT7F69tbje0mf-viRTX_-JcFxbMfh0TL4zpTGEpbVFyZ-bDT2CCU8SP8B_J_TZ3iK_n07HIUF5fCA7AAzlnqc4N5MXwgvpSThl4qBW25pFBID59DugUTc,
Title: Steps in setting up your NCID with the Office of State Human ...

Search URL Search Domain Scan URL

URL: https://per.nctracks.com/ncmmisPortal/loginAction
Title: Login - NCTracks

Search URL Search Domain Scan URL

URL: http://www.findarticles.com/fwd?ux=KPc4QgzDoA-SqwATx2NOX5taTdNAuKjYPHIJEe4wReS-1YkcYd9GL3207UtOdcu0O4FhZHc8kFZ006JQ-Qo8wA,,&p=6nOh_DH0D3_im8Nnx_ISxhqUK2d7Ns4qgtfKCUXQQ-1nrAgh2MQBMb1H6hA0uK7Wc8-2Mf0ttLssy9D2TnKsEOm_w6O9s3sr2_-axspZY5L1vPcTYNGyeCFoioOI7GtKRyUEYcxi3RVUlXVeAxMm7EZsQTtE-QOxsie73Gv9Smg,
Title: NCDA&CS Portal

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=#LE&text=TEXT
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=#url&t=TITLE
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request beacon-portal-ncid Show response
login4all.com/ 70 KB
14 KB 669ms
260ms Document
text/html 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 898d49ec2f799c30e2b08bbcd3c3660d4a30ab50471e42642c5e5902dc7c082f

Request headers

Host: login4all.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:12 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14522
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en

GET
H/1.1 200
OK ntfc.php Show response
shaidolt.com/ 14 KB
6 KB 59ms
16ms Script
application/javascript 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shaidolt.com/ntfc.php?p=3799224
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.195 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d6288ae95bae940aa16ee045e4fdaae0a5f074914ac9cac19148bf051fea4613

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:55:25 GMT
Server: nginx
ETag: W/"601a730d-373e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 61ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93296decbabed1b4b51243cc43cc4d527376bef697589726012c385ee6a01806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47966
x-xss-protection: 0
server: cafe
etag: 4440289771867555157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Feb 2021 17:47:12 GMT

GET
H/1.1 200
OK login-4-all.png
login4all.com/img/ 35 KB
35 KB 633ms
281ms Image
image/png 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login4all.com/img/login-4-all.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f09a65a7ddc4997c0683661300d7b424a117d2cc634bcab750926325d40bf1d5

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Last-Modified: Fri, 27 Mar 2020 06:30:22 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "8a36-5a1d03c711e5c"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 35382

GET
H2 200 4beigk1j8d Show response
www.clarity.ms/tag/ 843 B
1 KB 184ms
164ms Script
application/x-javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4beigk1j8d
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2dbcc0aefb3b602f6af08e07a06a4614392aa91ccd7a9dadc377e55298f82247

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0oMoiYAAAAADopGQTXzBnQJ5NEB0oWd3xRlJBRURHRTEwMTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:4c1fad9b-089c-49c9-a9a1-8da0dff92cf3
expires: -1

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/login4all/ 73 KB
19 KB 74ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/login4all/loader.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 396d529ff8ba0fd057828254b4bd973385114ce1049c4517b5210c03c52ba278

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: GqM7klIasBfuymuRmA4d2GQuYjTKRUT1
content-encoding: gzip
etag: "5037f11509838c62a1d9a0a73b51e812"
age: 872
x-cache: HIT
content-length: 19039
x-amz-id-2: NEBho5NoYZPqZveXOu5BoizNCchRCkiWUsxeJWw8jy824rbsRHcTIsQO2PjeeshbMpFrgjQM0eo=
x-served-by: cache-fra19181-FRA
last-modified: Tue, 09 Feb 2021 17:21:08 GMT
server: AmazonS3
x-timer: S1612892833.021008,VS0,VE1
date: Tue, 09 Feb 2021 17:47:13 GMT
vary: Accept-Encoding
x-amz-request-id: 4DCE9E22F35504A4
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 52
x-cache-hits: 1

GET
H/1.1 200
OK fontawesome-webfont.woff2
login4all.com/fonts/ 75 KB
76 KB 247ms
221ms Font
application/octet-stream 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://login4all.com
Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Last-Modified: Fri, 27 Mar 2020 06:29:54 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "12d68-5a1d03abb4ff4"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 77160

