tiny.cc/zzztsz
157.245.113.153301 Moved Permanently 169 B IP 157.245.113.153:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 130d1009f10d4fb1cede97de52442d1f
20a7a05cc7df967bae4e1b71f5e8f299eb556003
c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4
GET /zzztsz HTTP/1.1
Host: tiny.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.22.1
Date: Sun, 29 Jan 2023 09:29:34 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://tiny.cc/zzztsz
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4994
Expires: Sun, 29 Jan 2023 10:52:48 GMT
Date: Sun, 29 Jan 2023 09:29:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6136
Expires: Sun, 29 Jan 2023 11:11:50 GMT
Date: Sun, 29 Jan 2023 09:29:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 08:43:08 GMT
content-type: application/json
age: 2786
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4243
Expires: Sun, 29 Jan 2023 10:40:17 GMT
Date: Sun, 29 Jan 2023 09:29:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Xg1BzVTNGzx0Ew2XwXaDCf9U36s000qLg9TZoSqhoP9CqiNd6jSaBvAudRfpciYdF1vvZ0WpGgk=
x-amz-request-id: RC1BYWZHGM6NTQ87
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 09:21:20 GMT
age: 494
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 09:29:34 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04fdbcbdaa3604422454dbbe2bb98fdd
3f1bfb6359c8820c5808c152b733899aa14451d0
e3b3d80553123c43477ff63f6e468b96148e7dcad4902c6c102235f3a7fa192b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3B3D80553123C43477FF63F6E468B96148E7DCAD4902C6C102235F3A7FA192B"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1677
Expires: Sun, 29 Jan 2023 09:57:31 GMT
Date: Sun, 29 Jan 2023 09:29:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 08:41:41 GMT
age: 2874
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18897
Expires: Sun, 29 Jan 2023 14:44:32 GMT
Date: Sun, 29 Jan 2023 09:29:35 GMT
Connection: keep-alive
push.services.mozilla.com/
34.208.13.28101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.13.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q8WRaO8VH2D/Zkxg8819DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yRV0adyeLrLXLOpJFwTTxKxBU8w=
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/drt/so?r=7198016984506610114
142.250.74.162200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/drt/so?r=7198016984506610114
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/so?r=7198016984506610114 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 09:29:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: _drt_=; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
DSID=; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 29 Jan 2023 09:29:36 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/aclk?sa=L&ai=CtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU&num=0&sig=AOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA&client=ca-pub-0466582109566532&adurl=http://www.max64.com/abd0000095
142.250.74.162302 Found 0 B URL HTTP/1.1 googleads.g.doubleclick.net/aclk?sa=L&ai=CtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU&num=0&sig=AOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA&client=ca-pub-0466582109566532&adurl=http://www.max64.com/abd0000095
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aclk?sa=L&ai=CtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU&num=0&sig=AOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA&client=ca-pub-0466582109566532&adurl=http://www.max64.com/abd0000095 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Date: Sun, 29 Jan 2023 09:29:36 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
Location: http://www.max64.com/abd0000095
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: adclick_server
Content-Length: 0
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.max64.com/abd0000095
92.205.15.154301 Moved Permanently 259 B IP 92.205.15.154:0
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3fbc1454891c879cff96402f38f04f46
bcdae4eabce02248bca8f0abc3a1e669ef9e78ea
a11f1d966daa0c5023e0b75b44613258ac391d093924316fccadd69c3d2bd9a3
GET /abd0000095 HTTP/1.1
Host: www.max64.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 09:29:36 GMT
Server: Apache
Location: https://heatedaffairs.com/go/p142055.subfreeaccess2
Content-Length: 259
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11247
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 09:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11247
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 09:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11247
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 09:29:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11247
Expires: Sun, 29 Jan 2023 12:37:03 GMT
Date: Sun, 29 Jan 2023 09:29:36 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d19ea264e32a923808112293d74b97c7
19a01a961cca989ee07ff53e50d6f2e65d73729a
16792f5d3ff24bda8f7ac4b6b522c736c4e070b5aa9fd109fa868906064278c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5021
x-amzn-requestid: 040ca906-0e98-4919-a238-06ad180d6260
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcj5zESeoAMFqUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4e6a4-7f81446e78d233f16fc9b73f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 09:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XeoloS-lP9UvWYMvblLHSIJdYMAU3yDj5AmJsYwxHtH3l2UjMkkung==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:36 GMT
