login4all.com Open in urlscan Pro
167.99.98.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login4all.com/beacon-portal-ncid
Submission: On February 05 via manual (February 5th 2021, 10:39:48 pm UTC) from US

Summary HTTP 56 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 17 domains to perform 56 HTTP transactions. The main IP is 167.99.98.35, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is login4all.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 30th 2020. Valid for: a year.

This is the only time login4all.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	167.99.98.35 167.99.98.35	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	139.45.196.142 139.45.196.142	9002 (RETN-AS) (RETN-AS)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:bdf::13 2620:1ec:bdf::13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
1	2600:9000:219... 2600:9000:2190:a200:1c:d1ac:7800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	204.211.136.231 204.211.136.231	6559 (NCIH) (NCIH)
1	12.204.168.100 12.204.168.100	27529 (CSC-EMEDNY) (CSC-EMEDNY)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	104.126.37.25 104.126.37.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	139.45.197.254 139.45.197.254	9002 (RETN-AS) (RETN-AS)
6	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
56	19

12 167.99.98.35 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

login4all.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.142 (Ascension Island)

ASN9002 (RETN-AS, GB)

shaidolt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:a200:1c:d1ac:7800:93a1 (United States)

ASN16509 (AMAZON-02, US)

files.nc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.211.136.231 (Raleigh, United States)

ASN6559 (NCIH, US)
PTR: idpprod.nc.gov

idpprod.nc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 12.204.168.100 (Durham, United States)

ASN27529 (CSC-EMEDNY, US)
PTR: nctracks.com

www.nctracks.nc.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

somehowluxuriousreader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.37.25 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-25.deploy.static.akamaitechnologies.com

png.pngtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

ugyplysh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	login4all.com login4all.com	244 KB
7	google.com adservice.google.com fundingchoicesmessages.google.com	78 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	147 KB
5	taboola.com cdn.taboola.com trc-events.taboola.com	126 KB
4	clarity.ms www.clarity.ms	20 KB
3	doubleclick.net googleads.g.doubleclick.net
3	nc.gov files.nc.gov idpprod.nc.gov www.nctracks.nc.gov	45 KB
3	shaidolt.com shaidolt.com	45 KB
2	ugyplysh.com ugyplysh.com	543 B
2	somehowluxuriousreader.com somehowluxuriousreader.com
1	google-analytics.com www.google-analytics.com	169 B
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	644 B
1	pngtree.com png.pngtree.com	597 B
1	googletagmanager.com www.googletagmanager.com	52 KB
0	Failed function sub() { [native code] }. Failed
56	17

	Domain	Requested by
12	login4all.com	login4all.com
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	login4all.com pagead2.googlesyndication.com
4	www.clarity.ms	login4all.com www.clarity.ms
3	trc-events.taboola.com	login4all.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	shaidolt.com	login4all.com shaidolt.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	ugyplysh.com	login4all.com
2	somehowluxuriousreader.com	login4all.com
2	cdn.taboola.com	login4all.com cdn.taboola.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	png.pngtree.com	login4all.com
1	www.googletagmanager.com	login4all.com
1	www.nctracks.nc.gov	login4all.com
1	idpprod.nc.gov	login4all.com
1	files.nc.gov	login4all.com
0	Failed	login4all.com
56	22

This site contains links to these domains. Also see Links.

Domain
feed.cf-se.com
pdf4pro.com
ncgov.procurement3.ariba.com
searchfeed.seccint.com
www.findarticles.com
per.nctracks.com
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
login4all.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2021-07-30`	a year	crt.sh
shaidolt.com R3	`2020-12-13` - `2021-03-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
files.nc.gov DigiCert Global CA G2	`2020-09-14` - `2021-06-18`	9 months	crt.sh
idpprod.nc.gov DigiCert Global CA G2	`2020-04-03` - `2021-04-15`	a year	crt.sh
www.nctracks.nc.gov DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2020-12-07` - `2022-01-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
somehowluxuriousreader.com R3	`2021-01-02` - `2021-04-02`	3 months	crt.sh
pikbest.com DigiCert Secure Site ECC CA-1	`2020-08-06` - `2021-08-07`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
ugyplysh.com R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://login4all.com/beacon-portal-ncid
Frame ID: F25474CDE6ABA305A3EA7D73FC3E1959
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html
Frame ID: A8CD7C274F895F2DC16D953DBAC55A69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7790726024372832&output=html&adk=1812271804&adf=3025194257&lmt=1612564768&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&ea=0&flash=0&pra=5&wgl=1&dt=1612564768854&bpp=10&bdt=85&idt=105&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1607386677948&frm=20&pv=2&ga_vid=628386056.1612564769&ga_sid=1612564769&ga_hid=773342563&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068769%2C21068893%2C21068946%2C21065725&oid=3&pvsid=994853048229809&pem=468&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=121
Frame ID: 67B5061D5BBAF7C22FA244D578BE6E51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.1.0.4.2.2.0.0&us_privacy=1---&client=ca-pub-7790726024372832&output=html&h=280&adk=432735925&adf=155783186&pi=t.aa~a.801403108~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1612564769&rafmt=1&to=qs&pwprc=7152277728&psa=0&format=360x280&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612564769118&bpp=3&bdt=349&idt=3&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1d0d988b6220d17-223a1c9b5fba00fb%3AT%3D1612564769%3ART%3D1612564769%3AS%3DALNI_MZQjqrYRQV6aMhgTldStzXDKeUhsw&prev_fmts=0x0&nras=1&correlator=1607386677948&frm=20&pv=1&ga_vid=628386056.1612564769&ga_sid=1612564769&ga_hid=773342563&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068769%2C21068893%2C21068946%2C21065725&oid=3&pvsid=994853048229809&pem=468&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5LcgrG5v9Y&p=https%3A//login4all.com&dtd=92
Frame ID: 524F27F0FBE15F56A2BF3B76BFB748E5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 00DDF56030A02E9B45E9CA73000BD7C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