GET 31e31150096ed67c06c495ac1f2975b9d80d4bcd4205b521cd44c33bd882ad59
/ 0
0

GET
H2 200 stateemploygraphic.jpg
files.nc.gov/ncgov/styles/resp_hero-breakpoints_theme_nc_base_theme_phone_1x/public/ 10 KB
11 KB 482ms
438ms Image
image/jpeg 2600:9000:206f:4600:1c:d1ac:7800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nc.gov/ncgov/styles/resp_hero-breakpoints_theme_nc_base_theme_phone_1x/public/stateemploygraphic.jpg?itok=GAZltLrZ&timestamp=1543516794

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:4600:1c:d1ac:7800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8af923aa41c38ef87f16e695f170b6419e3ef09fd8b5dfcc4a84c006352a294f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:14 GMT
via: 1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified: Fri, 07 Dec 2018 15:14:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "2b6fb2304d1f35214e1c58239c6a06cb"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Miss from cloudfront
x-amz-version-id: M1UKI6u0wopSetRF6BH32m0kNjq_r_7K
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/jpeg
content-length: 10407
x-amz-cf-id: MFA6fmWNVa9-RzdGIW-BHOu9-SORv_9D88wX-XyQmhl4YqRgx4vTaA==

GET
H/1.1 200
OK ncidLogin1.png
idpprod.nc.gov/nidp/img/ 17 KB
17 KB 576ms
112ms Image
image/png 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpprod.nc.gov:8443/nidp/img/ncidLogin1.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Raleigh, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: c4ef15f628aa5e9329f1acbd0eb8038c18dbf0d16ce89f63cfc97d55f2229c2f

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:12 GMT
Last-Modified: Fri, 11 Aug 2017 19:00:25 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"16940-1502478025000"
Content-Length: 16940
Content-Type: image/png

GET 7da9eb0108a824a5a686733cc191bbfd7405d2c47499cb504f396997f4a45280
/ 0
0

GET
H/1.1 200
OK nctracksLogo_web.png
www.nctracks.nc.gov/ncmmisPortal/res/images/logos/ 17 KB
17 KB 775ms
113ms Image
image/png 12.204.168.100
CSC-EMEDNY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nctracks.nc.gov/ncmmisPortal/res/images/logos/nctracksLogo_web.png

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

12.204.168.100 Durham, United States, ASN27529 (CSC-EMEDNY, US),

Reverse DNS

nctracks.com

Software

JBoss-EAP/7 / Undertow/1

Resource Hash

6923b60e69fbd082a4ea78948ecba94823762e4796ff295d64e207715417f6e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Last-Modified: Thu, 26 Dec 2019 21:26:12 GMT
Server: JBoss-EAP/7
Age: 1438
X-Powered-By: Undertow/1
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 17286

GET
H/1.1 200
OK tw.png
login4all.com/img/icons/ 23 KB
23 KB 597ms
271ms Image
image/png 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login4all.com/img/icons/tw.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4419ab44acdf61215cd71b9b2cdc4be0f45237d83ab0ab922b50353576194b1c

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Last-Modified: Fri, 27 Mar 2020 06:30:46 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5c55-5a1d03ddbd9f8"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 23637

GET
H/1.1 200
OK facebook.png
login4all.com/img/icons/ 15 KB
15 KB 593ms
267ms Image
image/png 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login4all.com/img/icons/facebook.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e34518c22dce09ee976d9ed7bb65169dc627d7109ee33453a119ea26f53d201f

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Last-Modified: Fri, 27 Mar 2020 06:30:45 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3c28-5a1d03dc92cb5"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 15400

GET
H/1.1 200
OK font-awesome.min.css
login4all.com/css/ 30 KB
7 KB 553ms
273ms Stylesheet
text/css 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/css/font-awesome.min.css
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:29:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7918-5a1d03a0ffc78-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 7053

GET
H/1.1 200
OK bootstrap.min.css
login4all.com/css/ 118 KB
20 KB 531ms
268ms Stylesheet
text/css 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/css/bootstrap.min.css
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:29:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1d970-5a1d03a0211f5-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 19744

GET
H/1.1 200
OK style.css
login4all.com/css/ 24 KB
5 KB 235ms
234ms Stylesheet
text/css 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/css/style.css
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8b402c7f90210866179ed25598201dd5f1f20258f9a3c01fcdcf06117c686ad1

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 10:37:46 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5e33-5b9b720f35357-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=98
Content-Length: 5115

GET
H/1.1 200
OK jquery.min.js Show response
login4all.com/js/ 95 KB
33 KB 189ms
189ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/jquery.min.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:30:35 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "17b8b-5a1d03d373d3c-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=99
Content-Length: 33760

GET
H/1.1 200
OK bootstrap.min.js Show response
login4all.com/js/ 36 KB
10 KB 206ms
206ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/bootstrap.min.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:30:34 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "90b5-5a1d03d1dc998-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=97
Content-Length: 9833

GET
H/1.1 200
OK wow.js Show response
login4all.com/js/ 12 KB
3 KB 200ms
199ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/wow.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4d4216264e02c2b23e7ed82b52d672603092927d4e7dc099a1688f3682ce8637