age: 42180
etag: "19a01a961cca989ee07ff53e50d6f2e65d73729a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 45800
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:56:46 GMT
age: 41570
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:55:48 GMT
age: 66828
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6021d6a06bff2826eb341747e82484f7
a817ff1ba206234627706551820d0d9856b398de
f0ba6de8709fdb73e94dbdace635232c76b9d70dad73badaca0542d9ad49604d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11624
x-amzn-requestid: be28746a-a238-4718-a307-3a15dde1ed3d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVqzvF57oAMFUdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d224e4-5d9eb5ec3f2041c71d7c6fce;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 06:59:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HDcUb2ol2cYtxbpXtbXXM4aKulevAnfl7r65-Fy2NvA8gND3TRjepw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:43:30 GMT
age: 9966
etag: "a817ff1ba206234627706551820d0d9856b398de"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRbH4HtPIAMFUGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 06:49:29 GMT
age: 9607
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c499b53c89b851144645b3de6b3dc33e
1636b13ad4239910ab55f477024cdf021477d7c3
f7282ec1f3c8129d2b8267ab4f6764c5ddf604b3983b01c00290cd00a9f5a3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7282EC1F3C8129D2B8267AB4F6764C5DDF604B3983B01C00290CD00A9F5A3D1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4464
Expires: Sun, 29 Jan 2023 10:44:00 GMT
Date: Sun, 29 Jan 2023 09:29:36 GMT
Connection: keep-alive
heatedaffairs.com/go/p142055.subfreeaccess2
69.165.107.69302 Found 261 B URL HTTP/1.1 heatedaffairs.com/go/p142055.subfreeaccess2
IP 69.165.107.69:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2a54c0951a56a9435f948456edc70c1a
870ca2b6909dec76d11ffc5da9ae7613e759b19b
9f8941ea232ebbc8c40fe783238b07c137eaa5da1db6f7e89d7df8f116dcc48c
GET /go/p142055.subfreeaccess2 HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 29 Jan 2023 09:29:37 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
X-PERF: 0.115139,0.071244,DB_35_0.0196590,CD_18_0.0033050,PK_2_0.0000690,CE_36_0.0208620
Location: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
Set-Cookie: ALPO=238285048; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
click_id_time=1901497799_2023-01-29 01:29:37; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 261
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
69.165.107.69200 OK 18 kB URL HTTP/1.1 heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
IP 69.165.107.69:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (634)
Hash 1f7057bd1b03e541719640e93830b874
81665cdc2c99aa406ff96a96d468545e9680a1ab
5251b64964fbf611b3b7b9ee2895d87db3800301be5dbced3068663966bfd731
GET /go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:37 GMT
Server: Apache
Set-Cookie: ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; Secure; path=/; domain=heatedaffairs.com; expires=Tue, 28-Jan-2025 09:29:37 GMT; secure
v_hash=_english_31877; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
IP_COUNTRY=Norway; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
HISTORY=20230129-1-Dc; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
throttling={"time":1674984577,"AppD":1,"GTM":0}; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure
X-PERF: 0.107798,0.016675,TS_38_0.0289600,TM_32_0.0214700,CD_31_0.0099790,FS_23_0.0044390,PK_4_0.0033210,CE_40_0.0229540
Strict-Transport-Security: max-age=300; includeSubDomains
X-Frame-Options: SAMEORIGIN
ETag: TESTBED
P3P: CP="DSP LAW"
X-ApacheServer: si205-102.friendfinderinc.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17480
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js
216.58.207.234200 OK 61 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (64560)
Hash 45eb5ca2675d433e4b1bd361b684cdca
3194791975f93e8be941a6dd6f5828a437677b72
09e90ed27d9f5bedc2992c1c2e5ed7ccce4fe7f86a1f39ffd32e2dbfa00b40b9
GET /ajax/libs/jqueryui/1.10.4/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 61441
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:20:43 GMT
expires: Sun, 28 Jan 2024 10:20:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 83334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?hl=en
142.250.74.164200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=en
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash f678bcfbe98b4039961065c12543bfd0
31a000bba532f910d036c24c795ef3636450e4c3
1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d
GET /recaptcha/api.js?hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 29 Jan 2023 09:29:37 GMT
date: Sun, 29 Jan 2023 09:29:37 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heatedaffairs.com/images/ffadult/css/header.css
69.165.107.69200 OK 20 B URL HTTP/1.1 heatedaffairs.com/images/ffadult/css/header.css
IP 69.165.107.69:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /images/ffadult/css/header.css HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:37 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Tue, 10 Nov 2020 02:06:40 GMT
ETag: "fbdc450-0-5b3b7213300af"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-ApacheServer: si211-103.friendfinderinc.com
Content-Length: 20
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
