Report - coldskyblue.com/?a=102273&c=129287&s2=102f6ec3a7e4aeecfde692d9f22b28&s3=75077_55609_96&s1=75077_55609_96&bo=2753,2754,2755,2756&ckmguid=265c85c1-6dc4-4442-8e70-e4621c23fb3d

Report Overview

Submitted URL
coldskyblue.com/?a=102273&c=129287&s2=102f6ec3a7e4aeecfde692d9f22b28&s3=75077_55609_96&s1=75077_55609_96&bo=2753,2754,2755,2756&ckmguid=265c85c1-6dc4-4442-8e70-e4621c23fb3d
IP
54.208.173.243
ASN
#14618 AMAZON-AES
Submitted
2023-03-31 23:13:55
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	5.5 kB	11 kB	142.250.74.131
www.google.com	7	2015-05-10T13:11:19Z	2023-03-31T20:35:26Z	814 B	2.2 kB	142.250.74.132
landers.cdnware.io	255018	2021-07-30T20:55:16Z	2023-03-31T15:55:56Z	381 B	116 kB	35.227.234.99
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	948 B	33 kB	216.58.207.227
timeforagreement.com	274406	2019-08-28T13:52:52Z	2023-03-30T08:51:30Z	907 B	18 kB	35.239.13.45
coldskyblue.com	unknown	2022-09-27T06:36:34Z	2023-03-31T19:47:06Z	503 B	996 B	54.84.34.24
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	2.7 kB	7.1 kB	95.101.11.115
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-31T20:19:47Z	461 B	167 kB	142.250.74.35
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-31T18:42:09Z	1.3 kB	1.2 kB	64.233.161.155
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	4.3 kB	51 kB	34.120.237.76
api.timeforagreement.com	350038	2019-08-28T13:52:52Z	2023-03-30T08:51:30Z	3.6 kB	12 kB	35.239.13.45
www.mycasualcompanion.com	unknown	2022-10-25T22:16:25Z	2023-03-31T19:47:04Z	3.6 kB	15 kB	34.120.198.170
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-31T21:42:43Z	382 B	21 kB	142.250.74.110
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-31T22:08:04Z	527 B	578 B	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-31 23:13:51	high	Client IP	170.61.248.166	ET INFO Executable Download from dotted-quad Host

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756	6.0 kB	2023-03-26	2023-04-01
Pretty URL www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 IP 34.120.198.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:20:28 Last Seen2023-04-01 11:12:16 Times Seen2 Hash b0a76857ece9646a87ef51c0db02a0f8 b16b8f13a821772a66ab646ab9354fb274878f9f fe218760c7732855b6284a526f31e151ae689ea38ac89ad083aada8b5b65ce28 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubXljYXN1YWxjb21wYW5pb24uY29tOjQ0Mw..&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=mansfukirn8e	40 kB	2023-04-01	2023-04-01
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubXljYXN1YWxjb21wYW5pb24uY29tOjQ0Mw..&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=mansfukirn8e IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:12:16 Last Seen2023-04-01 11:12:16 Times Seen1 Hash fc0fe5fabd7fa144237ba0af711cc5e4 bbea63d69e61cd10b75d5b7c2b69c0c790b49efa bb18c4727466982d3eda90dc1a90ea689181ecc85fc86c5f56533b59ee2a8b90 Loading...

	www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s	974 B	2023-04-01	2023-04-06
Pretty URL www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:12:16 Last Seen2023-04-06 00:16:36 Times Seen10 Hash 4f5ee76bca99697bc22a9c499702c384 c234a2ac0dc42d2d800f852345ced05ecefeb785 279af6c9ae77b5efcc1c33cda740d74aa1a4475bb713ce5d485dceb5e2efe632 Loading...

	www.google.com/recaptcha/enterprise.js	940 B	2023-04-01	2023-04-06
Pretty URL www.google.com/recaptcha/enterprise.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:12:16 Last Seen2023-04-06 16:32:59 Times Seen17 Hash 87ba2271f7ef4ae1f24543158522a40b 2dbc97f5f333ea6318354c43d2f6d813ffb02526 dfe610f0956f733742b6e363582b57b984d874c916f7a4977b2db86524b702bb Loading...

	landers.cdnware.io/media-registry.js	116 kB	2023-04-01	2023-04-13
Pretty URL landers.cdnware.io/media-registry.js IP 35.227.234.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:12:16 Last Seen2023-04-13 12:36:36 Times Seen39 Hash f18a850385bd73f4c199d85c29966120 f41bf304c03ce1c39a17e0a8953e25489f14350f 4e38deb8f29b4c2915d19c67f7223b1a04d250e1f048cf835aa5bd60e6b28276 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 12:35:03 Times Seen37091462 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	timeforagreement.com/cc.js?wId=7HSq7MbDf2oe68yetdbVsT&domain=mycasualcompanion.com&languageCode=en&languageTerritory=US&sessionId=444b770276c0494c871be4d6d7aee4d9	120 kB	2023-04-01	2023-04-01
Pretty URL timeforagreement.com/cc.js?wId=7HSq7MbDf2oe68yetdbVsT&domain=mycasualcompanion.com&languageCode=en&languageTerritory=US&sessionId=444b770276c0494c871be4d6d7aee4d9 IP 35.239.13.45 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:12:16 Last Seen2023-04-01 11:12:16 Times Seen1 Hash 649731b5d738e937a44dbf3d26bc8021 1e35d1bf09c70c072155e3260797c701e6e650d9 5033311ae01b4058694d724054f399c29da442390132fd0a32b1ad06bcbf7eb7 Loading...

	www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756	147 B	2023-03-07	2024-04-26
Pretty URL www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 IP 34.120.198.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:25 Last Seen2024-04-26 10:44:53 Times Seen895 Hash b85aa80cb826211a36318337793411db e34920a6965fb7b9102be2dcde8ae363e4355686 e4de3377c03566f32b347f14973f5e998466e585c9bbd27f7dc9099ecf77e7a2 Loading...