56
Requests

96 %
HTTPS

44 %
IPv6

17
Domains

22
Subdomains

19
IPs

4
Countries

787 kB
Transfer

2069 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://feed.cf-se.com/v2/click/?gd=SY1001213&uid=&sid=&q=beacon%20nc%20employee%20portal&searchProvider=2&searchSource=80&searchTagId=ptvl!%3D!tracingTag%253DC0!%26!ptnvls!%3D!%257B%257D!%26!ptvls!%3D!%257B%2522C%2522%253A%25220%2522%257D&original=https%3A%2F%2Fmybeacon.its.state.nc.us%2Firj%2Fservlet%2Fprt%2Fportal%2Fprtroot%2Fcom.sap.portal.pagebuilder.IviewModeProxy%3Fiview_id%3Dpcd%253Aportal_content%252Fgov.nc.beacon.pct%252Froles%252Fess%252FmydataESS%252Femployee_self_service%252Farea_working_time%252Fquotaoverview%252Fquotaoverview%26iview_mode%3Ddefault&linktype=Organic&referrer=&agent=&page=0&mkt=&c=0&d=&td=&n=&af=1&at=search&AdUnitId=11706724&AdUnitName=Hiyo2&tid=cb9e0a31-1e95-4d5a-a4d7-88a76ffc0de0&adPosition=5&isid=&ab_isSticky=&ab_startDate=&ab_endDate=&ab_per=&nu=true&ptv=2&templateName=AdsTags_AdsBlock_algo_side_imagesTab_videoTab_shoppingTab_related_relatedSideBar_imgWidget_videoWidget_productAds_hamburger&templateCounts=0_3_10_6_1_1_0_8_8_1_1_0_1&geo=us&url=http%3A%2F%2Fwww.onlyonesearch.com%2FSearch%2F%3Fq%3Dbeacon%2520nc%2520employee%2520portal&displayUrl=https%3A%2F%2Fmybeacon.its.state.nc.us%2Firj%2Fservlet%2Fprt%2Fportal%2Fprtroot%2Fcom...&resultType=organic
Title: OSC - Login to BEACON

Search URL Search Domain Scan URL

URL: https://pdf4pro.com/cdn/changing-your-ncid-password-ncda-amp-cs-portal-3a7432.pdf
Title: Changing Your NCID Password

Search URL Search Domain Scan URL

URL: https://feed.cf-se.com/v2/click/?gd=SY1001213&uid=&sid=&q=doc%20intranet%20north%20carolina&searchProvider=2&searchSource=80&searchTagId=ptvl!%3D!tracingTag%253DC0!%26!ptnvls!%3D!%257B%257D!%26!ptvls!%3D!%257B%2522C%2522%253A%25220%2522%257D&original=https%3A%2F%2Fwww.nc.gov%2Fstate-employees&linktype=Organic&referrer=&agent=&page=0&mkt=&c=0&d=&td=&n=&af=1&at=search&AdUnitId=11706724&AdUnitName=Hiyo2&tid=d274478c-e6e2-454f-af1f-4a37c646f9a2&adPosition=10&isid=&ab_isSticky=&ab_startDate=&ab_endDate=&ab_per=&nu=true&ptv=2&templateName=AdsTags_AdsBlock_algo_side_imagesTab_videoTab_shoppingTab_related_relatedSideBar_imgWidget_videoWidget_productAds_hamburger&templateCounts=0_3_10_6_1_1_0_8_8_1_1_0_1&geo=us&url=http%3A%2F%2Fwww.onlyonesearch.com%2FSearch%2F%3Fq%3Ddoc%2520intranet%2520north%2520carolina&displayUrl=https%3A%2F%2Fwww.nc.gov%2Fstate-employees&resultType=organic
Title: State Employees - NC.gov

Search URL Search Domain Scan URL

URL: http://ncgov.procurement3.ariba.com/
Title: NCID

Search URL Search Domain Scan URL

URL: https://searchfeed.seccint.com/v2/click/?gd=SY1001284&uid=&sid=&q=parole%20leads%20log%20in&searchProvider=2&searchSource=80&searchTagId=ptvl!%3D!tracingTag%253DC0%2526tracingTag%253DM1%2526tracingTag%253DL1%2526tracingTag%253DN1!%26!ptnvls!%3D!%257B%257D!%26!ptvls!%3D!%257B%2522C%2522%253A%25220%2522%252C%2522M%2522%253A%25221%2522%252C%2522L%2522%253A%25221%2522%252C%2522N%2522%253A%25221%2522%257D&original=https%3A%2F%2Fit.nc.gov%2Fservice-desk&linktype=DeepLink&referrer=&agent=&page=0&mkt=&c=0&d=&td=&n=1&af=1&at=search&AdUnitId=11706971&AdUnitName=Onlyonesearch2&tid=1c74a5b2-8cfd-44ee-a5c1-5c255b5735e4&adPosition=2&isid=&ab_isSticky=&ab_startDate=&ab_endDate=&ab_per=&nu=true&ptv=2&templateName=AdsTags_AdsBlock_algo_side_imagesTab_videoTab_shoppingTab_related_relatedSideBar_imgWidget_videoWidget_productAds_hamburger&templateCounts=0_3_10_0_1_1_0_8_8_1_1_0_1&geo=us&url=http%3A%2F%2Fwww.onlyonesearch.com%2FSearch%2F%3Fgd%3DSY1001284%26l%3D1%26m%3D1%26n%3D1%26q%3Dparole%2520leads%2520log%2520in&resultType=organic
Title: Service Desk | NC Information Technology

Search URL Search Domain Scan URL

URL: http://www.findarticles.com/fwd?ux=EQ0dZHAqsRI6lDh8Au2Qd-D-DMOfOMzHYKrLtJ8MnqwOlj3KjukNAMBhJ0rhLCrJvyi2_NEfzmvPe44rqHDdqZ7jV4u_029n9y2DJVNmzHIVLgnTmAZMJLDJi5IM646Im74ExvhiP_AfP9IVpCGnhB4zwOR8YUYGiJPwnCEcfG8,&p=m_GxXu8d2LySSuqJDZBrHF7S9tfXIfqrCr4V8m-s-T3fpMT2ilNT2CLT7F69tbje0mf-viRTX_-JcFxbMfh0TL4zpTGEpbVFyZ-bDT2CCU8SP8B_J_TZ3iK_n07HIUF5fCA7AAzlnqc4N5MXwgvpSThl4qBW25pFBID59DugUTc,
Title: Steps in setting up your NCID with the Office of State Human ...