192.229.233.220200 OK 15 kB URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
IP 192.229.233.220:0
File type Web Open Font Format (Version 2), TrueType, length 14932, version 1.0\012- data
Hash 24f7b0944e9e03a905f9d7701573b2cd
c7a9a4c42d3d84f112940645abd416a59eb71c89
f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2
GET /images/production/gfonts/fonts/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heatedaffairs.com
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 295608
cache-control: max-age=2592000
content-type: text/plain; charset=UTF-8
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "126602cf-3a54-58e85c98feac0"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Thu, 25 Jul 2019 18:42:27 GMT
server: ECS (ska/F71C)
x-cache: HIT
x-cache-hits: 0
content-length: 14932
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-select.css
192.229.233.220200 OK 1.5 kB URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-select.css
IP 192.229.233.220:0
Hash 5b45adeeb52d6bb2b10b054dc14754b7
d8fa80e5082c2fe9a0be43a6bfaf2b8447571333
27be77a5fed6474a42c53509c0ccce5a77224a4a5ced3e65fa6ce833344053fb
GET /images/production/fruit_3/v1_1_0/css/bootstrap-select.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 68500
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fce15ef-192f-54c5a8879bb00"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Tue, 04 Apr 2017 17:23:24 GMT
server: ECS (ska/F709)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 0
content-length: 1455
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/custom.min.css
192.229.233.220200 OK 6.7 kB URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/custom.min.css
IP 192.229.233.220:0
File type ASCII text, with very long lines (2180)
Hash 3b00ac5af1402133154e99fa07f40a5c
03d3865e4b5f899c0bd43aba7bc691f86de85bb0
b7d1b60babe4d78417dbb7c82567d88829c3a9dcf8110c9e5dfc8e2427b64e87
GET /images/production/fruit_3/v1_1_0/css/custom.min.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 412772
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fce1600-7fb8-552fa75ba5280"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Wed, 28 Jun 2017 00:42:34 GMT
server: ECS (ska/F706)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 0
content-length: 6732
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/fruit3-svg.css
192.229.233.220200 OK 609 B URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/fruit3-svg.css
IP 192.229.233.220:0
Hash f5cc4ed009653a239f90255451381b15
dd5c8885b9313abb44109e00539fb7548757fb08
527d11a5bec8224fc3977a42b5e1d79efd3fa8f13951451f37b9588253e83c86
GET /images/production/fruit_3/v1_1_0/css/fruit3-svg.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 152280
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "12662bb5-747-58e87aadea380"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Thu, 25 Jul 2019 20:57:02 GMT
server: ECS (ska/F71C)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 1
content-length: 609
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
192.229.233.220200 OK 15 kB URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
IP 192.229.233.220:0
File type Web Open Font Format (Version 2), TrueType, length 14880, version 1.0\012- data
Hash 819af3d3abdc9f135d49b80a91e2ff4c
0fd9f29faa386a9c8de328f799d2698948ed3d25
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
GET /images/production/gfonts/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heatedaffairs.com
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 96728
cache-control: max-age=2592000
content-type: text/plain; charset=UTF-8
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "126602c1-3a20-58e85ce63e100"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Thu, 25 Jul 2019 18:43:48 GMT
server: ECS (ska/F70A)
x-cache: HIT
x-cache-hits: 0
content-length: 14880
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/font-fruit3.css
192.229.233.220200 OK 2.2 kB URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/font-fruit3.css
IP 192.229.233.220:0
Hash 7c7eabf9920bd42b3ed67a7a3354f901
9bedcf4f63e75ce5ae6ca1eca11ff503cd2c5835
8105b26179f98be7e9ba19294930eb13e068d59b75bc2a492cf28b9e104bfdef
GET /images/production/fruit_3/v1_1_0/css/font-fruit3.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 861487
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "12660e1d-2b96-58e98556e04c0"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Fri, 26 Jul 2019 16:50:03 GMT
server: ECS (ska/F714)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 0
content-length: 2193
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/js/fruit3-svg_v2.js
192.229.233.220200 OK 25 kB URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/js/fruit3-svg_v2.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (1981)
Hash 464e9060c657fedeee6bc32430778d0c
d301138f4d17619ba1cda7a549586ef0a9bdd116
8cfb6db5cd5a262f0e2dde51b78f9a67fabcfe4fb179c7c3bb76154c98e325a8
GET /images/production/fruit_3/v1_1_0/js/fruit3-svg_v2.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 237364
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "12661c87-14c57-58f013fe0f540"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Wed, 31 Jul 2019 22:00:13 GMT
server: ECS (ska/F706)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 1
content-length: 25019
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js