	www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756	774 B	2023-03-08	2024-02-29
Pretty URL www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 IP 34.120.198.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 11:49:36 Last Seen2024-02-29 05:47:54 Times Seen268 Hash 491ba8150680d16cd7fe169a073926c2 125d36808b1b581581ed0f7a22ec10afc1e52ec7 a2b2a0cfdef8b030906379f17525d82a952caba189171401a276e436b0f83842 Loading...

	www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756	308 B	2023-03-07	2024-04-26
Pretty URL www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 IP 34.120.198.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:25 Last Seen2024-04-26 10:44:54 Times Seen833 Hash 8a81377a647bdea836809865c62d171b dd72dda89aacfe74746d2c73421ea55a23ab313d 9c7aa944eeb31b5765d0c1674cdc445dff6dd572a6fe897f6d5137ce181d44a9 Loading...

	www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756	103 B	2023-03-07	2024-04-26
Pretty URL www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 IP 34.120.198.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:25 Last Seen2024-04-26 10:44:54 Times Seen534 Hash b375c74456053411ec5414e21ecf870f 00a6b32dd64dbf1470f439ce9fa89c712500eebc a200a9bc6b415237c4571f14eb0eaa8f0f0fcfcd7eeafa8860441a805e4a144f Loading...

	www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js	417 kB	2023-04-01	2023-04-19
Pretty URL www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:08:43 Last Seen2023-04-19 20:28:33 Times Seen4222 Hash d0341e93b2348180631183ce43097c5d 74229ffec024c2df2138b558f3771ced36845013 db20e355eec38641464097836c909673eebdadf82ace277df50847eea9e060b8 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubXljYXN1YWxjb21wYW5pb24uY29tOjQ0Mw..&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=mansfukirn8e	75 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubXljYXN1YWxjb21wYW5pb24uY29tOjQ0Mw..&hl=en&v=NZrMWHVy58-S9gVvad9HVGxk&size=invisible&cb=mansfukirn8e IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:59 Last Seen2024-04-26 12:33:23 Times Seen10407 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6c93ff631dcdfad8d2f867092b01080b	15 kB	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:12:17 Last Seen2023-04-01 11:12:17 Times Seen1 Hash 6c93ff631dcdfad8d2f867092b01080b d5ec58d4fcb0df28124c24209f46a5535f80912c a08fff1a0b577c9b320406326fbb5d3107c3153a6c5ff84ed11b62eb5fc7553c Loading...

	#2 Eval - 5cc7133c44da3661bff2dcc5ae437f60	22 B	2023-03-29	2023-04-01
Pretty Observations First Seen2023-03-29 23:41:23 Last Seen2023-04-01 11:22:30 Times Seen508 Hash 5cc7133c44da3661bff2dcc5ae437f60 0a5d4eb26ef90109b612ce2e69fc7f8b0fe719e7 6d76f7f7796e9907d09782bec9fac57af4c1734c814c862038c390b59e9822ef Loading...

	#3 Eval - c96c9bcc208b0f9e04102dd3df51edbe	64 B	2023-03-29	2023-04-01
Pretty Observations First Seen2023-03-29 23:41:23 Last Seen2023-04-01 11:22:30 Times Seen508 Hash c96c9bcc208b0f9e04102dd3df51edbe 7148a0442761241a121b8ac6f748e351f8e91c91 88eecb175fb668b1c2a68cddff02dd0bb4aa4ae4607dc42509047ab73a2fd56c Loading...

	#4 Eval - 40560641da175411b72f6e7d90fc5cac	16 kB	2023-03-29	2023-04-01
Pretty Observations First Seen2023-03-29 23:41:22 Last Seen2023-04-01 11:22:30 Times Seen508 Hash 40560641da175411b72f6e7d90fc5cac a6a00c98f0c6ac38fb203000433ca0d0fe4e84d3 a220f50e3076f861f1e10715a62c5c994c029ad56a1e8cfa123b89cf911cc7a2 Loading...

	#5 Eval - 5f0cad2db5b54de002fd85e3040095e5	22 B	2023-03-29	2023-04-01
Pretty Observations First Seen2023-03-29 23:41:23 Last Seen2023-04-01 11:22:30 Times Seen508 Hash 5f0cad2db5b54de002fd85e3040095e5 2fe2a832c5448656670d41be926b316dfbb0d121 7bd470bfce3b8369260e80fd2706ef76313263acb89fa20a1f3609ea5fc3edf9 Loading...

HTTP Transactions (65)

	URL	IP	Response	Size
	coldskyblue.com/?a=102273&c=129287&s2=102f6ec3a7e4aeecfde692d9f22b28&s3=75077_55609_96&s1=75077_55609_96&bo=2753,2754,2755,2756&ckmguid=265c85c1-6dc4-4442-8e70-e4621c23fb3d	54.84.34.24	302 Found	244 B
URL HTTP/1.1 coldskyblue.com/?a=102273&c=129287&s2=102f6ec3a7e4aeecfde692d9f22b28&s3=75077_55609_96&s1=75077_55609_96&bo=2753,2754,2755,2756&ckmguid=265c85c1-6dc4-4442-8e70-e4621c23fb3d IP 54.84.34.24:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 244 B (244 bytes) Hash 6a8e4c3ed83bf8ac85da0f757b1a1c61 6a0f515cc872c9132bc9ec913d2dbbac5474cc04 2064f0caef51fe2c4073db102619248d2eb0090e4fa616bb6b826f225cfae0ea HTTP Headers `GET /?a=102273&c=129287&s2=102f6ec3a7e4aeecfde692d9f22b28&s3=75077_55609_96&s1=75077_55609_96&bo=2753,2754,2755,2756&ckmguid=265c85c1-6dc4-4442-8e70-e4621c23fb3d HTTP/1.1 Host: coldskyblue.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 302 Found date: Fri, 31 Mar 2023 23:13:44 GMT content-type: text/html; charset=utf-8 content-length: 244 cache-control: private location: https://www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" set-cookie: sid=XkTmaZUQrnbVTjhlGt2GdhyclIf95SqVKanpkrRRIjNTyuzOiwxMaQ==; domain=.coldskyblue.com; path=/; HttpOnly trk=TplsblI7TXZtbn07dIYz1xyclIf95SqVKanpkrRRIjNTyuzOiwxMaQ==; domain=.coldskyblue.com; expires=Mon, 31-Mar-2025 23:13:44 GMT; path=/; HttpOnly c117097=XkTmaZUQrnZtRsHO3Af8Iya1F4IEjyd/wsdYJRGsAL696u8jBXe2Zg==; domain=.coldskyblue.com; expires=Sun, 30-Apr-2023 23:13:44 GMT; path=/; HttpOnly