Search URL Search Domain Scan URL

URL: https://per.nctracks.com/ncmmisPortal/loginAction
Title: Login - NCTracks

Search URL Search Domain Scan URL

URL: http://www.findarticles.com/fwd?ux=KPc4QgzDoA-SqwATx2NOX5taTdNAuKjYPHIJEe4wReS-1YkcYd9GL3207UtOdcu0O4FhZHc8kFZ006JQ-Qo8wA,,&p=6nOh_DH0D3_im8Nnx_ISxhqUK2d7Ns4qgtfKCUXQQ-1nrAgh2MQBMb1H6hA0uK7Wc8-2Mf0ttLssy9D2TnKsEOm_w6O9s3sr2_-axspZY5L1vPcTYNGyeCFoioOI7GtKRyUEYcxi3RVUlXVeAxMm7EZsQTtE-QOxsie73Gv9Smg,
Title: NCDA&CS Portal

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=#LE&text=TEXT
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=#url&t=TITLE
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request beacon-portal-ncid Show response
login4all.com/ 70 KB
14 KB 695ms
283ms Document
text/html 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b8b7e7ec90b84790b5e32becaf2ae14eab4c8b856ff48f96238006cf40a6e923

Request headers

Host: login4all.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:28 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14504
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en

GET
H/1.1 200
OK ntfc.php Show response
shaidolt.com/ 14 KB
6 KB 85ms
26ms Script
application/javascript 139.45.196.142
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shaidolt.com/ntfc.php?p=3799224
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d6288ae95bae940aa16ee045e4fdaae0a5f074914ac9cac19148bf051fea4613

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 22:39:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:55:25 GMT
Server: nginx
ETag: W/"601a730d-373e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 57ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4179c91e113b124b59e6526d4919a15be02dd45145d8deea3f92deab787f7dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47969
x-xss-protection: 0
server: cafe
etag: 13757351720466141251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Feb 2021 22:39:28 GMT

GET
H/1.1 200
OK login-4-all.png
login4all.com/img/ 35 KB
35 KB 478ms
160ms Image
image/png 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login4all.com/img/login-4-all.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f09a65a7ddc4997c0683661300d7b424a117d2cc634bcab750926325d40bf1d5

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Last-Modified: Fri, 27 Mar 2020 06:30:22 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "8a36-5a1d03c711e5c"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 35382

GET
H2 200 4beigk1j8d Show response
www.clarity.ms/tag/ 836 B
1 KB 119ms
102ms Script
application/x-javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/4beigk1j8d
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 74402b2e3d37205f42fb46d7cb8e575f84a98186806692a4457b0d25043d6083

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:28 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0IMkdYAAAAAA1U9tzkwGwTq/4CE7A6INHRlJBRURHRTEwMDcANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
content-length: 700
expires: -1

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/login4all/ 73 KB
19 KB 173ms
123ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/login4all/loader.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e848215775099ff91b454e59bd39b719bb5b1e20bcf7ed4d8824a657a235625

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 3MwKxZPeb5oF0vA66fbwBwxMBblNOQmp
content-encoding: gzip
etag: "738a60fd8aaa823dbe313adc809241e1"
age: 0
x-cache: HIT
content-length: 19009
x-amz-id-2: GolhciGGJ+Y3pFFftKOizjOEcKasPANjaDtDL6u8gh5MQ+tgDexVMIvTl46IYjGkmO1J2T43Vi4=
x-served-by: cache-hhn11580-HHN
last-modified: Mon, 01 Feb 2021 12:31:41 GMT
server: AmazonS3
x-timer: S1612564769.839629,VS0,VE100
date: Fri, 05 Feb 2021 22:39:28 GMT
vary: Accept-Encoding
x-amz-request-id: 7N4N0NBP9KAVDSCT
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 40
x-cache-hits: 1

GET
H/1.1 200
OK fontawesome-webfont.woff2
login4all.com/fonts/ 75 KB
76 KB 161ms
158ms Font
application/octet-stream 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://login4all.com
Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:28 GMT
Last-Modified: Fri, 27 Mar 2020 06:29:54 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "12d68-5a1d03abb4ff4"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 77160

GET 31e31150096ed67c06c495ac1f2975b9d80d4bcd4205b521cd44c33bd882ad59
/ 0
0

GET
H2 200 stateemploygraphic.jpg
files.nc.gov/ncgov/styles/resp_hero-breakpoints_theme_nc_base_theme_phone_1x/public/ 10 KB
11 KB 61ms
16ms Image
image/jpeg 2600:9000:2190:a200:1c:d1ac:7800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.nc.gov/ncgov/styles/resp_hero-breakpoints_theme_nc_base_theme_phone_1x/public/stateemploygraphic.jpg?itok=GAZltLrZ&timestamp=1543516794

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:a200:1c:d1ac:7800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8af923aa41c38ef87f16e695f170b6419e3ef09fd8b5dfcc4a84c006352a294f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 23:53:24 GMT
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
last-modified: Fri, 07 Dec 2018 15:14:45 GMT
server: AmazonS3
age: 81965
etag: "2b6fb2304d1f35214e1c58239c6a06cb"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: M1UKI6u0wopSetRF6BH32m0kNjq_r_7K
x-amz-replication-status: COMPLETED
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 10407
x-amz-cf-id: w22TXOd_42ifMgx_BVr-K6ANEpuhxiApfP4kPgRJMlqUcVWaogEp0Q==