192.229.233.220200 OK 33 kB URL HTTP/2 secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (32341), with CRLF line terminators
Hash c63024c7eb52a22c22e68dcfdaf376e6
ab978e2f700e067c19ed486850b12204fd48bc2c
81f745c1100bb010cac7c7808eaec62a3caa6354842157485bf66c2af71c3092
GET /images/common/js/jquery/jquery-1.11.0.min.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 436440
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fbcaa73-1787f-4f7bc073a0d80"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Wed, 23 Apr 2014 21:00:54 GMT
server: ECS (ska/F717)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 12
content-length: 33375
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/jquery/jquery-migrate-1.2.1.min.js
192.229.233.220200 OK 3.1 kB URL HTTP/2 secureimage.securedataimages.com/images/common/js/jquery/jquery-migrate-1.2.1.min.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (7085)
Hash e1084a25976d8b8999acadc7350ffb48
99b723d38b78d8347e8dfa60193b12864a370227
b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13
GET /images/common/js/jquery/jquery-migrate-1.2.1.min.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 413217
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fbcabe3-1c1f-4f94d536e8ef4"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Tue, 13 May 2014 19:46:54 GMT
server: ECS (ska/F718)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 1
content-length: 3063
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/jquery-1.12.4.min.js
192.229.233.220200 OK 34 kB URL HTTP/2 secureimage.securedataimages.com/images/common/js/jquery-1.12.4.min.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (32077)
Hash 90af67e8fd4d5ab0d104b28b82a5f9e3
0172e38010ebd25ebcb3f0a4094be0e20f72ac48
971b268c15450ab1dded5c1e8e7875660b086b2ca6c45a31ddfa82486b1d06d3
GET /images/common/js/jquery-1.12.4.min.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 460612
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fbcabf8-17b8b-570e9f6c0c7af"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Fri, 13 Jul 2018 23:37:33 GMT
server: ECS (ska/F706)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 4
content-length: 33760
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/handlebars-1.0.0.beta.6.js
192.229.233.220200 OK 13 kB URL HTTP/2 secureimage.securedataimages.com/images/common/js/handlebars-1.0.0.beta.6.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (3450)
Hash c76c8ac862e779f45f68a7f8e7dcda86
d965e49550a274f5a0f6a8ad6edf964b3cf61224
1974cc3b77205539b83d9d7a47ec4d100287ef880ec298681f9c301987c516d3
GET /images/common/js/handlebars-1.0.0.beta.6.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 491495
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fbca986-e5d1-4c50ab408d244"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Tue, 17 Jul 2012 18:27:47 GMT
server: ECS (ska/F70B)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 13
content-length: 12997
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/underscore_1.3.3.js
192.229.233.220200 OK 4.4 kB URL HTTP/2 secureimage.securedataimages.com/images/common/js/underscore_1.3.3.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (519)
Hash 97315e90efa8a9360cc1723f0cb72f3f
f674643c54f8eb827a0131fd3dd95ee16f42376d
d4fea116d583df00adc36f731c9b69357435d82a09c17fff1ed87eb2867d970c
GET /images/common/js/underscore_1.3.3.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 504785
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fbcb42a-3216-4c00578058ea5"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Mon, 14 May 2012 21:07:07 GMT
server: ECS (ska/F711)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 25
content-length: 4387
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/backbone_0.9.10.js
192.229.233.220200 OK 6.3 kB URL HTTP/2 secureimage.securedataimages.com/images/common/js/backbone_0.9.10.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (558)
Hash c86f026b361b55f6d55589b29592a2a8
78dd3d09bd62e0b79686f07635d809aed2047856
b0d313935daa86b9a2ce74edeb4bfc91a163f040a26bf789dc6209f04122120f
GET /images/common/js/backbone_0.9.10.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 491493
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fbca476-476e-4d46315d56500"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Tue, 29 Jan 2013 01:12:20 GMT
server: ECS (ska/F714)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 10
content-length: 6299
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/zxcvbn-async.js
192.229.233.220200 OK 305 B URL HTTP/2 secureimage.securedataimages.com/images/common/js/zxcvbn-async.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (454), with no line terminators
Hash e43f705d7647c5f3cf787c513513530d
c085ed6c15cd1a8b8e5207390a3b0688328d17e3
8539a7af228643a4ac230ad54787717001caab9f9fc0f1d6209c428f6263112b
GET /images/common/js/zxcvbn-async.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 491494
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fbcb44a-1c6-4f7df744a2e17"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Fri, 25 Apr 2014 15:16:47 GMT
server: ECS (ska/F70D)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 7
content-length: 305
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/ffadult/partners/31877_1636690331.svg
192.229.233.220200 OK 9.7 kB URL HTTP/2 secureimage.securedataimages.com/images/ffadult/partners/31877_1636690331.svg