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 7af19a5145a4ee99bdf18831bad04bfd 7bdd2a4785b999ef54a2644211d2b2b7190fb8e1 3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0" Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5262 Expires: Sat, 01 Apr 2023 00:41:26 GMT Date: Fri, 31 Mar 2023 23:13:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash b93010cbf31ba3ec785b4088e5d0f529 c0f1ab8a2aae3c445a8f24959a4eea433a345caf 2cc1a5865dee7636b82a68deddd3aff8b697e846e37789a694cc3c7c47340590 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2CC1A5865DEE7636B82A68DEDDD3AFF8B697E846E37789A694CC3C7C47340590" Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5173 Expires: Sat, 01 Apr 2023 00:39:57 GMT Date: Fri, 31 Mar 2023 23:13:44 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ed282214b024a7895d90e229e92bb1cc 1f447aa59287ce2b45860a1a909d005a41305f77 a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Backoff, Content-Type, Alert, Retry-After, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 31 Mar 2023 22:16:13 GMT content-type: application/json age: 3451 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 374c9e295a804e605c402f48ae7e2446 967394b36ecdff2dd32842f878887f061024c6b3 7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706" Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8487 Expires: Sat, 01 Apr 2023 01:35:11 GMT Date: Fri, 31 Mar 2023 23:13:44 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: StHrCf0kscFEbbjrNehe7Bm6fHMWbHd4JEl5jaR/PC3w5qlW9XPIFdnA3RhyQ/dPO/ydN07mQ9g= x-amz-request-id: DD9TJVJ6G9V012BH x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 31 Mar 2023 23:03:31 GMT age: 613 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1d4/Ui4vqW_koeY	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ui4vqW_koeY IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 3e4a47369acb8fa700bd300ce1e2080f 8389221e17e816e6dbcdf349139beb19738b81d5 a3d44e8c0deea66c39744e904ba9ec00f35239531212c361819728cc7bcc908e HTTP Headers `POST /s/gts1d4/Ui4vqW_koeY HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:44 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 31 Mar 2023 23:13:44 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 741a2f47aab81a2c7ed0fadaa1fa74e3 be34e0df4a5f272589a017ce77ece974d890f27c 4ea1737c8246072ea1072314ae684c1f7e518a81a5200c46374e47378bfb6b63 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 741a2f47aab81a2c7ed0fadaa1fa74e3 be34e0df4a5f272589a017ce77ece974d890f27c 4ea1737c8246072ea1072314ae684c1f7e518a81a5200c46374e47378bfb6b63 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s	142.250.74.132	200 OK	619 B
URL HTTP/2 www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s IP 142.250.74.132:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (974), with no line terminators Size 619 B (619 bytes) Hash 49d770f62034309ed498d9ad8bcc7af7 1e3b997b255b760a7c01f6d4deb43fc9b2c2338a 2997486f45423a6284aafa64ebd8347b6ec126b40bcd58b527ad9775ec4e55fd HTTP Headers `GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK expires: Fri, 31 Mar 2023 23:13:44 GMT date: Fri, 31 Mar 2023 23:13:44 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 619 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	www.google.com/recaptcha/enterprise.js	142.250.74.132	200 OK	589 B
URL HTTP/2 www.google.com/recaptcha/enterprise.js IP 142.250.74.132:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (940), with no line terminators Size 589 B (589 bytes) Hash fe1f3a7f82af831f77908162ffe53f41 9bbafbde462d08d24e6cce942248534ec6459d08 79f7c1cef0c79fb6f7f413d862de27587cb8389638a4bc5b76a229bd6a4a62db HTTP Headers `GET /recaptcha/enterprise.js HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK expires: Fri, 31 Mar 2023 23:13:44 GMT date: Fri, 31 Mar 2023 23:13:44 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 589 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/s/gts1d4/Ui4vqW_koeY	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Ui4vqW_koeY IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 3e4a47369acb8fa700bd300ce1e2080f 8389221e17e816e6dbcdf349139beb19738b81d5 a3d44e8c0deea66c39744e904ba9ec00f35239531212c361819728cc7bcc908e HTTP Headers `POST /s/gts1d4/Ui4vqW_koeY HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:44 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9e9f6891559058a4f43596719386a231 8b9bdfb379748c09759d43d9771a71269c0391d3 d1a9523b4094f8ce15ca02124033623203e20b8e375172c1f84491d6b4c0ea6c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D1A9523B4094F8CE15CA02124033623203E20B8E375172C1F84491D6B4C0EA6C" Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16348 Expires: Sat, 01 Apr 2023 03:46:12 GMT Date: Fri, 31 Mar 2023 23:13:44 GMT Connection: keep-alive`