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:30:35 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2eb1-5a1d03d36a0fc-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=99
Content-Length: 2834

GET
H/1.1 200
OK custom.js Show response
login4all.com/js/ 3 KB
1 KB 195ms
195ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/custom.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 42a94b1d0fe6bc15a41d2ec6146d9f7b4f0bb7a347435cc4b161a6a5c99f59a4

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 16:17:38 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "d8c-5a3a71f028522-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=99
Content-Length: 943

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4XL6PD30ML

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfdde5e505d82e95945a271c0f704404fe4f9aef0bd82bd448a77a6fa968265c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52683
x-xss-protection: 0
expires: Tue, 09 Feb 2021 17:47:13 GMT

GET
H/1.1 403
Forbidden 51f05d69f8d2fa082e93c80273ec8a1e.js
somehowluxuriousreader.com/51/f0/5d/ 0
0 1177ms
120ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://somehowluxuriousreader.com/51/f0/5d/51f05d69f8d2fa082e93c80273ec8a1e.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Feb 2021 17:47:14 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 78287d069c.svg
png.pngtree.com/svg/20160818/ 350 B
596 B 97ms
43ms Image
image/svg+xml 184.86.251.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://png.pngtree.com/svg/20160818/78287d069c.svg
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.15 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-15.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3437dc097c45b6a3680972052183ca0633ea5ea93fa2b1f3d2d2e2b014df8f87

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
last-modified: Fri, 18 May 2018 11:06:32 GMT
server: AmazonS3
x-amz-request-id: 49112B1AF5C5C526
etag: "94a0496fab9ff96ae8929e7fa5448587"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 350
x-amz-id-2: 27+KdLyXlT359PbNlEtfhkSGvaTSfSlp7Taw41EEVCn7akXPgLL10kWw7GXluNjqclPhH7/KT8I=

GET
H/1.1 200
OK zone Show response
shaidolt.com/ 717 B
1 KB 20ms
19ms Fetch
application/json 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shaidolt.com/zone?pub=0&zone_id=3799224&is_mobile=false&domain=login4all.com&var=&ymid=&var_3=

Requested by

Host: shaidolt.com
URL: https://shaidolt.com/ntfc.php?p=3799224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.195 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

543252d5482748bb5bf9036023f717d65d8349ce0e3571ab3251bb74ca6fbb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 5d6a276e8e6f5a871e3bfae4b4a1144c
Date: Tue, 09 Feb 2021 17:47:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://login4all.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 717

GET
H/1.1 200
OK universal.min.js Show response
shaidolt.com/pfe/current/ 106 KB
38 KB 69ms
35ms Fetch
application/javascript 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shaidolt.com/pfe/current/universal.min.js?v=3.1.282
Requested by: Host: shaidolt.com
URL: https://shaidolt.com/ntfc.php?p=3799224
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.195 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Feb 2021 17:47:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:55:25 GMT
Server: nginx
ETag: W/"601a730d-1a972"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://login4all.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 impl.20210209-17-RELEASE.js Show response
cdn.taboola.com/libtrc/ 462 KB
107 KB 23ms
23ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210209-17-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/login4all/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5d737a8fc3914f8c23b0da9aeffc1b3f0f8dedbe0257e4cdca65c7e35cce5a3e

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 6FOQd0mgulvzblM_A8sOjVdapyPK_y0A
content-encoding: br
etag: "1d967c4353b23af2995ff6a8c1cb3da4"
age: 10201
x-cache: HIT
content-length: 108734
x-amz-id-2: 95gL8+R27kAf1Jc3eB22lhcmKMhPIDL+rjGxU2whxNwT3NisJOvGFix8tB5GwZzum/SIMA98QpU=
x-served-by: cache-fra19181-FRA
last-modified: Tue, 09 Feb 2021 14:56:55 GMT
server: AmazonS3-br
x-timer: S1612892833.079702,VS0,VE0
date: Tue, 09 Feb 2021 17:47:13 GMT
vary: Accept-Encoding
x-amz-request-id: 85F064B077BDDD5D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 97
x-cache-hits: 32705

GET
H3-Q050 200 show_ads_impl_exp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/ 225 KB
85 KB 68ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

478c1e9cba88465f219883ea17a2a01cd9831a06ab0728c0fdef80da0d2da445

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86475
x-xss-protection: 0
server: cafe
etag: 14180411630545662973
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Feb 2021 17:47:13 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210203/r20190131/ Frame F8BF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Feb 2021 21:11:28 GMT
expires: Mon, 22 Feb 2021 21:11:28 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 74145
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 clarity.js Show response
www.clarity.ms/wus2/s/0.6.4/ 44 KB
19 KB 164ms
163ms Script
application/javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/wus2/s/0.6.4/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4beigk1j8d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: br
etag: "1d6fd4f2b05ae02"
last-modified: Sun, 07 Feb 2021 12:45:52 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0ocoiYAAAAABI5U8oB3EcRre8KmgSIcjKRlJBRURHRTEwMTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:4c1fad9b-089c-49c9-a9a1-8da0dff92cf3