IP 192.229.233.220:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e988d54957e56ca8f1c33b1fa2f2a30b
b76eca63c2737a5cb877223b1b50425cd830a536
3ce79e933c5821667aa27f75fa4b40b5341b53f8f792163645cf55651811604f
GET /images/ffadult/partners/31877_1636690331.svg HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 444795
cache-control: max-age=2592000
content-type: image/svg+xml
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "1702b3c3-2609-5d08fac38a640"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Fri, 12 Nov 2021 04:12:51 GMT
server: ECS (ska/F709)
x-cache: HIT
x-cache-hits: 0
content-length: 9737
X-Firefox-Spdy: h2
secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js
192.229.233.220200 OK 27 kB URL HTTP/2 secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 81db2a9c3df8aef926362a89f44e638f
a6cccd97c19b8604d50e32aca34fde8ff7257c59
e5cf1f0d853e3f3b4b5af5fca466a3cf75ca853978de25d2f3ccf777531e70fe
GET /javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 833901
cache-control: max-age=2592000
content-type: text/javascript
date: Sun, 29 Jan 2023 09:29:37 GMT
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Thu, 19 Jan 2023 17:51:16 GMT
server: ECS (ska/F6FE)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 57
x-perf: 0.022330,0.022299,CD_1_0.0000310
content-length: 27239
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1
192.229.233.220200 OK 20 kB URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1
IP 192.229.233.220:0
File type assembler source, ASCII text, with very long lines (540)
Hash d09cbdf3d9e08fd8acdd4d917a9362ed
f95046c53066fba6ddb53b189b63b4eb0acaf1ae
710c60e2582b595658f76f7b067cf74b2526004e63f2aa798952015eea43e659
GET /images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1 HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 2051009
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "126f8b92-21b43-58f25fd6e9d00"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Fri, 02 Aug 2019 17:50:12 GMT
server: ECS (ska/F70F)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 16
content-length: 20200
X-Firefox-Spdy: h2
heatedaffairs.com/images/common/js/english_statedropdown_utf8.js
69.165.107.69200 OK 9.5 kB URL HTTP/1.1 heatedaffairs.com/images/common/js/english_statedropdown_utf8.js
IP 69.165.107.69:0
Hash 70c6f3e0333633df56b01b67cfeb9ca4
17e11ba9a8cd6a80007794bad4b573c6597d4bb0
ca4eef90ed9aa28d0739a0fe12a180e74df1ea1dc1ac6b56fb1fa48393b5b4cf
GET /images/common/js/english_statedropdown_utf8.js HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:37 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 24 Sep 2015 10:05:47 GMT
ETag: "250790e-992a-5207b5ffc74c0"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-ApacheServer: si204-163.friendfinderinc.com
Content-Length: 9533
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/x-javascript
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-custom.css
192.229.233.220200 OK 1.6 kB URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-custom.css
IP 192.229.233.220:0
File type ASCII text, with very long lines (493)
Hash 09176ca717ad9c769a2c944a3e5e9156
1cd78bfd6a2e54440c62a9830c340476aa91689e
e3f84f2bdab2dff346156b62bf641a695329603eaee30aebad4841c3f4443a2b
GET /images/production/fruit_3/v1_1_0/css/bootstrap-custom.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 2051309
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fce15ee-31bb-53169be9f6ec0"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Tue, 26 Apr 2016 21:12:03 GMT
server: ECS (ska/F71D)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 14
content-length: 1638
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/HoldOn.min.css
192.229.233.220200 OK 1.8 kB URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/HoldOn.min.css
IP 192.229.233.220:0
File type ASCII text, with very long lines (13117)
Hash 76632094d8b7871141a92eabffe69225
cd4e04caf51fb38bcb3f1bb6f0b21eaf3d15a364
cd0b1df5ef7f5c45a2070154eaba5d5c46fb0dc0cebdf807f1ba3186d18448fc
GET /images/production/fruit_3/v1_1_0/css/HoldOn.min.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 2053813
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fce15eb-333e-52b83739e0800"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Thu, 11 Feb 2016 19:21:04 GMT
server: ECS (ska/F70D)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 0
content-length: 1806
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/slider.css
192.229.233.220200 OK 973 B URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/slider.css
IP 192.229.233.220:0
Hash bb1fe19a3f1a0e27d95a86e2b2e70234
7734e7c47284b26e82ac54493959cce72e98f456
1b557bfa3cfedd26b23288a414e37ea8bb2c5f7a4daf1a63afeab5b84905695d
GET /images/production/fruit_3/v1_1_0/css/slider.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 2489063
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
etag: "fce1648-10b2-537235cde2a40"
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Fri, 08 Jul 2016 17:45:05 GMT
server: ECS (ska/F711)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 0
content-length: 973
X-Firefox-Spdy: h2
secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/global_facelift-1636690372.css
192.229.233.220200 OK 21 kB URL HTTP/2 secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/global_facelift-1636690372.css
IP 192.229.233.220:0