	www.mycasualcompanion.com/img/logo.png	34.120.198.170	200 OK	7.4 kB
URL HTTP/2 www.mycasualcompanion.com/img/logo.png IP 34.120.198.170:0 ASN #15169 GOOGLE File type PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced\012- data Size 7.4 kB (7385 bytes) Hash df556ec3af83c9b7dd83c38ecd39ebc2 6a0c6bb3e1aae2ac3ba5afcb932c7303bb1bd4c3 fd272ab093065995e7b12b07ce4f34588a841ed4123fd7b44689ede4fb2c4e6c HTTP Headers `GET /img/logo.png HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK date: Fri, 31 Mar 2023 23:13:44 GMT server: Apache/2.4.54 (Ubuntu) vary: X-Forwarded-Proto last-modified: Fri, 31 Mar 2023 06:21:02 GMT etag: "1cd9-5f82c36a87af9" accept-ranges: bytes content-length: 7385 x-ua-compatible: IE=edge,chrome=1 content-type: image/png via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	www.mycasualcompanion.com/landers/images/general/google-logo.svg	34.120.198.170	200 OK	688 B
URL HTTP/2 www.mycasualcompanion.com/landers/images/general/google-logo.svg IP 34.120.198.170:0 ASN #15169 GOOGLE File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (688), with no line terminators Size 688 B (688 bytes) Hash 686f8efa6e3e28e96d1c08399e8d353d 4524589b0dceefb6ae6389f36634441df69152d5 0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b HTTP Headers `GET /landers/images/general/google-logo.svg HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK date: Fri, 31 Mar 2023 08:27:45 GMT server: nginx/1.14.2 content-type: image/svg+xml content-length: 688 last-modified: Fri, 31 Mar 2023 06:03:10 GMT etag: "6426779e-2b0" x-cacheable: YES cache-control: max-age=300 xkey: lander x-varnish: 123675244 121010796 age: 0 x-cache: HIT accept-ranges: bytes alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google X-Firefox-Spdy: h2`