POST
H/1.1 200
OK event Show response
ugyplysh.com/ 94 B
543 B 51ms
17ms Fetch
application/json 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ugyplysh.com/event

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.254 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

76b65c955f79b3f12c5aaf4230e09907fe95d6d93bbefdf04924b35d442a3cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 56e231656e56cb83321cad5b8e9c2b02
Date: Tue, 09 Feb 2021 17:47:12 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://login4all.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

OPTIONS
H/1.1 200
OK event
ugyplysh.com/ Frame 0
0 75ms
16ms Other
text/plain 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ugyplysh.com/event
Protocol: HTTP/1.1
Server: 139.45.197.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://login4all.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 09 Feb 2021 17:47:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://login4all.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
642 B 111ms
56ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=login4all.com&callback=_gfp_s_&client=ca-pub-7790726024372832

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

54146b738a6297b9fd1a4bf839efcc53a59243cbd1cc5d9915cdef14b4065874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 50ms
27ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=login4all.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 53ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=login4all.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 38ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top%20navbar-bg&ign=false

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3D09 0
0 204ms
203ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7790726024372832&output=html&adk=1812271804&adf=3025194257&lmt=1612892833&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&ea=0&flash=0&pra=5&wgl=1&dt=1612892833084&bpp=13&bdt=132&idt=122&shv=r20210203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3029656599197&frm=20&pv=2&ga_vid=1606127201.1612892833&ga_sid=1612892833&ga_hid=1172948412&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C21068769%2C21068893&oid=3&pvsid=3542749357350346&pem=395&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=161

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7790726024372832&output=html&adk=1812271804&adf=3025194257&lmt=1612892833&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&ea=0&flash=0&pra=5&wgl=1&dt=1612892833084&bpp=13&bdt=132&idt=122&shv=r20210203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3029656599197&frm=20&pv=2&ga_vid=1606127201.1612892833&ga_sid=1612892833&ga_hid=1172948412&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C21068769%2C21068893&oid=3&pvsid=3542749357350346&pem=395&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=161
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 09 Feb 2021 17:47:13 GMT
server: cafe
content-length: 5369
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 09-Feb-2021 18:02:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 09 Feb 2021 17:47:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd608155922175cc9147ed52bd13d808f178dfcf3d0b3cf0a221249131db8013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612787707285629"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Tue, 09 Feb 2021 17:47:13 GMT

GET
H2 200 ca-pub-7790726024372832 Show response
fundingchoicesmessages.google.com/i/ 79 KB
30 KB 71ms
51ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7790726024372832?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6756f2a2636016db1deb8aaab19d47311ed3855e79f2aba6f56e969382a879e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TrR5ryQV7OlYpy4CNq4Kcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-TrR5ryQV7OlYpy4CNq4Kcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-TrR5ryQV7OlYpy4CNq4Kcg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-TrR5ryQV7OlYpy4CNq4Kcg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxX5B4w5mzvmy0Onqpc_egFttlgRP54I5AiJ_D0fncIX-kxmez116ldFcOSjsS5dHe9njLJq7PVBjdWu68ux8Q== Show response
fundingchoicesmessages.google.com/l/ 0
803 B 45ms
19ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxX5B4w5mzvmy0Onqpc_egFttlgRP54I5AiJ_D0fncIX-kxmez116ldFcOSjsS5dHe9njLJq7PVBjdWu68ux8Q==?pvid=6DEBB9B2-69AF-420B-B043-522C6348F9C7&anonid=4C076AD7-CE80-4B95-8E15-DB53D3C5A95A

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.LfZqZO4Jek0.es5.O/d=1/ct=zgms/rs=AJlcJMzQiVr584sDHrpMDG04wWvhHbOaBw/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NOwOS9ulsNgX7TBkmlUeeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NOwOS9ulsNgX7TBkmlUeeg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-NOwOS9ulsNgX7TBkmlUeeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NOwOS9ulsNgX7TBkmlUeeg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxVNkYDHOuP0VrrQrv9-vKlZNmJqg6mCBlwCYML6Ph2kuKaddLz9ar_78Te0s82IS4EeAyamHAGHFI6nM1Zksw== Show response
fundingchoicesmessages.google.com/f/ 57 KB
23 KB 72ms
58ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVNkYDHOuP0VrrQrv9-vKlZNmJqg6mCBlwCYML6Ph2kuKaddLz9ar_78Te0s82IS4EeAyamHAGHFI6nM1Zksw==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEyODkyODMzLDYxMzAwMDAwMF0sIjZERUJCOUIyLTY5QUYtNDIwQi1CMDQzLTUyMkM2MzQ4RjlDNyIsIjRDMDc2QUQ3LUNFODAtNEI5NS04RTE1LURCNTNEM0M1QTk1QSIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