GET
H/1.1 200
OK ncidLogin1.png
idpprod.nc.gov/nidp/img/ 17 KB
17 KB 578ms
110ms Image
image/png 204.211.136.231
NCIH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idpprod.nc.gov:8443/nidp/img/ncidLogin1.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.211.136.231 Raleigh, United States, ASN6559 (NCIH, US),
Reverse DNS: idpprod.nc.gov
Software: Apache-Coyote/1.1 /
Resource Hash: c4ef15f628aa5e9329f1acbd0eb8038c18dbf0d16ce89f63cfc97d55f2229c2f

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:28 GMT
Last-Modified: Fri, 11 Aug 2017 19:00:25 GMT
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"16940-1502478025000"
Content-Length: 16940
Content-Type: image/png

GET 7da9eb0108a824a5a686733cc191bbfd7405d2c47499cb504f396997f4a45280
/ 0
0

GET
H/1.1 200
OK nctracksLogo_web.png
www.nctracks.nc.gov/ncmmisPortal/res/images/logos/ 17 KB
17 KB 770ms
118ms Image
image/png 12.204.168.100
CSC-EMEDNY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nctracks.nc.gov/ncmmisPortal/res/images/logos/nctracksLogo_web.png

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

12.204.168.100 Durham, United States, ASN27529 (CSC-EMEDNY, US),

Reverse DNS

nctracks.com

Software

JBoss-EAP/7 / Undertow/1

Resource Hash

6923b60e69fbd082a4ea78948ecba94823762e4796ff295d64e207715417f6e1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Last-Modified: Thu, 26 Dec 2019 21:26:12 GMT
Server: JBoss-EAP/7
Age: 72
X-Powered-By: Undertow/1
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 17286

GET
H/1.1 200
OK tw.png
login4all.com/img/icons/ 23 KB
23 KB 478ms
158ms Image
image/png 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login4all.com/img/icons/tw.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4419ab44acdf61215cd71b9b2cdc4be0f45237d83ab0ab922b50353576194b1c

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Last-Modified: Fri, 27 Mar 2020 06:30:46 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5c55-5a1d03ddbd9f8"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 23637

GET
H/1.1 200
OK facebook.png
login4all.com/img/icons/ 15 KB
15 KB 479ms
157ms Image
image/png 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login4all.com/img/icons/facebook.png
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e34518c22dce09ee976d9ed7bb65169dc627d7109ee33453a119ea26f53d201f

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Last-Modified: Fri, 27 Mar 2020 06:30:45 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3c28-5a1d03dc92cb5"
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 15400

GET
H/1.1 200
OK font-awesome.min.css
login4all.com/css/ 30 KB
7 KB 448ms
157ms Stylesheet
text/css 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/css/font-awesome.min.css
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:29:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "7918-5a1d03a0ffc78-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 7053

GET
H/1.1 200
OK bootstrap.min.css
login4all.com/css/ 118 KB
20 KB 417ms
162ms Stylesheet
text/css 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/css/bootstrap.min.css
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:29:42 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1d970-5a1d03a0211f5-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=98
Content-Length: 19744

GET
H/1.1 200
OK style.css
login4all.com/css/ 24 KB
5 KB 178ms
158ms Stylesheet
text/css 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/css/style.css
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8b402c7f90210866179ed25598201dd5f1f20258f9a3c01fcdcf06117c686ad1

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 10:37:46 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "5e33-5b9b720f35357-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 5115

GET
H/1.1 200
OK jquery.min.js Show response
login4all.com/js/ 95 KB
33 KB 163ms
162ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/jquery.min.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:30:35 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "17b8b-5a1d03d373d3c-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=99
Content-Length: 33760

GET
H/1.1 200
OK bootstrap.min.js Show response
login4all.com/js/ 36 KB
10 KB 158ms
157ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/bootstrap.min.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:30:34 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "90b5-5a1d03d1dc998-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=97
Content-Length: 9833

GET
H/1.1 200
OK wow.js Show response
login4all.com/js/ 12 KB
3 KB 158ms
157ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/wow.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4d4216264e02c2b23e7ed82b52d672603092927d4e7dc099a1688f3682ce8637

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 06:30:35 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2eb1-5a1d03d36a0fc-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=99
Content-Length: 2834

GET
H/1.1 200
OK custom.js Show response
login4all.com/js/ 3 KB
1 KB 158ms
157ms Script
application/javascript 167.99.98.35
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://login4all.com/js/custom.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.99.98.35 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 42a94b1d0fe6bc15a41d2ec6146d9f7b4f0bb7a347435cc4b161a6a5c99f59a4

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Feb 2021 22:39:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Apr 2020 16:17:38 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "d8c-5a3a71f028522-gzip"
Vary: Accept-Encoding
Content-Language: en
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=99
Content-Length: 943

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4XL6PD30ML

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bbd193ae30615f072936b51bcc0e8eed49c5ca09d556e6bf6ca8ecb2a59bf71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52712
x-xss-protection: 0
expires: Fri, 05 Feb 2021 22:39:28 GMT

GET
H/1.1 403
Forbidden 51f05d69f8d2fa082e93c80273ec8a1e.js
somehowluxuriousreader.com/51/f0/5d/ 0
0 300ms
92ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://somehowluxuriousreader.com/51/f0/5d/51f05d69f8d2fa082e93c80273ec8a1e.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 Feb 2021 22:39:29 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 78287d069c.svg
png.pngtree.com/svg/20160818/ 350 B
597 B 75ms
25ms Image
image/svg+xml 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://png.pngtree.com/svg/20160818/78287d069c.svg
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.25 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3437dc097c45b6a3680972052183ca0633ea5ea93fa2b1f3d2d2e2b014df8f87

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:28 GMT
last-modified: Fri, 18 May 2018 11:06:32 GMT
server: AmazonS3
x-amz-request-id: AF4338F17E0A70DE
etag: "94a0496fab9ff96ae8929e7fa5448587"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 350
x-amz-id-2: xzQLjUMa0Yw8ox3Y59E7y38sVpPNBXYNHOZdFU9lVmc6kIkLLYH3Nod4CPd3PZIvJhtjSuXfToo=

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/ 225 KB
85 KB 68ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86331
x-xss-protection: 0
server: cafe
etag: 657319051054643926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Feb 2021 22:39:28 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/ Frame A8CD 0
0 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210202/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Feb 2021 22:31:03 GMT
expires: Fri, 19 Feb 2021 22:31:03 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 505
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK zone Show response
shaidolt.com/ 716 B
1 KB 30ms
29ms Fetch
application/json 139.45.196.142
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://shaidolt.com/zone?pub=0&zone_id=3799224&is_mobile=false&domain=login4all.com&var=&ymid=&var_3=

Requested by

Host: shaidolt.com
URL: https://shaidolt.com/ntfc.php?p=3799224

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cac763e1bcc94a0794d1d6c3ccc2d7f93ff36f7ddc5cac3f19c0051ed712ef88

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: b892b2eab45fc60f6173fae9ce84438c
Date: Fri, 05 Feb 2021 22:39:28 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://login4all.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
shaidolt.com/pfe/current/ 106 KB
38 KB 110ms
42ms Fetch
application/javascript 139.45.196.142
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shaidolt.com/pfe/current/universal.min.js?v=3.1.282
Requested by: Host: shaidolt.com
URL: https://shaidolt.com/ntfc.php?p=3799224
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.142 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Feb 2021 22:39:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:55:25 GMT
Server: nginx
ETag: W/"601a730d-1a972"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://login4all.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.4/ 44 KB
19 KB 97ms
97ms Script
application/javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.4/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/4beigk1j8d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:28 GMT
content-encoding: br
etag: "1d6fb4a418e9402"
last-modified: Thu, 04 Feb 2021 23:05:40 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0IMkdYAAAAADC0IhpMgxmQKjVXopREEhyRlJBRURHRTEwMDcANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
644 B 114ms
57ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=login4all.com&callback=_gfp_s_&client=ca-pub-7790726024372832

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

5eadc04f9ff1eaa615d4930718ae5f4a580b63daef280332969b5badf4261ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
28ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=login4all.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 47ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=login4all.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top%20navbar-bg&ign=false

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 67B5 0
0 113ms
112ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7790726024372832&output=html&adk=1812271804&adf=3025194257&lmt=1612564768&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&ea=0&flash=0&pra=5&wgl=1&dt=1612564768854&bpp=10&bdt=85&idt=105&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1607386677948&frm=20&pv=2&ga_vid=628386056.1612564769&ga_sid=1612564769&ga_hid=773342563&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068769%2C21068893%2C21068946%2C21065725&oid=3&pvsid=994853048229809&pem=468&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=121

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-7790726024372832&output=html&adk=1812271804&adf=3025194257&lmt=1612564768&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&ea=0&flash=0&pra=5&wgl=1&dt=1612564768854&bpp=10&bdt=85&idt=105&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1607386677948&frm=20&pv=2&ga_vid=628386056.1612564769&ga_sid=1612564769&ga_hid=773342563&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068769%2C21068893%2C21068946%2C21065725&oid=3&pvsid=994853048229809&pem=468&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Feb 2021 22:39:29 GMT
server: cafe
content-length: 5376
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 05-Feb-2021 22:54:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Feb 2021 22:39:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612389176576780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Fri, 05 Feb 2021 22:39:29 GMT

GET
H2 200 impl.20210201-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 461 KB
106 KB 24ms
23ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/login4all/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a2252bdad795066b9fbeaa02ccec3a7352ffd19ffe77a3549a60188c921d13f5

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sytUS_t2ICwIO8gnMfypUUTp4vH0mDTm
content-encoding: br
etag: "d3ae6070e7c9aa710077d02780c9888d"
age: 19934
x-cache: HIT
content-length: 108570
x-amz-id-2: RV/K/ZEQ/GzSzK8eX4I+sx18Vw1oOTxYLNMI4WfMFlZMjnGbVLtDseUyi2uGsBHHwu8oqplYWAw=
x-served-by: cache-hhn11580-HHN
last-modified: Mon, 01 Feb 2021 08:48:30 GMT
server: AmazonS3-br
x-timer: S1612564769.000967,VS0,VE0
date: Fri, 05 Feb 2021 22:39:29 GMT
vary: Accept-Encoding
x-amz-request-id: 5ED24985590A6C89
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 31
x-cache-hits: 128028

POST
H/1.1 200
OK event Show response
ugyplysh.com/ 94 B
543 B 82ms
27ms Fetch
application/json 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ugyplysh.com/event

Requested by

Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.254 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

06af5199f9b58f0ebd25591a143f50d373de5c5188bf4fc8e76fd120451a0814

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 9782d4803d070bb11e020685e8929148
Date: Fri, 05 Feb 2021 22:39:27 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://login4all.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

OPTIONS
H/1.1 200
OK event
ugyplysh.com/ Frame 0
0 86ms
25ms Other
text/plain 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ugyplysh.com/event
Protocol: HTTP/1.1
Server: 139.45.197.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://login4all.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 05 Feb 2021 22:39:27 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://login4all.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 ca-pub-7790726024372832 Show response
fundingchoicesmessages.google.com/i/ 79 KB
30 KB 54ms
34ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7790726024372832?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22fcb51bd710efc4e23ebd26676f1857734d17593ef24c55f2b1c82081c01e37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-okDExtnAEkKk2STH7hID2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-okDExtnAEkKk2STH7hID2g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-okDExtnAEkKk2STH7hID2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-okDExtnAEkKk2STH7hID2g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxUgr7wsSd3Ztyzq7ymhmWvj5onsoQt5WDC_IKbeQAHa5IyMJzGqHGt2bE1ngOeNIOR21oNjuS3-F-k95hKFkA== Show response
fundingchoicesmessages.google.com/l/ 0
803 B 54ms
21ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUgr7wsSd3Ztyzq7ymhmWvj5onsoQt5WDC_IKbeQAHa5IyMJzGqHGt2bE1ngOeNIOR21oNjuS3-F-k95hKFkA==?pvid=5223CD9A-7E23-4CFF-AAF4-D74EF9E633A4&anonid=F93E80E9-A5B7-4517-AB8F-78A815F3AA4A

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.JFZB96D63A8.es5.O/d=1/ct=zgms/rs=AJlcJMzG8seUd0EOWbRCO7cKw9UlH0DQow/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Cfj2bjqenmBq+bqO7TnPiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Cfj2bjqenmBq+bqO7TnPiQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Feb 2021 22:39:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Cfj2bjqenmBq+bqO7TnPiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Cfj2bjqenmBq+bqO7TnPiQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxW0wRo_QGTV5OIRqI9DufUnOTQJzNpks6RYlyHLcOGHBB5vTcDoTaodyCTnG_qqvqwKlgTv_2X7S0e0enSk5Q== Show response
fundingchoicesmessages.google.com/f/ 57 KB
23 KB 64ms
50ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW0wRo_QGTV5OIRqI9DufUnOTQJzNpks6RYlyHLcOGHBB5vTcDoTaodyCTnG_qqvqwKlgTv_2X7S0e0enSk5Q==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEyNTY0NzY5LDIwMTAwMDAwMF0sIjUyMjNDRDlBLTdFMjMtNENGRi1BQUY0LUQ3NEVGOUU2MzNBNCIsIkY5M0U4MEU5LUE1QjctNDUxNy1BQjhGLTc4QTgxNUYzQUE0QSIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e79344adad7f9eb85741d1459980da2732790054828336101677ce85b297ccb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tAelYMhQJZCuY4BrNo3SNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tAelYMhQJZCuY4BrNo3SNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-tAelYMhQJZCuY4BrNo3SNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tAelYMhQJZCuY4BrNo3SNA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 524F 0
0 149ms
148ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.1.0.4.2.2.0.0&us_privacy=1---&client=ca-pub-7790726024372832&output=html&h=280&adk=432735925&adf=155783186&pi=t.aa~a.801403108~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1612564769&rafmt=1&to=qs&pwprc=7152277728&psa=0&format=360x280&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612564769118&bpp=3&bdt=349&idt=3&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1d0d988b6220d17-223a1c9b5fba00fb%3AT%3D1612564769%3ART%3D1612564769%3AS%3DALNI_MZQjqrYRQV6aMhgTldStzXDKeUhsw&prev_fmts=0x0&nras=1&correlator=1607386677948&frm=20&pv=1&ga_vid=628386056.1612564769&ga_sid=1612564769&ga_hid=773342563&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068769%2C21068893%2C21068946%2C21065725&oid=3&pvsid=994853048229809&pem=468&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5LcgrG5v9Y&p=https%3A//login4all.com&dtd=92

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.1.0.4.2.2.0.0&us_privacy=1---&client=ca-pub-7790726024372832&output=html&h=280&adk=432735925&adf=155783186&pi=t.aa~a.801403108~rp.4&w=360&fwrn=4&fwrnh=100&lmt=1612564769&rafmt=1&to=qs&pwprc=7152277728&psa=0&format=360x280&url=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1612564769118&bpp=3&bdt=349&idt=3&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da1d0d988b6220d17-223a1c9b5fba00fb%3AT%3D1612564769%3ART%3D1612564769%3AS%3DALNI_MZQjqrYRQV6aMhgTldStzXDKeUhsw&prev_fmts=0x0&nras=1&correlator=1607386677948&frm=20&pv=1&ga_vid=628386056.1612564769&ga_sid=1612564769&ga_hid=773342563&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=1485&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C21068769%2C21068893%2C21068946%2C21065725&oid=3&pvsid=994853048229809&pem=468&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5LcgrG5v9Y&p=https%3A//login4all.com&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 05 Feb 2021 22:39:29 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: IDE=AHWqTUkd7y43rmqUaFMDdqanY8f0ppoK2laeeM5fd11hghLTWyne7Uy9nuYgQczY7Gk; expires=Wed, 02-Mar-2022 22:39:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 05 Feb 2021 22:39:29 GMT
cache-control: private

POST
H3-Q050 204 AGSKWxVKXiEdmxX-ZGhnCP9mrCy_UbpAhePtzpT-5zL6mRNlHXbshx1QVrfFVsnnb0G0-Cu3B18SFiGh9J6jzwpU0wkzknCRFld9XZDoEnWEH64yozFW9kaWpE3_zL7VXOP4kwZQwOG9ZHWV3n4mtdp_X2HkitvGrq2bO28Dj7sD3U_HcWj7mktZ7oVydac= Show response
fundingchoicesmessages.google.com/l/ 0
336 B 23ms
22ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxVKXiEdmxX-ZGhnCP9mrCy_UbpAhePtzpT-5zL6mRNlHXbshx1QVrfFVsnnb0G0-Cu3B18SFiGh9J6jzwpU0wkzknCRFld9XZDoEnWEH64yozFW9kaWpE3_zL7VXOP4kwZQwOG9ZHWV3n4mtdp_X2HkitvGrq2bO28Dj7sD3U_HcWj7mktZ7oVydac=

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.7dwbhfe4pfk.es5.O/d=1/ct=zgms/rs=AJlcJMzj1OevO3dDgEkEhpyhzI763F8q6A/m=iabccpawebsignalscript