	www.mycasualcompanion.com/landers/images/loader/loading.gif	34.120.198.170	200 OK	2.9 kB
URL HTTP/2 www.mycasualcompanion.com/landers/images/loader/loading.gif IP 34.120.198.170:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 128 x 15\012- data Size 2.9 kB (2892 bytes) Hash 62b08454087f1ef8b27bd2bcda330537 cac1914632f4c859f6176a84078f1017bad069f8 06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6 HTTP Headers `GET /landers/images/loader/loading.gif HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK date: Fri, 31 Mar 2023 08:27:19 GMT server: nginx/1.14.2 content-type: image/gif content-length: 2892 last-modified: Fri, 31 Mar 2023 06:03:11 GMT etag: "6426779f-b4c" x-cacheable: YES cache-control: max-age=300 xkey: lander x-varnish: 123939482 122324342 age: 0 x-cache: HIT accept-ranges: bytes alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 02ddc021542aadb090aa31099f7b9267 cb2091bff4ad6c225faa4c0c02182217bcdc502c dcca0f6c051c27f611b9e51981fb34bd0c82a317c2e3ae3412ec6de80c596d24 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:44 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Alert, Expires, Pragma, Content-Length, ETag, Backoff, Cache-Control, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 31 Mar 2023 22:17:26 GMT age: 3378 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: deuds+IM+u/UpBxcQGk0WQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 9b1LWb0nMXfe9rvCSqLOEeqQBCE= Date: Fri, 31 Mar 2023 23:13:44 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ff36ec2657d8ee3b0f78d0a8b2bc9c96 7ce770b27771a2417292364a24af2d65bb9085a5 7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ff36ec2657d8ee3b0f78d0a8b2bc9c96 7ce770b27771a2417292364a24af2d65bb9085a5 7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js	142.250.74.35	200 OK	166 kB
URL HTTP/2 www.gstatic.com/recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js IP 142.250.74.35:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (582) Size 166 kB (166464 bytes) Hash b81d6636c3ad72c63e532e5180eaf7f9 ddcd059999fff6218e98af62dbe3fa9c885a0de8 2fb4351c49b47b7cdaa9516237a8b1e690e4448339d09d70a84c658729e461ef HTTP Headers `GET /recaptcha/releases/NZrMWHVy58-S9gVvad9HVGxk/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 166464 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 28 Mar 2023 08:50:01 GMT expires: Wed, 27 Mar 2024 08:50:01 GMT cache-control: public, max-age=31536000 last-modified: Tue, 28 Mar 2023 00:02:54 GMT content-type: text/javascript vary: Accept-Encoding age: 311024 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ff36ec2657d8ee3b0f78d0a8b2bc9c96 7ce770b27771a2417292364a24af2d65bb9085a5 7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/s/gts1d4/iYUJigtTCKU	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/iYUJigtTCKU IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash cfaf830ec1a54e10b9e8950895a8ea05 de6e8485315195dc4af06e6c9486e01402e9e6d8 856398b7305e01eeeb27e992a475cb7bee58cc72c8c2b727033867465b53a3a4 HTTP Headers `POST /s/gts1d4/iYUJigtTCKU HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:45 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	landers.cdnware.io/media-registry.js	35.227.234.99	200 OK	116 kB
URL HTTP/2 landers.cdnware.io/media-registry.js IP 35.227.234.99:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65536), with no line terminators Size 116 kB (115474 bytes) Hash f18a850385bd73f4c199d85c29966120 f41bf304c03ce1c39a17e0a8953e25489f14350f 4e38deb8f29b4c2915d19c67f7223b1a04d250e1f048cf835aa5bd60e6b28276 HTTP Headers `GET /media-registry.js HTTP/1.1 Host: landers.cdnware.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-guploader-uploadid: ADPycdtkHjQFKfxGiGLNU5XZV7O9xRKQqWyTeM-fiO_NlCgzh_9ZB5Xd4kMsW6iMUKGOOXUH8YZFecLn9gVYq41OHE-oEmV0ywo3 x-goog-generation: 1680242705503081 x-goog-metageneration: 1 x-goog-stored-content-encoding: identity x-goog-stored-content-length: 115474 x-goog-hash: crc32c=MLOXfQ==, md5=8YqFA4W9c/TBmdhcKZZhIA== x-goog-storage-class: STANDARD accept-ranges: bytes content-length: 115474 access-control-allow-origin: * server: UploadServer date: Fri, 31 Mar 2023 22:57:46 GMT expires: Fri, 31 Mar 2023 23:57:46 GMT cache-control: public, max-age=3600 age: 959 last-modified: Fri, 31 Mar 2023 06:05:05 GMT etag: "f18a850385bd73f4c199d85c29966120" content-type: application/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5b6731341a66be32757ea461f5bd605a f9a017cd1195d1eafb3839a899baf75f2e71958f 4bda8352f303d3fb71b8c4b2ecc9fbe75dcfc91dd2232260afb1e37ebbf139fb HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google-analytics.com/analytics.js	142.250.74.110	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.110:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1490) Size 20 kB (20085 bytes) Hash ca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Fri, 31 Mar 2023 22:05:12 GMT expires: Sat, 01 Apr 2023 00:05:12 GMT cache-control: public, max-age=7200 age: 4113 last-modified: Tue, 10 Jan 2023 21:29:14 GMT content-type: text/javascript vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	216.58.207.227	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 28 Mar 2023 10:31:35 GMT expires: Wed, 27 Mar 2024 10:31:35 GMT cache-control: public, max-age=31536000 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 age: 304930 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	216.58.207.227	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Size 16 kB (15552 bytes) Hash 285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15552 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 28 Mar 2023 10:31:03 GMT expires: Wed, 27 Mar 2024 10:31:03 GMT cache-control: public, max-age=31536000 last-modified: Mon, 16 Oct 2017 17:33:02 GMT content-type: font/woff2 age: 304962 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 5b6731341a66be32757ea461f5bd605a f9a017cd1195d1eafb3839a899baf75f2e71958f 4bda8352f303d3fb71b8c4b2ecc9fbe75dcfc91dd2232260afb1e37ebbf139fb HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	timeforagreement.com/cc.js?wId=7HSq7MbDf2oe68yetdbVsT&domain=mycasualcompanion.com&languageCode=en&languageTerritory=US&sessionId=444b770276c0494c871be4d6d7aee4d9	35.239.13.45	200 OK	14 kB
URL HTTP/2 timeforagreement.com/cc.js?wId=7HSq7MbDf2oe68yetdbVsT&domain=mycasualcompanion.com&languageCode=en&languageTerritory=US&sessionId=444b770276c0494c871be4d6d7aee4d9 IP 35.239.13.45:0 ASN #15169 GOOGLE File type ASCII text Size 14 kB (14067 bytes) Hash e0e8d6039c891917e2b77d1907e035ba 4428bce88088a34a210e7b0f5d77b95cfcabcd4b b3d27ed0bfd467544d8f849211c3a99091091877bb1d481cd49c1e592fb298d7 HTTP Headers `GET /cc.js?wId=7HSq7MbDf2oe68yetdbVsT&domain=mycasualcompanion.com&languageCode=en&languageTerritory=US&sessionId=444b770276c0494c871be4d6d7aee4d9 HTTP/1.1 Host: timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:45 GMT content-type: application/javascript content-length: 14067 vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4eec701fec69b73ab6ff1af2c178806f 5de0d4c444297364831a311b4c13954aa31976b0 fda1ec0d2c39aafdb994d336b4d8b5d819fcd064a64b43649598609dac04f512 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4eec701fec69b73ab6ff1af2c178806f 5de0d4c444297364831a311b4c13954aa31976b0 fda1ec0d2c39aafdb994d336b4d8b5d819fcd064a64b43649598609dac04f512 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=1650684668.1680304425&jid=323536792&gjid=1976999514&_gid=1685391174.1680304425&_u=KEBAAEAAEAAAACAAI~&z=104215693	64.233.161.155	200 OK	1 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=1650684668.1680304425&jid=323536792&gjid=1976999514&_gid=1685391174.1680304425&_u=KEBAAEAAEAAAACAAI~&z=104215693 IP 64.233.161.155:0 ASN #15169 GOOGLE File type very short file (no magic) Size 1 B (1 bytes) Hash c4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=1650684668.1680304425&jid=323536792&gjid=1976999514&_gid=1685391174.1680304425&_u=KEBAAEAAEAAAACAAI~&z=104215693 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Content-Type: text/plain Content-Length: 0 Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: https://www.mycasualcompanion.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Fri, 31 Mar 2023 23:13:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=1650684668.1680304425&jid=1862124217&gjid=1623479885&_gid=1685391174.1680304425&_u=KEDAAEABEAAAACAAI~&z=1327306873	64.233.161.155	200 OK	4 B
URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=1650684668.1680304425&jid=1862124217&gjid=1623479885&_gid=1685391174.1680304425&_u=KEDAAEABEAAAACAAI~&z=1327306873 IP 64.233.161.155:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 4 B (4 bytes) Hash 48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a HTTP Headers POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=1650684668.1680304425&jid=1862124217&gjid=1623479885&_gid=1685391174.1680304425&_u=KEDAAEABEAAAACAAI~&z=1327306873 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Content-Type: text/plain Content-Length: 0 Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK access-control-allow-origin: https://www.mycasualcompanion.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Fri, 31 Mar 2023 23:13:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	timeforagreement.com/cc.css	35.239.13.45	200 OK	3.8 kB
URL HTTP/2 timeforagreement.com/cc.css IP 35.239.13.45:0 ASN #15169 GOOGLE File type assembler source, ASCII text Size 3.8 kB (3808 bytes) Hash f29ad189672ec20802186453e01232fe 3201f28da204751fcf48d846f3f17d9ca18cc76e fa20fb6bf24adb436476e8c1e589a365fff9d269460f181c3d51681103b97b51 HTTP Headers `GET /cc.css HTTP/1.1 Host: timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:46 GMT content-type: text/css content-length: 3808 last-modified: Thu, 09 May 2019 11:16:28 GMT etag: "5ea8-5887294d47067-gzip" accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4eec701fec69b73ab6ff1af2c178806f 5de0d4c444297364831a311b4c13954aa31976b0 fda1ec0d2c39aafdb994d336b4d8b5d819fcd064a64b43649598609dac04f512 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 3c805a5c8d88d63e317a631e82533b14 c9c70d6d8c42c5690e57e1d3b0b6331a8b1ec1a7 4957e91e8473ee4aaf83db07185ba4a0eab8f9b5687d566e65cb5f4028071183 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=1650684668.1680304425&jid=1862124217&_u=KEDAAEABEAAAACAAI~&z=1179727326	142.250.74.131	200 OK	42 B
URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=1650684668.1680304425&jid=1862124217&_u=KEDAAEABEAAAACAAI~&z=1179727326 IP 142.250.74.131:0 ASN #15169 GOOGLE File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=1650684668.1680304425&jid=1862124217&_u=KEDAAEABEAAAACAAI~&z=1179727326 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Fri, 31 Mar 2023 23:13:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-type: image/gif x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 3c805a5c8d88d63e317a631e82533b14 c9c70d6d8c42c5690e57e1d3b0b6331a8b1ec1a7 4957e91e8473ee4aaf83db07185ba4a0eab8f9b5687d566e65cb5f4028071183 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 31 Mar 2023 23:13:46 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8ff1d01e68831d80a4f75d7db3970972 1a9e1f3fa7389cccb0e91cff2616767e1616113e fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24" Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15904 Expires: Sat, 01 Apr 2023 03:38:50 GMT Date: Fri, 31 Mar 2023 23:13:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8ff1d01e68831d80a4f75d7db3970972 1a9e1f3fa7389cccb0e91cff2616767e1616113e fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24" Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15904 Expires: Sat, 01 Apr 2023 03:38:50 GMT Date: Fri, 31 Mar 2023 23:13:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8ff1d01e68831d80a4f75d7db3970972 1a9e1f3fa7389cccb0e91cff2616767e1616113e fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24" Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15904 Expires: Sat, 01 Apr 2023 03:38:50 GMT Date: Fri, 31 Mar 2023 23:13:46 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 8ff1d01e68831d80a4f75d7db3970972 1a9e1f3fa7389cccb0e91cff2616767e1616113e fd74cb98e8809df139d3f187b78b0513a394231cb2660663ee250bc11b8e3e24 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FD74CB98E8809DF139D3F187B78B0513A394231CB2660663EE250BC11B8E3E24" Last-Modified: Fri, 31 Mar 2023 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15904 Expires: Sat, 01 Apr 2023 03:38:50 GMT Date: Fri, 31 Mar 2023 23:13:46 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10f21ee-de68-4185-8874-9d35c509a4c5.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10f21ee-de68-4185-8874-9d35c509a4c5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10268 bytes) Hash 87a835db131d4290e217756a50efd68d 5e939a14153904d3689c0ff5a63937dd51995f96 645a510200b974481c1c509e1af2e28aac569be0a313bdcd87d516e2c2c7c4a5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb10f21ee-de68-4185-8874-9d35c509a4c5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10268 x-amzn-requestid: fc04a027-6d97-4cee-a8f9-99c81a481d61 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CiBnMEWooAMFvJg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6423e2fa-199cff0f3050c49c54e338ef;Sampled=0 x-amzn-remapped-date: Wed, 29 Mar 2023 07:04:26 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: xAqpS-Psaqh7tfPTW0wvLAhoxfXPPTwddz-rfbTK8aUCy19jzZ7uRA== via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 08:15:53 GMT age: 53873 etag: "5e939a14153904d3689c0ff5a63937dd51995f96" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg	34.120.237.76	200 OK	3.