498b8ebca31222531b668107f30fd895741dd9c31e4b2c058f94ef4cd4f94060

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i3rhBlQuHjTV9TNpwUCuQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-i3rhBlQuHjTV9TNpwUCuQA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-i3rhBlQuHjTV9TNpwUCuQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-i3rhBlQuHjTV9TNpwUCuQA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6CD6 0
0 225ms
224ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.1.0.4.2.2.0.0&us_privacy=1---&client=ca-pub-7790726024372832&output=html&h=280&adk=432735925&adf=155783186&pi=t.aa~a.801403108~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1612892833&rafmt=1&to=qs&pwprc=7152277728&psa=0&format=360x280&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612892833489&bpp=5&bdt=536&idt=5&shv=r20210203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db1f7ff877690694a-22139bc75eba00f0%3AT%3D1612892833%3ART%3D1612892833%3AS%3DALNI_MbX91x-7xrgvlH10FYb-masBC3DLQ&prev_fmts=0x0&nras=1&correlator=3029656599197&frm=20&pv=1&ga_vid=1606127201.1612892833&ga_sid=1612892833&ga_hid=1172948412&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C21068769%2C21068893&oid=3&pvsid=3542749357350346&pem=395&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6Pmn9v4Ern&p=https%3A//login4all.com&dtd=146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.1.0.4.2.2.0.0&us_privacy=1---&client=ca-pub-7790726024372832&output=html&h=280&adk=432735925&adf=155783186&pi=t.aa~a.801403108~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1612892833&rafmt=1&to=qs&pwprc=7152277728&psa=0&format=360x280&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612892833489&bpp=5&bdt=536&idt=5&shv=r20210203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db1f7ff877690694a-22139bc75eba00f0%3AT%3D1612892833%3ART%3D1612892833%3AS%3DALNI_MbX91x-7xrgvlH10FYb-masBC3DLQ&prev_fmts=0x0&nras=1&correlator=3029656599197&frm=20&pv=1&ga_vid=1606127201.1612892833&ga_sid=1612892833&ga_hid=1172948412&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066653%2C21068769%2C21068893&oid=3&pvsid=3542749357350346&pem=395&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=6Pmn9v4Ern&p=https%3A//login4all.com&dtd=146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 09 Feb 2021 17:47:13 GMT
server: cafe
content-length: 6263
x-xss-protection: 0
set-cookie: IDE=AHWqTUn9-duSa47tpvlcUV3Cb5T-oR1xgtctm-6cRyEr6O5FtbHzsxZfr5uD5umvgsk; expires=Sun, 06-Mar-2022 17:47:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 09 Feb 2021 17:47:13 GMT
cache-control: private

GET
H2 204 debug
trc-events.taboola.com/login4all/log/2/ 0
277 B 62ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/login4all/log/2/debug?tim=18%3A47%3A13.651&type=error&msg=Error%20in%20loadRBox()%3A%20Placement%20%27Mid%20article%20Thumbnails%27%20is%20not%20unique%20in%20loadRBox()!&id=8682&cv=20210209-17-RELEASE&lt=deflated&pct=1
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 1996
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.14.127:10213

POST
H3-Q050 204 AGSKWxUpar-8iL2q1kAKpqotkrpGpWPAq7mmjumtjrcisOk1JRv_OjCOXHEJxSAoNCZrEG-gtXuqDmcDLRZyNX4lBA1AxxIbKxtW_4v4re9V-6WxCeElWwyN7_Sr_gH9WRR8NPQwXvHY5D4Ejh0-iRiFi_oHLXrOI7iGnpH9tmnTEOXeFbAjXCigalU7VCE= Show response
fundingchoicesmessages.google.com/l/ 0
336 B 18ms
18ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUpar-8iL2q1kAKpqotkrpGpWPAq7mmjumtjrcisOk1JRv_OjCOXHEJxSAoNCZrEG-gtXuqDmcDLRZyNX4lBA1AxxIbKxtW_4v4re9V-6WxCeElWwyN7_Sr_gH9WRR8NPQwXvHY5D4Ejh0-iRiFi_oHLXrOI7iGnpH9tmnTEOXeFbAjXCigalU7VCE=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US._Ov_ZToqkv0.es5.O/d=1/ct=zgms/rs=AJlcJMwyQJGJzcVL_ZM5T1Q2x-WsKT4yDw/m=iabccpawebsignalscript