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QUcVvgaXU0E2Vjj4fsZiUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QUcVvgaXU0E2Vjj4fsZiUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Feb 2021 22:39:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-QUcVvgaXU0E2Vjj4fsZiUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QUcVvgaXU0E2Vjj4fsZiUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxVKXiEdmxX-ZGhnCP9mrCy_UbpAhePtzpT-5zL6mRNlHXbshx1QVrfFVsnnb0G0-Cu3B18SFiGh9J6jzwpU0wkzknCRFld9XZDoEnWEH64yozFW9kaWpE3_zL7VXOP4kwZQwOG9ZHWV3n4mtdp_X2HkitvGrq2bO28Dj7sD3U_HcWj7mktZ7oVydac= Show response
fundingchoicesmessages.google.com/l/ 0
335 B 60ms
60ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iMCOvRONJt05emZzjUEuxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-iMCOvRONJt05emZzjUEuxg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 05 Feb 2021 22:39:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-iMCOvRONJt05emZzjUEuxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-iMCOvRONJt05emZzjUEuxg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxUZcPuUmtZHT_1cqTVvs46p16zNo4-jcBQdLeVmSoLY96FwJ9JECu6L1pSqUb5vCmcC5usxb2-pEJNEBy9YwL5KLZgOnPOfHY-qLGXYhsFSUx2jGWxOVu0Tmn4nXwP7msz2N8gexb3WpvkGa_FEANmsPofCeWHtsjz0KgUCLwJ-i6BSg9J-wsYCOjU= Show response
fundingchoicesmessages.google.com/f/ 60 KB
23 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUZcPuUmtZHT_1cqTVvs46p16zNo4-jcBQdLeVmSoLY96FwJ9JECu6L1pSqUb5vCmcC5usxb2-pEJNEBy9YwL5KLZgOnPOfHY-qLGXYhsFSUx2jGWxOVu0Tmn4nXwP7msz2N8gexb3WpvkGa_FEANmsPofCeWHtsjz0KgUCLwJ-i6BSg9J-wsYCOjU=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEyNTY0NzY5LDM0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXV0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3445da2227dfcbb2595bdae110d0641aa08525aa3bec1fa4a4eac90a9c3e0aa2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g2wy/uicPvF46WqQxhtS6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g2wy/uicPvF46WqQxhtS6A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-g2wy/uicPvF46WqQxhtS6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g2wy/uicPvF46WqQxhtS6A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
trc-events.taboola.com/login4all/log/2/ 0
277 B 93ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/login4all/log/2/debug?tim=23%3A39%3A29.574&type=error&msg=Error%20in%20loadRBox()%3A%20Placement%20%27Mid%20article%20Thumbnails%27%20is%20not%20unique%20in%20loadRBox()!&id=3497&cv=20210201-3-RELEASE&lt=deflated&pct=1
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
server: nginx
x-fastly-to-nlb-rtt: 12538
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.34.201:10213

GET
H2 204 debug
trc-events.taboola.com/login4all/log/2/ 0
276 B 86ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/login4all/log/2/debug?tim=23%3A39%3A29.579&type=error&msg=Error%20in%20loadRBox()%3A%20Placement%20%27Mid%20article%20Thumbnails%27%20is%20not%20unique%20in%20loadRBox()!&id=8546&cv=20210201-3-RELEASE&lt=deflated&pct=1
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
server: nginx
x-fastly-to-nlb-rtt: 12538
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.134:10213

GET
H2 204 debug
trc-events.taboola.com/login4all/log/2/ 0
277 B 86ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/login4all/log/2/debug?tim=23%3A39%3A29.579&type=error&msg=Error%20in%20libtrc%20initialization%3A%20Placement%20%27Mid%20article%20Thumbnails%27%20is%20not%20unique%20in%20loadRBox()!&id=2785&cv=20210201-3-RELEASE&lt=deflated&pct=1
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
server: nginx
x-fastly-to-nlb-rtt: 12538
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.22.84:10213

GET
H/1.1 403
Forbidden 51f05d69f8d2fa082e93c80273ec8a1e.js
somehowluxuriousreader.com/51/f0/5d/ 0
0 96ms
96ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://somehowluxuriousreader.com/51/f0/5d/51f05d69f8d2fa082e93c80273ec8a1e.js
Requested by: Host: login4all.com
URL: https://login4all.com/beacon-portal-ncid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 Feb 2021 22:39:29 GMT
Server: nginx/1.17.6
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 58ms
45ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210202&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

742715e3d27ec82a643b961895f824194f97ad6f25587ddf1f83890a3dbb6271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6740
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 13ms
12ms Other
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4XL6PD30ML&gtm=2oe1r0&_p=773342563&sr=1600x1200&ul=en-us&cid=628386056.1612564769&_s=1&dl=https%3A%2F%2Flogin4all.com%2Fbeacon-portal-ncid&dr=&dt=beacon%20portal%20ncid%20-%20Official%20Login%20Page%20%5B100%25%20Verified%5D&sid=1612564769&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4XL6PD30ML
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://login4all.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 22:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 05 Feb 2021 22:39:29 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 00DD 0
0 34ms
20ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login4all.com/beacon-portal-ncid
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://login4all.com/beacon-portal-ncid

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 05 Feb 2021 22:01:24 GMT
expires: Sat, 05 Feb 2022 22:01:24 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2285
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 40ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210202&jk=994853048229809&bg=!HxylHF_NAAWnsTPUpzsAKQB2-DxatURf2qo7ltm-b02WkpFtKEMqiAFCNZ9FWUR4HDTLvQdtULRbAgAAADRSAAAACWgBBwoAXMYZiXantkvJMapYzpuYdYjTW0cE5BHmCxX39_zoAcrDoM60bZpJz3OKQZzqFa-p2sB5ShZMA7D7AawIGNpgdFhEPDmnCqrIJGFA3I-EUSMmmUE8OeCAIVpbFRPZmQHWgqcF-tyZuyCKYlrLm-gjzbJu5m4pBZ1T8Au4e2b8BoDxpC5dTdefjbHPY1ttyv2Xm0gu8zJyK7NASH29X6aSc1RgZSo1ZXqDwkJ73Reok4fY38Esce7dpgsHdQ-fDBk6PV9xiUbzB7IvNCX4UPI4CWenoaMgtaAvR673fAwZvuSmISyVN11DWU063Jn3LbKfziAXkMzY8WOJLJMyCRhKqYJ54AVWepr8tyy4DhfvrzqRXk9zDNAZEIwPIW4ZBDxV2N0Mm-z9FgxNSAhlrYAHev-0lg54vOXVyHAlTI2P2KX5QV8Uv7DSFmV4pG8U-bTInAd6tO0SbXG5DWXJympi4_uVLy1Oo0B9kpUFFVVSj83VSJCSCFaKCLmp6-rTfgZrGBnAshM7HPUUtnqR8WLG_IF6luKzOZFKel05COxXJYycypNFrAegAI091o8EmVJ0Xw4i5j5DxJIHHabjHgt3I6_6sHtFPoLfVHHRKPhbYg-hIOhtg9-XHyO8iu82BEveDpEX_P-Z7gqanZRkrouIN2DK5-BSchutjcmOVSWTiLaNwhmlCS1qkx4vqYLZ6dxm04pW9FZNQBF1gILscCyUxKUxjBNPZRqNLP94wfhJS9aGm7-m-7g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Feb 2021 22:39:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
264 B 118ms
102ms XHR
text/plain 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.4/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 05 Feb 2021 22:39:32 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0JMkdYAAAAAAPMHRhhDu2RIbGzDU+XhriRlJBRURHRTEwMjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
161 B 117ms
105ms XHR
text/plain 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.4/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://login4all.com/beacon-portal-ncid
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 05 Feb 2021 22:39:35 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0J8kdYAAAAABwAdPZ5T3GT5wjaS+2APiFRlJBRURHRTEwMjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL: x-raw-image:///31e31150096ed67c06c495ac1f2975b9d80d4bcd4205b521cd44c33bd882ad59