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 3.8 kB (3800 bytes) Hash ddcef2c96778d9fdee670e187a43ab32 e8c98891a1ffdbb6d30cf8746e067d56fe65d964 4e6fb506079b1daab0b1913a31c6252452f133af9276e18d25fe6fb622ce54ec HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fb8174c-0fbe-4857-bc0b-3e50751be490.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 3800 x-amzn-requestid: a182fb32-649a-4228-a591-080aae8c053a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cqm9VEY2oAMFf5g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642751ee-3a1abb584aa61a954dbd52c1;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:38 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: ycsh7rNJt9blXZVpFbbdBDu5pZbGDfGIPLt5k0Ff9-fvWTX86Ndz6A== via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 6a6653dfb47ccc5082f2a5b9d0d168ce.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 21:45:01 GMT age: 5325 etag: "e8c98891a1ffdbb6d30cf8746e067d56fe65d964" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg	34.120.237.76	200 OK	5.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.8 kB (5830 bytes) Hash deb930830ac86ec8ace6a232f67810ba d084bf4331446c35236019010b2bcf82d45dad1c bb81782bf590d601110ec8fb891f701e0f5084bda46370d30345bd81403a33ab HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95196399-f417-4284-9902-cf35b1e83360.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5830 x-amzn-requestid: 0897bf26-6156-48d3-ba67-596cc326dddc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CqnHHG0JoAMF87w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6427522d-6f380d901d9d6b737ec19d6d;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Fri, 31 Mar 2023 21:35:41 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: UfN2iRmDUhddBZW6qGy3q2-HCqb6Kx3iDENnirUkIoCJ6BW6zdWVtw== via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 22:44:32 GMT etag: "d084bf4331446c35236019010b2bcf82d45dad1c" content-type: image/jpeg age: 1754 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1e5dbb1-cba2-4500-9086-8f86460069ae.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1e5dbb1-cba2-4500-9086-8f86460069ae.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (5035 bytes) Hash cfbc0c97bcd9123d224a861041b4bf8b 3703d612c4cd2eba9bf0d1ff51f18b82b0b56f2e f20466a2a79c2ca459f0bc81ba3172b4ec299afd9238740f63974230e8d6bba3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1e5dbb1-cba2-4500-9086-8f86460069ae.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5035 x-amzn-requestid: 51fdff0b-5db9-4cc2-a09d-83ef5c9ce4dc x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cqm8FHMqoAMFRmg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642751e6-3ebcdf7878b4481f599fac7f;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:30 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: -Z8Nlb1yG4JUPwIzL-d_S113F8l6J9qvNpkF842e6KKuO24RQVyRYw== via: 1.1 fb2e3e161147dc940086f9545b8e0e4a.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 22:02:03 GMT age: 4303 etag: "3703d612c4cd2eba9bf0d1ff51f18b82b0b56f2e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb363700c-b5a7-46e8-9bcf-2e3030088b9f.jpeg	34.120.237.76	200 OK	9.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb363700c-b5a7-46e8-9bcf-2e3030088b9f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.8 kB (9845 bytes) Hash 44245685a18b4851aa4ec222ad8b8012 7c7a0bd6f7f8b33e1b6f17ff9d03cbfd62411fa3 80331505a2b776e26443bbf6e65b30c2c4cd56a29279a80a4bb27aa232a42a27 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb363700c-b5a7-46e8-9bcf-2e3030088b9f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9845 x-amzn-requestid: e8a2d894-3663-4895-b710-c277a0f029d9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cqm8FFG3IAMF1Wg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-642751e6-7096042c78cd0e9925df81d1;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Fri, 31 Mar 2023 21:34:30 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: Ifbckq238lByDcUdMqHYalI0UMft6tUmRPY-dd51-vPJViV1UxjWyg== via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 22:00:00 GMT age: 4426 etag: "7c7a0bd6f7f8b33e1b6f17ff9d03cbfd62411fa3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	api.timeforagreement.com/consent/collector	35.239.13.45	200 OK	0 B
URL HTTP/2 api.timeforagreement.com/consent/collector IP 35.239.13.45:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `OPTIONS /consent/collector HTTP/1.1 Host: api.timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.mycasualcompanion.com/ Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:46 GMT content-type: application/vnd.api+json content-length: 0 access-control-allow-origin: https://www.mycasualcompanion.com access-control-allow-credentials: true access-control-allow-methods: POST access-control-allow-headers: content-type strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif	34.120.237.76	400 Bad Request	3 B
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif IP 34.120.237.76:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 3 B (3 bytes) Hash fcc3d7489d15ef49dbbf735234234cf7 654e0aaee80e38636c503629d32225db31a616de 52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 400 Bad Request server: nginx date: Fri, 31 Mar 2023 23:13:46 GMT content-type: application/json content-length: 3 x-amzn-requestid: 2393f397-66cc-4677-82a4-a77d862e686a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cq1C1GbRoAMFrBg= cache-control: max-age=120,public x-content-type-options: nosniff x-amzn-trace-id: Root=1-64276878-728d1338215ff8716c306aca;Sampled=0;lineage=69363f46:0 x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Error from cloudfront x-amz-cf-id: DVDcrn3r6-_1tEC2YjzOQnz0vxCw3MTTS6d7bVde8RiE5L3uxWYZHg== age: 69 via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif&resize=w450	34.120.237.76	200 OK	1 B
URL HTTP/2 img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif&resize=w450 IP 34.120.237.76:0 ASN #15169 GOOGLE File type very short file (no magic) Size 1 B (1 bytes) Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 HTTP Headers `GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3267a3-5b54-4897-9b87-b135a35c1c32.avif&resize=w450 HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK server: nginx content-length: 1 x-amzn-requestid: 9636786b-5a24-4442-b559-88e291781fbd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cqv3SHwEoAMFTZQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6427602e-6980169766e692781e54bdb4;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: L_Pp6Dldw3RRnt4aek93a-jbfPDTaT0I6VQEIB0ZcNeunLXSTKyxMQ== via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 22:59:02 GMT etag: content-type: application/x-empty; charset=binary age: 884 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	api.timeforagreement.com/consent/collector	35.239.13.45	200 OK	4.4 kB
URL HTTP/2 api.timeforagreement.com/consent/collector IP 35.239.13.45:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (4362), with no line terminators Size 4.4 kB (4362 bytes) Hash 122d10bfb67db6b30c7da0f6b423a6e8 8b3cb0b2e2dbf9c944d7f52faf176873834bfd39 11611df4f1aa89756118e786ef64f8c851f78f142c7d89fa74d329d2ae16c205 HTTP Headers `POST /consent/collector HTTP/1.1 Host: api.timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Content-Type: application/json Content-Length: 169 Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:46 GMT content-type: application/vnd.api+json content-length: 4362 access-control-allow-origin: https://www.mycasualcompanion.com access-control-allow-credentials: true strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	api.timeforagreement.com/consent/loadSegment	35.239.13.45	200 OK	0 B
URL HTTP/2 api.timeforagreement.com/consent/loadSegment IP 35.239.13.45:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /consent/loadSegment HTTP/1.1 Host: api.timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.mycasualcompanion.com/ Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:46 GMT content-type: application/vnd.api+json content-length: 0 access-control-allow-origin: https://www.mycasualcompanion.com access-control-allow-credentials: true access-control-allow-methods: POST access-control-allow-headers: content-type strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	api.timeforagreement.com/consent/loadSegment	35.239.13.45	200 OK	394 B
URL HTTP/2 api.timeforagreement.com/consent/loadSegment IP 35.239.13.45:0 ASN #15169 GOOGLE File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (392), with no line terminators Size 394 B (394 bytes) Hash b0495849c36ac14fff80a0faac6bb2d6 21534d216b908609bc6d140c837bbd0c7350350c dc046c30aa670d6d8d1520279ca074b1af880b9a64234f1c224fdba3d0bc8971 HTTP Headers `POST /consent/loadSegment HTTP/1.1 Host: api.timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Content-Type: application/json Content-Length: 224 Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:47 GMT content-type: application/vnd.api+json content-length: 394 access-control-allow-origin: https://www.mycasualcompanion.com access-control-allow-credentials: true strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	api.timeforagreement.com/consent/loadSegment	35.239.13.45	200 OK	4.6 kB
URL HTTP/2 api.timeforagreement.com/consent/loadSegment IP 35.239.13.45:0 ASN #15169 GOOGLE File type JSON data\012- HTML document, ASCII text, with very long lines (4613), with no line terminators Size 4.6 kB (4613 bytes) Hash 621da8ff8586846ca4f104ca30438d1e 5bf4aa1ec578b3c53629e21f89275a74aef1240c c3c5625faba3f5576be0aefc44711e02dd9074abcc354303a41a3f6aaa3a9eaf HTTP Headers `POST /consent/loadSegment HTTP/1.1 Host: api.timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Content-Type: application/json Content-Length: 225 Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:47 GMT content-type: application/vnd.api+json content-length: 4613 access-control-allow-origin: https://www.mycasualcompanion.com access-control-allow-credentials: true strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	api.timeforagreement.com/consent/confirmExplicit	35.239.13.45	200 OK	0 B
URL HTTP/2 api.timeforagreement.com/consent/confirmExplicit IP 35.239.13.45:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers OPTIONS /consent/confirmExplicit HTTP/1.1 Host: api.timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Access-Control-Request-Method: POST Access-Control-Request-Headers: content-type Referer: https://www.mycasualcompanion.com/ Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:47 GMT content-type: application/vnd.api+json content-length: 0 access-control-allow-origin: https://www.mycasualcompanion.com access-control-allow-credentials: true access-control-allow-methods: POST access-control-allow-headers: content-type strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	api.timeforagreement.com/consent/confirmExplicit	35.239.13.45	200 OK	0 B
URL HTTP/2 api.timeforagreement.com/consent/confirmExplicit IP 35.239.13.45:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /consent/confirmExplicit HTTP/1.1 Host: api.timeforagreement.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Content-Type: application/json Content-Length: 561 Origin: https://www.mycasualcompanion.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK server: nginx/1.10.3 (Ubuntu) date: Fri, 31 Mar 2023 23:13:47 GMT content-type: application/vnd.api+json content-length: 0 access-control-allow-origin: https://www.mycasualcompanion.com access-control-allow-credentials: true strict-transport-security: max-age=63072000; x-content-type-options: nosniff X-Firefox-Spdy: h2`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d10d044-e7de-4065-bd3e-ced16ef7d028.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d10d044-e7de-4065-bd3e-ced16ef7d028.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7477 bytes) Hash 011eb872ec6df694a1d13849a17d9c11 6392fe7356a93a974194b2a0c80e6e1b52e6da62 ff4cb55e486a3e91d874b0a84e6da2c71ffd549ad5251137503a24e5ff6eeb4a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d10d044-e7de-4065-bd3e-ced16ef7d028.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 7477 x-amzn-requestid: 27593d9f-b255-4c64-b602-d7fcc54ee019 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ClVCqE-SoAMFjwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64253543-731d8cba4ae06f470383669c;Sampled=0;lineage=69363f46:0 x-amzn-remapped-date: Thu, 30 Mar 2023 07:07:47 GMT x-amz-cf-pop: SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: WSkRncbzC6qgJ2JpjabOoRY_vZXmsvgZEMiOFy_7k5q_H1ZOxILHAw== via: 1.1 626ad4a6bf529166d2aad94a2957694c.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google date: Fri, 31 Mar 2023 14:43:23 GMT age: 30630 etag: "6392fe7356a93a974194b2a0c80e6e1b52e6da62" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	www.mycasualcompanion.com/landers/css/fontawesome-all.min.css	34.120.198.170	200 OK	0 B
URL HTTP/2 www.mycasualcompanion.com/landers/css/fontawesome-all.min.css IP 34.120.198.170:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /landers/css/fontawesome-all.min.css HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Fri, 31 Mar 2023 08:27:19 GMT server: nginx/1.14.2 content-type: text/css last-modified: Fri, 31 Mar 2023 06:03:09 GMT etag: W/"6426779d-c970" content-encoding: gzip x-cacheable: YES cache-control: max-age=300 xkey: lander vary: Accept-Encoding x-varnish: 124031073 121074228 age: 0 x-cache: HIT accept-ranges: bytes alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google X-Firefox-Spdy: h2