File type ASCII text, with very long lines (381)
Hash dab33c3089f6dcc802e83c4e761417d2
9776105361e9a2319a8deda822fdbc4bfbe91a08
6c1ac2cf9c4e65e7dbee3eec2f61658ff40f7d4278a1b7361376a82d2c362f0c
GET /css/live_cd/ffadult/english/31877/secure/global_facelift-1636690372.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 1700873
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:37 GMT
expires: Tue, 28 Feb 2023 09:29:37 GMT
last-modified: Mon, 09 Jan 2023 17:01:44 GMT
server: ECS (ska/F70B)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 0
x-perf: 0.041563,0.023399,TM_3_0.0085680,CD_3_0.0003650,DB_16_0.0073760,FS_1_0.0004340,PK_1_0.0000270,CE_18_0.0013940
content-length: 21266
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/production/gfonts/open-sans-italic-v2.css
192.229.233.220200 OK 894 B URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/open-sans-italic-v2.css
IP 192.229.233.220:0
Hash 8fbbad63a80f7d4b51f3c0d56d082abf
1f094dc5d3b9f827b181088e46903ab33b6e5c86
8bb839903cd86a12106502e5980a208e8580e4d04084a991777bc7179aa6d72b
GET /images/production/gfonts/open-sans-italic-v2.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 405381
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:29:38 GMT
etag: "126f8a92-3797-58f02494c5880"
expires: Tue, 28 Feb 2023 09:29:38 GMT
last-modified: Wed, 31 Jul 2019 23:14:26 GMT
server: ECS (ska/F713)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 15
content-length: 894
X-Firefox-Spdy: h2
heatedaffairs.com/css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css
69.165.107.69200 OK 705 B URL HTTP/1.1 heatedaffairs.com/css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css
IP 69.165.107.69:0
Hash 2755b01f14c693d7d0dda656524f6b45
0c5cfc9f62dab0362c12ee742210629807fba720
50f3da9d994f61306d30beef2eaefc8e0c274bc7c8bccaa1cef26bc5d786d273
GET /css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:38 GMT
Server: Apache
X-PERF: 0.000796,0.000769,CD_1_0.0000270
Strict-Transport-Security: max-age=300; includeSubDomains
X-Frame-Options: SAMEORIGIN
Cache-Control: max-age=2592000
Last-Modified: Sun, 29 Jan 2023 09:29:08 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-ApacheServer: si205-102.friendfinderinc.com
Content-Length: 705
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/landing_page_111-1636690372.css
192.229.233.220200 OK 3.8 kB URL HTTP/2 secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/landing_page_111-1636690372.css
IP 192.229.233.220:0
Hash f49e2f42015aee24b958f585ea79757a
42adbe486adaf3b9289c84c3c0ff217111aad4bd
d3c61182ee663ce7c4d9c1c497bedfe4bfff30d4fc87b990842bbb431f7ce0d7
GET /css/live_cd/ffadult/english/31877/secure/landing_page_111-1636690372.css HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 61
cache-control: max-age=2592000
content-type: text/css
date: Sun, 29 Jan 2023 09:28:36 GMT
expires: Tue, 28 Feb 2023 09:29:38 GMT
last-modified: Sun, 29 Jan 2023 09:28:36 GMT
server: ECS (ska/F70A)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 1
x-perf: 0.040370,0.026581,TM_3_0.0022460,CD_3_0.0003280,DB_18_0.0084500,FS_1_0.0008430,PK_1_0.0000270,CE_19_0.0018950
content-length: 3844
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secureimage.securedataimages.com/images/production/gfonts/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2
192.229.233.220200 OK 14 kB URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP 192.229.233.220:0
File type Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data
Hash 33543c5cc5d88f5695dd08c87d280dfd
600db9374e47e4f73a59ccc0a99bcc42f4a3e02a
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
GET /images/production/gfonts/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://heatedaffairs.com
Connection: keep-alive
Referer: https://secureimage.securedataimages.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 328856
cache-control: max-age=2592000
content-type: text/plain; charset=UTF-8
date: Sun, 29 Jan 2023 09:29:38 GMT
etag: "126602ba-382c-58e85c015c500"
expires: Tue, 28 Feb 2023 09:29:38 GMT
last-modified: Thu, 25 Jul 2019 18:39:48 GMT
server: ECS (ska/F710)
x-cache: HIT
x-cache-hits: 0
content-length: 14380
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-P8ZF4WS
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P8ZF4WS
IP 142.250.74.40:0
File type ASCII text, with very long lines (5726)
Hash 4b217b10e1833ed8994dd40a39eb9b5d
29e7d55c08c95179698439334339d5a24b7ab297
81097ad777bbb2c51e25dc090319c22cb1ea9359aa597f64d4e4bb5285ef9c26
GET /gtm.js?id=GTM-P8ZF4WS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 09:29:38 GMT
expires: Sun, 29 Jan 2023 09:29:38 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heatedaffairs.com/images/common/fonts/opensans-regular-webfont.woff2
69.165.107.69200 OK 19 kB URL HTTP/1.1 heatedaffairs.com/images/common/fonts/opensans-regular-webfont.woff2
IP 69.165.107.69:0
File type Web Open Font Format (Version 2), TrueType, length 18752, version 1.6554\012- data
Hash 787788288214310291ec08f0df249ae8
b30bba8b8b58bf3a6de02231cdeebe6f01472665
b5d0983b0bcea1e4ffbe5bcb321a80a2f2ec0ffccd943d69bf4bd5d578782b46
GET /images/common/fonts/opensans-regular-webfont.woff2 HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://heatedaffairs.com/css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:38 GMT
Server: Apache
Strict-Transport-Security: max-age=300; includeSubDomains
X-Frame-Options: SAMEORIGIN
Last-Modified: Thu, 16 Oct 2014 21:01:08 GMT
ETag: "fbc9855-4940-505908c242175"
Accept-Ranges: bytes
Content-Length: 18752
X-ApacheServer: si210-132.friendfinderinc.com
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/plain
heatedaffairs.com/qz/phone/info
69.165.107.69200 OK 646 B URL HTTP/1.1 heatedaffairs.com/qz/phone/info
IP 69.165.107.69:0
File type JSON data\012- , ASCII text, with very long lines (646), with no line terminators
Hash 0b220643eb1d05f373769bfa9d9bcdac
c49f9cccf5be736ff5d545837bc40f1be9e1b953
a154113d304843f9784159cc6d73551b32249851eb69571221423c45275defab
GET /qz/phone/info HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:38 GMT
Server: Apache
Content-Length: 646
Keep-Alive: timeout=5, max=11
Connection: Keep-Alive
Content-Type: application/json
secureimage.securedataimages.com/images/ffadult/favicon_1.ico
192.229.233.220200 OK 1.2 kB URL HTTP/2 secureimage.securedataimages.com/images/ffadult/favicon_1.ico
IP 192.229.233.220:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 882d7e558961083850b80102009a9d1d
147a47e00209e81812e70ddc7bd3141489fc98bb
ac28e29b2ab8aebc74ac3b6d106a024d753994643545a09c02815e65f1ed85a8
GET /images/ffadult/favicon_1.ico HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 168035
cache-control: max-age=2592000
content-type: image/x-icon
date: Sun, 29 Jan 2023 09:29:38 GMT
etag: "fbd6f7e-47e-48cda4d17b0c0"
expires: Tue, 28 Feb 2023 09:29:38 GMT
last-modified: Mon, 02 Aug 2010 17:12:11 GMT
server: ECS (ska/F716)
x-cache: HIT
x-cache-hits: 0
content-length: 1150
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/others/ajax-loader.gif
192.229.233.220200 OK 1.7 kB URL HTTP/2 secureimage.securedataimages.com/images/common/others/ajax-loader.gif
IP 192.229.233.220:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 28f1c0ead0381f5496397520865438ed
e63cbb54f31de3b980bfc5b15e2aefba5ea41985
42d42e4bd6c484ca7e126ba3d22f022abd7e2a83f006c0b2adc1423200f1c1bc
GET /images/common/others/ajax-loader.gif HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 124817
cache-control: max-age=2592000
content-type: image/gif
date: Sun, 29 Jan 2023 09:29:38 GMT
etag: "fbd17c8-6ae-5083ba2fbea8f"
expires: Tue, 28 Feb 2023 09:29:38 GMT
last-modified: Wed, 19 Nov 2014 19:58:34 GMT
server: ECS (ska/F6FD)
x-cache: HIT
x-cache-hits: 4
content-length: 1710
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
216.58.211.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heatedaffairs.com
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 490804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 09:29:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heatedaffairs.com/p/xmlfeed.cgi
69.165.107.69200 OK 76 B URL HTTP/1.1 heatedaffairs.com/p/xmlfeed.cgi
IP 69.165.107.69:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 758432f51d9dac21b5578e7ee3155e0d
5d3454214cd9f8fb21d4785736aff017a1ab348a
123e0ef75e385fd05d5ea68451d0c2949210730a77769ef6112e65d7efd315c7
POST /p/xmlfeed.cgi HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 533
Origin: https://heatedaffairs.com
Connection: keep-alive
Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}; tracking_id=guest_80c836a8-2fab-454d-ba00-691d58341551
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:39 GMT
Server: Apache
X-PERF: 0.011494,0.008895,DB_2_0.0014470,CD_3_0.0007300,PK_1_0.0000470,CE_3_0.0003750
Strict-Transport-Security: max-age=300; includeSubDomains
X-Frame-Options: SAMEORIGIN
P3P: CP="DSP LAW"
X-ApacheServer: si204-163.friendfinderinc.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 76
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/xml
heatedaffairs.com/go/page/city_list.html?dcb=heatedaffairs.com&who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs&ajax=1&no_perf=1&skip_load_popunder=1&use_ajax=1&country=Norway&state=0&rid=3493045749
69.165.107.69200 OK 1.8 kB URL HTTP/1.1 heatedaffairs.com/go/page/city_list.html?dcb=heatedaffairs.com&who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs&ajax=1&no_perf=1&skip_load_popunder=1&use_ajax=1&country=Norway&state=0&rid=3493045749
IP 69.165.107.69:0
Hash 7ead2f2e29dcdce7f03910687e10ed53
80397bdbf117944651f351c6ceaa22a033bf49b0
ad37c90c1dc6f72387b5563125f7a333afd78f94daf38c78420321e155dfd94b
GET /go/page/city_list.html?dcb=heatedaffairs.com&who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs&ajax=1&no_perf=1&skip_load_popunder=1&use_ajax=1&country=Norway&state=0&rid=3493045749 HTTP/1.1
Host: heatedaffairs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1
Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}; tracking_id=guest_80c836a8-2fab-454d-ba00-691d58341551
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 09:29:39 GMT
Server: Apache
Set-Cookie: ffadult_who=r_Hooc2Q.gqsLcwGZpBfvhCrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; Secure; path=/; domain=heatedaffairs.com; expires=Tue, 28-Jan-2025 09:29:39 GMT; secure
v_hash=_english_31877; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure
IP_COUNTRY=Norway; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure
ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure
LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452®ion_name&&country_code&NO®ion&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure
HISTORY=20230129-2-Dc1; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure
X-PERF: 0.033252,0.011173,DB_1_0.0007080,TS_1_0.0119130,TM_3_0.0008900,CD_19_0.0028380,FS_3_0.0008280,PK_2_0.0000640,CE_12_0.0048380
Strict-Transport-Security: max-age=300; includeSubDomains
X-Frame-Options: SAMEORIGIN
ETag: TESTBED
Vary: Accept-Encoding
Content-Encoding: gzip
X-ApacheServer: si204-253.friendfinderinc.com
Content-Length: 1814
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
secureimage.securedataimages.com/images/ffadult/PMKTG-297/lander-step-pg2.jpg
192.229.233.220200 OK 25 kB URL HTTP/2 secureimage.securedataimages.com/images/ffadult/PMKTG-297/lander-step-pg2.jpg
IP 192.229.233.220:0
File type gzip compressed data, max compression\012- data
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /images/ffadult/PMKTG-297/lander-step-pg2.jpg HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 398581
cache-control: max-age=2592000
content-type: image/jpeg
date: Sun, 29 Jan 2023 09:29:38 GMT
etag: "fbd7430-23353-52a75fd12fa8a"
expires: Tue, 28 Feb 2023 09:29:38 GMT
last-modified: Fri, 29 Jan 2016 09:52:08 GMT
server: ECS (ska/F70A)
x-cache: HIT
x-cache-hits: 0
content-length: 144211
X-Firefox-Spdy: h2
secureimage.securedataimages.com/images/common/js/zxcvbn.js
192.229.233.220200 OK 330 kB URL HTTP/2 secureimage.securedataimages.com/images/common/js/zxcvbn.js
IP 192.229.233.220:0
File type ASCII text, with very long lines (52854)
Size 330 kB (329762 bytes)
Hash fd67aa4c76945172d145dd81e33ad1e1
ac9ff40ca134053898acd867ee7717176d302af1
ccbc6be172f90394fef84c517f1015eefc0a8b5ff62f4434a5f7b0449b2c57bc
GET /images/common/js/zxcvbn.js HTTP/1.1
Host: secureimage.securedataimages.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 334315
cache-control: max-age=2592000
content-type: application/x-javascript
date: Sun, 29 Jan 2023 09:29:39 GMT
etag: "fbcb465-aa838-4f59d55116c76"
expires: Tue, 28 Feb 2023 09:29:39 GMT
last-modified: Thu, 27 Mar 2014 21:33:12 GMT
server: ECS (ska/F70E)
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 6
content-length: 329762
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-FLZ8S7HDKL>m=2oe1p0&_p=486298546&cid=732391329.1674984586&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674984585&sct=1&seg=0&dl=https%3A%2F%2Fheatedaffairs.com%2Fgo%2Fpage%2Flanding_page_111%3Fpg%3D2%26pid%3Dp142055.subfreeaccess2%26ip%3Dauto%26no_click%3D1%26alpo_redirect%3D1&dt=Heated%20Affairs%20-%20Married%20Dating%2C%20Cheating%20Dates%20%26%20Discreet%20Encounters&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FLZ8S7HDKL>m=2oe1p0&_p=486298546&cid=732391329.1674984586&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674984585&sct=1&seg=0&dl=https%3A%2F%2Fheatedaffairs.com%2Fgo%2Fpage%2Flanding_page_111%3Fpg%3D2%26pid%3Dp142055.subfreeaccess2%26ip%3Dauto%26no_click%3D1%26alpo_redirect%3D1&dt=Heated%20Affairs%20-%20Married%20Dating%2C%20Cheating%20Dates%20%26%20Discreet%20Encounters&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FLZ8S7HDKL>m=2oe1p0&_p=486298546&cid=732391329.1674984586&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674984585&sct=1&seg=0&dl=https%3A%2F%2Fheatedaffairs.com%2Fgo%2Fpage%2Flanding_page_111%3Fpg%3D2%26pid%3Dp142055.subfreeaccess2%26ip%3Dauto%26no_click%3D1%26alpo_redirect%3D1&dt=Heated%20Affairs%20-%20Married%20Dating%2C%20Cheating%20Dates%20%26%20Discreet%20Encounters&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://heatedaffairs.com
Connection: keep-alive
Referer: https://heatedaffairs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://heatedaffairs.com
date: Sun, 29 Jan 2023 09:29:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.67200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 214896
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.67200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 233336
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
142.250.74.67200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:05:13 GMT
expires: Sat, 27 Jan 2024 10:05:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 170666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47514f1386d4e6962ac2c931647f60f4
c8da685b6a5aee80c98d4173ffe226b672f054c3
474d462b5d4dbd15b7f759457fe1ed084819cea563ef7c1285028dad9a4a404c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7201
x-amzn-requestid: ba830369-3a5f-45bc-9af9-5ad9ee58f43f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRREJqIAMF8Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4926e-6983a44e506dcd4d203c2688;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k8zu8NNW1XfVlVQuIh495I2sE9YzQQXRooJmVFb2Yqav_D5UCehhLw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:53:26 GMT
age: 66533
etag: "c8da685b6a5aee80c98d4173ffe226b672f054c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tiny.cc/zzztsz
157.245.113.153303 See Other 0 B IP 157.245.113.153:0
ASN #14061 DIGITALOCEAN-ASN
GET /zzztsz HTTP/1.1
Host: tiny.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
server: nginx
date: Sun, 29 Jan 2023 09:29:35 GMT
content-type: text/html; charset=utf-8
location: https://accounts.google.com/Logout?service=wise&continue=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU%26num%3D0%26sig%3DAOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA%26client%3Dca-pub-0466582109566532%26adurl%3Dhttp%3A%2F%2Fwww.max64.com%2Fabd0000095
x-frame-options: sameorigin
x-xss-protection: 1; mode=block
x-robots-tag: nofollow, noindex
content-encoding: gzip
X-Firefox-Spdy: h2