Domain
URL: x-raw-image:///7da9eb0108a824a5a686733cc191bbfd7405d2c47499cb504f396997f4a45280

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.login4all.com/	1970-01-20 01:17:40	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1612564769192],null,null]
.doubleclick.net/	1970-01-20 01:17:40	Name: IDE Value: AHWqTUkd7y43rmqUaFMDdqanY8f0ppoK2laeeM5fd11hghLTWyne7Uy9nuYgQczY7Gk
.login4all.com/	1970-01-20 01:17:40	Name: __gads Value: ID=a1d0d988b6220d17-223a1c9b5fba00fb:T=1612564769:RT=1612564769:S=ALNI_MZQjqrYRQV6aMhgTldStzXDKeUhsw

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js(Line 3) Message: Error in loadRBox(): Placement 'Mid article Thumbnails' is not unique in loadRBox()!
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js(Line 3) Message: console.trace
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js(Line 3) Message: Error in loadRBox(): Placement 'Mid article Thumbnails' is not unique in loadRBox()!
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js(Line 3) Message: console.trace
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js(Line 3) Message: Error in libtrc initialization: Placement 'Mid article Thumbnails' is not unique in loadRBox()!
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210201-3-RELEASE.js(Line 3) Message: console.trace

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


adservice.google.com
adservice.google.de
cdn.taboola.com
files.nc.gov
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
idpprod.nc.gov
login4all.com
pagead2.googlesyndication.com
partner.googleadservices.com
png.pngtree.com
shaidolt.com
somehowluxuriousreader.com
tpc.googlesyndication.com
trc-events.taboola.com
ugyplysh.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.nctracks.nc.gov

104.126.37.25
12.204.168.100
139.45.196.142
139.45.197.254
141.226.228.48
167.99.98.35
192.243.59.12
199.232.137.44
204.211.136.231
216.58.212.130
2600:9000:2190:a200:1c:d1ac:7800:93a1
2620:1ec:bdf::13
2a00:1450:4001:801::2008
2a00:1450:4001:803::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06af5199f9b58f0ebd25591a143f50d373de5c5188bf4fc8e76fd120451a0814
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
22fcb51bd710efc4e23ebd26676f1857734d17593ef24c55f2b1c82081c01e37
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb
2bbd193ae30615f072936b51bcc0e8eed49c5ca09d556e6bf6ca8ecb2a59bf71
3437dc097c45b6a3680972052183ca0633ea5ea93fa2b1f3d2d2e2b014df8f87
3445da2227dfcbb2595bdae110d0641aa08525aa3bec1fa4a4eac90a9c3e0aa2
4179c91e113b124b59e6526d4919a15be02dd45145d8deea3f92deab787f7dfd
42a94b1d0fe6bc15a41d2ec6146d9f7b4f0bb7a347435cc4b161a6a5c99f59a4
4419ab44acdf61215cd71b9b2cdc4be0f45237d83ab0ab922b50353576194b1c
4d4216264e02c2b23e7ed82b52d672603092927d4e7dc099a1688f3682ce8637
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5e848215775099ff91b454e59bd39b719bb5b1e20bcf7ed4d8824a657a235625
5eadc04f9ff1eaa615d4930718ae5f4a580b63daef280332969b5badf4261ca7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6923b60e69fbd082a4ea78948ecba94823762e4796ff295d64e207715417f6e1
72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb
742715e3d27ec82a643b961895f824194f97ad6f25587ddf1f83890a3dbb6271
74402b2e3d37205f42fb46d7cb8e575f84a98186806692a4457b0d25043d6083
7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8af923aa41c38ef87f16e695f170b6419e3ef09fd8b5dfcc4a84c006352a294f
8b402c7f90210866179ed25598201dd5f1f20258f9a3c01fcdcf06117c686ad1
976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d
a2252bdad795066b9fbeaa02ccec3a7352ffd19ffe77a3549a60188c921d13f5
b8b7e7ec90b84790b5e32becaf2ae14eab4c8b856ff48f96238006cf40a6e923
c4ef15f628aa5e9329f1acbd0eb8038c18dbf0d16ce89f63cfc97d55f2229c2f
cac763e1bcc94a0794d1d6c3ccc2d7f93ff36f7ddc5cac3f19c0051ed712ef88
d6288ae95bae940aa16ee045e4fdaae0a5f074914ac9cac19148bf051fea4613
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e34518c22dce09ee976d9ed7bb65169dc627d7109ee33453a119ea26f53d201f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79344adad7f9eb85741d1459980da2732790054828336101677ce85b297ccb8
f09a65a7ddc4997c0683661300d7b424a117d2cc634bcab750926325d40bf1d5
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

login4all.com Open in urlscan Pro 167.99.98.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

44 %IPv6

17 Domains

22 Subdomains

19 IPs

4 Countries

787 kBTransfer

2069 kBSize

3 Cookies

10 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login4all.com Open in urlscan Pro
167.99.98.35 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

44 %
IPv6

17
Domains

22
Subdomains

19
IPs

4
Countries

787 kB
Transfer

2069 kB
Size

3
Cookies

56 HTTP transactions
0 data transactions