	www.mycasualcompanion.com/landers/css/landing110.css	34.120.198.170	200 OK	0 B
URL HTTP/2 www.mycasualcompanion.com/landers/css/landing110.css IP 34.120.198.170:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /landers/css/landing110.css HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Fri, 31 Mar 2023 08:29:31 GMT server: nginx/1.14.2 content-type: text/css;charset=UTF-8 x-powered-by: PHP/7.2.34 x-host: mycasualcompanion.com content-encoding: gzip x-cacheable: YES cache-control: max-age=300 xkey: lander vary: Accept-Encoding x-varnish: 123455658 121855945 age: 0 x-cache: HIT accept-ranges: bytes alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google X-Firefox-Spdy: h2

	www.mycasualcompanion.com/landers/css/theme/pornhub.css	34.120.198.170	200 OK	0 B
URL HTTP/2 www.mycasualcompanion.com/landers/css/theme/pornhub.css IP 34.120.198.170:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /landers/css/theme/pornhub.css HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Fri, 31 Mar 2023 08:27:47 GMT server: nginx/1.14.2 content-type: text/css;charset=UTF-8 x-powered-by: PHP/7.2.34 x-host: mycasualcompanion.com content-encoding: gzip x-cacheable: YES cache-control: max-age=300 xkey: lander vary: Accept-Encoding x-varnish: 123368380 122164058 age: 0 x-cache: HIT accept-ranges: bytes alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google X-Firefox-Spdy: h2