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1daRUSk6CFIML5IVIxdZ1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1daRUSk6CFIML5IVIxdZ1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-1daRUSk6CFIML5IVIxdZ1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1daRUSk6CFIML5IVIxdZ1g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUpar-8iL2q1kAKpqotkrpGpWPAq7mmjumtjrcisOk1JRv_OjCOXHEJxSAoNCZrEG-gtXuqDmcDLRZyNX4lBA1AxxIbKxtW_4v4re9V-6WxCeElWwyN7_Sr_gH9WRR8NPQwXvHY5D4Ejh0-iRiFi_oHLXrOI7iGnpH9tmnTEOXeFbAjXCigalU7VCE= Show response
fundingchoicesmessages.google.com/l/ 0
337 B 19ms
18ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IfZjz6OPBVFpLfQLy6xxDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IfZjz6OPBVFpLfQLy6xxDQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Feb 2021 17:47:13 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-IfZjz6OPBVFpLfQLy6xxDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IfZjz6OPBVFpLfQLy6xxDQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxWOgL8DaDQ7PGuf5l-NpoAmoUS1FYeJKgudMsJBsMVD4owQYPGwT9ldU1etIAxR7oVv1V5eekysrSStxaBXC7SRGDPU6-krCXvlFLWZifDQ8kThObRAI724MZZhOguQ4L2eMjDb7BYvCYW0DwktEO0riQmeaD-AdMfPO-uUVHEL3MuxlNcEnR2iCqA= Show response
fundingchoicesmessages.google.com/f/ 60 KB
23 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWOgL8DaDQ7PGuf5l-NpoAmoUS1FYeJKgudMsJBsMVD4owQYPGwT9ldU1etIAxR7oVv1V5eekysrSStxaBXC7SRGDPU6-krCXvlFLWZifDQ8kThObRAI724MZZhOguQ4L2eMjDb7BYvCYW0DwktEO0riQmeaD-AdMfPO-uUVHEL3MuxlNcEnR2iCqA=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEyODkyODMzLDcyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXV0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55bfa676c35812f5e9c509a680d472156e7277032b803dace53a46f4e37df692

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-I0IhN1JqHARflZr+CaxeDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-I0IhN1JqHARflZr+CaxeDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-I0IhN1JqHARflZr+CaxeDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-I0IhN1JqHARflZr+CaxeDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
trc-events.taboola.com/login4all/log/2/ 0
276 B 18ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/login4all/log/2/debug?tim=18%3A47%3A13.927&type=error&msg=Error%20in%20loadRBox()%3A%20Placement%20%27Mid%20article%20Thumbnails%27%20is%20not%20unique%20in%20loadRBox()!&id=301&cv=20210209-17-RELEASE&lt=deflated&pct=1
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 1997
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.34.201:10213

GET
H2 204 debug
trc-events.taboola.com/login4all/log/2/ 0
275 B 18ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/login4all/log/2/debug?tim=18%3A47%3A13.927&type=error&msg=Error%20in%20libtrc%20initialization%3A%20Placement%20%27Mid%20article%20Thumbnails%27%20is%20not%20unique%20in%20loadRBox()!&id=2167&cv=20210209-17-RELEASE&lt=deflated&pct=1
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:13 GMT
server: nginx
x-fastly-to-nlb-rtt: 1997
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.199:10213

POST
H2 204 collect
www.google-analytics.com/g/ 0
61 B 16ms
15ms Other
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4XL6PD30ML&gtm=2oe1r0&_p=1172948412&sr=1600x1200&ul=en-us&cid=1606127201.1612892833&_s=1&dl=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&dr=&dt=beacon%20portal%20ncid%20-%20Official%20Login%20Page%20%5B100%25%20Verified%5D&sid=1612892834&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4XL6PD30ML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 53ms
40ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

177e48ce866a4e867b76732dc6963a225768f9e23a44d828736843bf4b2ad02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Feb 2021 17:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6790
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210203/r20190131/show_ads_impl_exp_fy2019.js?bust=login4all.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 17:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 09 Feb 2021 17:47:14 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame A55D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 09 Feb 2021 14:47:34 GMT
expires: Wed, 09 Feb 2022 14:47:34 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10780
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
183 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210203&jk=3542749357350346&bg=!GhmlGVrNAAWP4B5EjzsAKQB2-DxaVzSmTu22JEpPyIFK-HkjaBM5BAXX5FPaycKPbWRARPY3aMz0AgAAAJlSAAAAEmgBBwoBh_62TD53mT2YB_q7yQC0lyZqx-SAOscvW97zfRWFfyhwOMLZ42vjXMl9jpSqFI3JFpDyu47KrsWgzpMRCanq3YIcMaDuzXHhTso86YuQnf4ZOvztcLDjrwndPk_mOXeru5UDO-PUalXHvoGddIkRFftx5oo6JSiDe0f25yVTmlHtjS89fuWh764dSVG3wthNCDKk1z7mzLw9zLtXpLHXmU6fJrAwoELQAr1vJjV0M-LDaSLJefSc-ZOvAU-cyXMA7Do9ur1ZlxzcReWLQGauAtbvM6Cuuq67gwpzGJtS9CN6BfL4E0nXb2rpEM0YHZowi1SBXQMFxnzlLZmcoB0ahorhVQfiMJ_KVd5cCpR5OKXwUNa9aHYxRFXhScXii8nXd87lMOf9qWGr6jDTgnCzfXkdG3f2VOZc0y60EcFLvH580pGP379EihhMuFUPWpSTSbJHgyOrgR6a-kUzBfkHPyxr4dv2l0RaZY0By3ixPQvY1RDTyVA4hwkDz7kQZcLihHLgdgpk4VuZAeTWXyS6Ui18XIJxnID8actwQdr1utef3Fc27LG-tUrwVA1vMCdeZTolUiUDvQfUZFS3afRG2ceevfIBtIQad0RLurQzjdBNxW-USB3ljIUhPfwDSIrR1sd393-9nCW0mdPSQsyhCWU8jj9ofM8O9EnmhLJx2PoTCQ3ubSwb4tR8lq0XOybKLzqmbHrYvYutcupdKYk9x_Rn1qua43TKpLvPXgRQ2ddjLFBFU3XQOwlJuRaIE_Jtg947GddvD12MmG5wvcPwfKGLSheBBjwicYpgtB_5m0iJRFaAXUiJoH2MV8-2-QNrxvGukjzU7P7B6n5QRdw-idojenDoKzqmYubI082XUv9BeKbKTeWpRFCxsScj7mgWJzy_aeB0_6LpUXL6668PZs6qEf_XJkUKiYLvf5iwc_Fgr2M48gZ6zbjYpnIiwXqDZZ1CmALfePnta3jzdCkWytRDE7NV5EsjLwrz3MWcrUW47wdNA11ZNhadiNUe0qvGMkSK30L_Ra1GiYyvQKI99DcVSPtpnFw3VK6NMTOq6kfM2fMUg98HUiTzf0klSee1l1u12MEiFZDa3mggGj0wfNZtTcnQGAfPRzKpbHN17g3fqdB2exUQE3YU9vOZsZbhHKWs2M6l21Ptqb3DGCAP

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-7790726024372832&su=login4all.com&doc=complete&pg_h=5317&pg_w=1600&pg_hs=5317&c=0&aa_c=1&av_h=280&av_w=360&av_a=100800&all_b=3552&d=0&all_d=0.053&ard=0&all_ard=0.012&dt=d

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Feb 2021 17:47:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.clarity.ms/wus2/ 7 B
257 B 182ms
166ms XHR
text/plain 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/wus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/wus2/s/0.6.4/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Feb 2021 17:47:16 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0pMoiYAAAAAC608QzqQCeRovOj9/KPUo/RlJBRURHRTEwMTIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length: 11
request-context: appId=cid-v1:4c1fad9b-089c-49c9-a9a1-8da0dff92cf3

POST
H2 200 collect Show response
www.clarity.ms/wus2/ 7 B
153 B 181ms
170ms XHR
text/plain 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/wus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/wus2/s/0.6.4/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Feb 2021 17:47:19 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0p8oiYAAAAADLMbdLjrjzSbQF+OjF7655RlJBRURHRTEwMTIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length: 11
request-context: appId=cid-v1:4c1fad9b-089c-49c9-a9a1-8da0dff92cf3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: x-raw-image:///31e31150096ed67c06c495ac1f2975b9d80d4bcd4205b521cd44c33bd882ad59

Domain
URL: x-raw-image:///7da9eb0108a824a5a686733cc191bbfd7405d2c47499cb504f396997f4a45280

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 18:11:08	Name: 8lcfmzhxc8d6_uid Value: fb89374afe876fad
.login4all.com/	1970-01-20 09:32:44	Name: _ga Value: GA1.1.1606127201.1612892833
.login4all.com/	1970-01-20 09:32:44	Name: _ga_4XL6PD30ML Value: GS1.1.1612892834.1.0.1612892834.0
.login4all.com/	1970-01-20 01:23:08	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1612892833590],null,null]
.doubleclick.net/	1970-01-20 01:23:08	Name: IDE Value: AHWqTUn9-duSa47tpvlcUV3Cb5T-oR1xgtctm-6cRyEr6O5FtbHzsxZfr5uD5umvgsk
.login4all.com/	1970-01-20 01:23:08	Name: __gads Value: ID=b1f7ff877690694a-22139bc75eba00f0:T=1612892833:RT=1612892833:S=ALNI_MbX91x-7xrgvlH10FYb-masBC3DLQ

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210209-17-RELEASE.js(Line 3) Message: Error in loadRBox(): Placement 'Mid article Thumbnails' is not unique in loadRBox()!
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210209-17-RELEASE.js(Line 3) Message: console.trace
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210209-17-RELEASE.js(Line 3) Message: Error in loadRBox(): Placement 'Mid article Thumbnails' is not unique in loadRBox()!
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210209-17-RELEASE.js(Line 3) Message: console.trace
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210209-17-RELEASE.js(Line 3) Message: Error in libtrc initialization: Placement 'Mid article Thumbnails' is not unique in loadRBox()!
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210209-17-RELEASE.js(Line 3) Message: console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


adservice.google.com
adservice.google.de
cdn.taboola.com
files.nc.gov
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
idpprod.nc.gov
login4all.com
pagead2.googlesyndication.com
partner.googleadservices.com
png.pngtree.com
shaidolt.com
somehowluxuriousreader.com
tpc.googlesyndication.com
trc-events.taboola.com
ugyplysh.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.nctracks.nc.gov

12.204.168.100
139.45.196.195
139.45.197.254
141.226.228.48
142.250.185.194
151.101.13.44
167.99.98.35
184.86.251.15
192.243.59.12
204.211.136.231
2600:9000:206f:4600:1c:d1ac:7800:93a1
2620:1ec:bdf::13
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
177e48ce866a4e867b76732dc6963a225768f9e23a44d828736843bf4b2ad02a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb
2dbcc0aefb3b602f6af08e07a06a4614392aa91ccd7a9dadc377e55298f82247
3437dc097c45b6a3680972052183ca0633ea5ea93fa2b1f3d2d2e2b014df8f87
396d529ff8ba0fd057828254b4bd973385114ce1049c4517b5210c03c52ba278
42a94b1d0fe6bc15a41d2ec6146d9f7b4f0bb7a347435cc4b161a6a5c99f59a4
4419ab44acdf61215cd71b9b2cdc4be0f45237d83ab0ab922b50353576194b1c
478c1e9cba88465f219883ea17a2a01cd9831a06ab0728c0fdef80da0d2da445
498b8ebca31222531b668107f30fd895741dd9c31e4b2c058f94ef4cd4f94060
4d4216264e02c2b23e7ed82b52d672603092927d4e7dc099a1688f3682ce8637
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54146b738a6297b9fd1a4bf839efcc53a59243cbd1cc5d9915cdef14b4065874
543252d5482748bb5bf9036023f717d65d8349ce0e3571ab3251bb74ca6fbb9b
55bfa676c35812f5e9c509a680d472156e7277032b803dace53a46f4e37df692
5d737a8fc3914f8c23b0da9aeffc1b3f0f8dedbe0257e4cdca65c7e35cce5a3e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6923b60e69fbd082a4ea78948ecba94823762e4796ff295d64e207715417f6e1
76b65c955f79b3f12c5aaf4230e09907fe95d6d93bbefdf04924b35d442a3cf2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
898d49ec2f799c30e2b08bbcd3c3660d4a30ab50471e42642c5e5902dc7c082f
8af923aa41c38ef87f16e695f170b6419e3ef09fd8b5dfcc4a84c006352a294f
8b402c7f90210866179ed25598201dd5f1f20258f9a3c01fcdcf06117c686ad1
93296decbabed1b4b51243cc43cc4d527376bef697589726012c385ee6a01806
976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d
a6756f2a2636016db1deb8aaab19d47311ed3855e79f2aba6f56e969382a879e
bd608155922175cc9147ed52bd13d808f178dfcf3d0b3cf0a221249131db8013
c4ef15f628aa5e9329f1acbd0eb8038c18dbf0d16ce89f63cfc97d55f2229c2f
cfdde5e505d82e95945a271c0f704404fe4f9aef0bd82bd448a77a6fa968265c
d6288ae95bae940aa16ee045e4fdaae0a5f074914ac9cac19148bf051fea4613
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e34518c22dce09ee976d9ed7bb65169dc627d7109ee33453a119ea26f53d201f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f09a65a7ddc4997c0683661300d7b424a117d2cc634bcab750926325d40bf1d5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

login4all.com Open in urlscan Pro 167.99.98.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

44 %IPv6

17 Domains

22 Subdomains

19 IPs

4 Countries

787 kBTransfer

2071 kBSize

6 Cookies

10 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login4all.com Open in urlscan Pro
167.99.98.35 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

44 %
IPv6

17
Domains

22
Subdomains

19
IPs

4
Countries

787 kB
Transfer

2071 kB
Size

6
Cookies

56 HTTP transactions
0 data transactions