	www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756	34.120.198.170	200 OK	0 B
URL HTTP/2 www.mycasualcompanion.com/landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 IP 34.120.198.170:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers GET /landing110?pi=102273&pt1=345171760&pe=75077_55609_96&bo=2753%2c2754%2c2755%2c2756 HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Fri, 31 Mar 2023 08:29:31 GMT server: nginx/1.14.2 content-type: text/html;charset=UTF-8 x-powered-by: PHP/7.2.34 x-host: mycasualcompanion.com content-encoding: gzip x-cacheable: YES cache-control: max-age=300 xkey: lander vary: Accept-Encoding x-varnish: 123455656 121939755 age: 0 x-cache: HIT accept-ranges: bytes alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google X-Firefox-Spdy: h2

	www.mycasualcompanion.com/landers/css/vegas.min.css	34.120.198.170	200 OK	0 B
URL HTTP/2 www.mycasualcompanion.com/landers/css/vegas.min.css IP 34.120.198.170:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash HTTP Headers `GET /landers/css/vegas.min.css HTTP/1.1 Host: www.mycasualcompanion.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.mycasualcompanion.com/ Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Fri, 31 Mar 2023 08:27:48 GMT server: nginx/1.14.2 content-type: text/css last-modified: Fri, 31 Mar 2023 06:03:09 GMT etag: W/"6426779d-2e20" content-encoding: gzip x-cacheable: YES cache-control: max-age=300 xkey: lander vary: Accept-Encoding x-varnish: 123712204 122127556 age: 0 x-cache: HIT accept-ranges: bytes alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL