Report - tiny.cc/zzztsz

Report Overview

Submitted URL
tiny.cc/zzztsz
IP
157.245.113.153
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-01-29 09:29:46
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
6
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
heatedaffairs.com	unknown	2014-12-19T19:17:28Z	2023-01-18T16:28:09Z	10 kB	56 kB	69.165.107.69
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	374 B	1.1 kB	142.250.74.164
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	839 B	448 B	216.239.34.36
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	59 kB	34.120.237.76
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	399 B	62 kB	216.58.207.234
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	445 B	165 kB	216.58.211.3
tiny.cc	80828	2014-11-26T11:25:53Z	2023-03-13T07:39:15Z	788 B	1.3 kB	157.245.113.153
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.4 kB	7.0 kB	142.250.74.163
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-13T08:39:16Z	1.3 kB	1.4 kB	142.250.74.162
www.max64.com	unknown	2012-11-20T15:05:20Z	2023-02-06T03:10:23Z	355 B	520 B	92.205.15.154
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.4 kB	49 kB	142.250.74.67
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.208.13.28
secureimage.securedataimages.com	51831	2012-09-30T17:27:12Z	2023-03-13T08:05:57Z	13 kB	631 kB	192.229.233.220
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	383 B	45 kB	142.250.74.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-29 09:29:41	high	Client IP	Internal IP	ET POLICY URL Shortener Service Domain in DNS Lookup (tiny .cc)
2023-01-29 09:29:41	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-01-29 09:29:41	high	Client IP	Internal IP	ET POLICY URL Shortener Service Domain in DNS Lookup (tiny .cc)
2023-01-29 09:29:41	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-01-29 09:29:41	high	Client IP	Internal IP	ET POLICY URL Shortener Service Domain in DNS Lookup (tiny .cc)
2023-01-29 09:29:41	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (36)

	URL	Size	First Seen	Last Seen
	secureimage.securedataimages.com/images/common/js/jquery/jquery-migrate-1.2.1.min.js	7.2 kB	2023-03-07	2024-04-26
Pretty URL secureimage.securedataimages.com/images/common/js/jquery/jquery-migrate-1.2.1.min.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-26 00:59:04 Times Seen13024 Hash eb05d8d73b5b13d8d84308a4751ece96 743052320809514fb788fe1d3df37fc87ce90452 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	1.7 kB	2023-03-07	2024-02-26
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:09:19 Last Seen2024-02-26 01:23:27 Times Seen120 Hash e62e7cbdcd73124c5f0107b36e5f6bf6 102082218dfc83491bf9b379032e87bce89484d1 ff63f6b68c384b0ba4b9bb081a3ef8148dc4601918b03ae1c405498eff4b2147 Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	1.8 kB	2023-03-13	2023-03-13
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:01:33 Last Seen2023-03-13 11:01:33 Times Seen1 Hash 2f8062814e589e2ebf0e5bed71ae4681 0a6ffc4217794b87d9a6a9d7be6f8a0cf2b0e2b0 9a3ff055aee66c978062a2c7ecb2069cf8a83b67d757bf12fae2ad89d08747b2 Loading...

	accounts.google.com/Logout?service=wise&continue=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU%26num%3D0%26sig%3DAOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA%26client%3Dca-pub-0466582109566532%26adurl%3Dhttp%3A%2F%2Fwww.max64.com%2Fabd0000095	698 B	2023-03-13	2023-03-13
Pretty URL accounts.google.com/Logout?service=wise&continue=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU%26num%3D0%26sig%3DAOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA%26client%3Dca-pub-0466582109566532%26adurl%3Dhttp%3A%2F%2Fwww.max64.com%2Fabd0000095 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:01:33 Last Seen2023-03-13 11:01:33 Times Seen1 Hash eacc216809be0bfb4c4908db4a1f3b06 57d4efcb3205d4792d3b556df12fbe279f258c37 d01235151902a4f55fa9551a33d06d4f3dc44088ea842f957a4e11f16cc13460 Loading...

	ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js	228 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2024-04-26 00:19:45 Times Seen839 Hash a631873e0f4be6f476465b7c2ad35745 0c7c5d5089e03eab40199e2034fcee13517ead9f a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	571 B	2023-03-07	2024-02-26
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:09:19 Last Seen2024-02-26 01:23:27 Times Seen120 Hash ba88c033689e9ae17f4bfdaecef806c8 56cd1dcbfc6a825bd85f91c198aa431c3212f452 0d4b33ea2f7789f6e6017fb134bde17f02cab2582925bef077da07bb15abf25a Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	1.6 kB	2023-03-07	2024-02-07
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:09:19 Last Seen2024-02-07 10:20:21 Times Seen107 Hash d9c29c02dc02087c2e41a38e88f5e917 3af185009c6c0e74dad1350b5bb4f3c93329c464 7ec70dd1b2ea2752a62f6aa5b69ccbc9f28e2a04ec412399b86646b04fcc6122 Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	8.3 kB	2023-03-13	2023-03-13
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:01:34 Last Seen2023-03-13 11:01:34 Times Seen1 Hash e9674a0711a6dda7809f31b54decc211 6a721f9a4e7aee112331faeb46182f13b12e4203 e532eb633219a2d4ebd76b574a6f334336396e939bbf688ddaa651745926e5ff Loading...

	www.google.com/recaptcha/api.js?hl=en	850 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?hl=en IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:02:57 Last Seen2023-03-13 15:37:41 Times Seen1 Hash a1dd36c7e009478663c7566f99842331 c8c525f28c3c365989810c70ed2fc201028feb49 798d033ebf2fad984eed199fbcaf69b408342f8cf4b074c8935105062e444f0e Loading...

	www.googletagmanager.com/gtag/js?id=G-FLZ8S7HDKL&l=dataLayer&cx=c	223 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-FLZ8S7HDKL&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:01:34 Last Seen2023-03-13 11:01:34 Times Seen1 Hash fe7004aadfe81c97a22a699f1ddefe16 9d77b954e123b6b2e5ce5b64cf0bfef50281fc00 667331daafd927eb7a1552f90ee9707f86cadfb360c9a2e884763b84192fe635 Loading...

	secureimage.securedataimages.com/images/common/js/handlebars-1.0.0.beta.6.js	59 kB	2023-03-07	2024-02-26
Pretty URL secureimage.securedataimages.com/images/common/js/handlebars-1.0.0.beta.6.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2024-02-26 01:23:29 Times Seen179 Hash 78d78a399414642e502934f8933a031c e3cbb951618248c93abac6c4064f505e10f6a481 56ff6d2cbf44fdba920ea168a19c7d8f6227f41024b506b7ab97cb1b5c6b4df0 Loading...

	secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js	88 kB	2023-03-13	2023-07-08
Pretty URL secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:01:34 Last Seen2023-07-08 15:17:07 Times Seen93 Hash df999651f45957cc41e4dc2a53336ca3 4c72166e77d8669feb7310c64ac87395d355d562 43a58d3533636d080e5212f6fc9d4ad4294e9a2e81345670b49d3cee1e17f23a Loading...

	secureimage.securedataimages.com/images/common/js/jquery-migrate-1.4.1.min.js	10 kB	2023-03-07	2024-02-26
Pretty URL secureimage.securedataimages.com/images/common/js/jquery-migrate-1.4.1.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:34 Last Seen2024-02-26 01:23:29 Times Seen219 Hash 4fdf27b27fd8e53de44390bbde7e9e38 ad8953cbe00e8671a60cbffd6467fe4423c9b2d9 44f1a303e8502e0fcf57b025665f33cff69e46cde4f492b027ca389f1980fda1 Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	540 B	2023-03-12	2024-02-22
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:24:42 Last Seen2024-02-22 14:23:21 Times Seen91 Hash ad35948f2a16ab488e5230697405b9da 09e72f0fefc5f49fb7fef6c3a0bf758c7e6b565b d3fd88ed68494fe988bcdfb6c6146c029e33d7bd779a7b8fc59af2827b2bec4a Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	2.8 kB	2023-03-12	2023-12-03
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:24:42 Last Seen2023-12-03 20:56:17 Times Seen87 Hash e9a3fc812dcfcd116c584615d3d97a97 bec08230d0dc44ccfaebe513f6dd2a8ad9afe0a1 f0e8101d2a3d3844bb1dc01c1f55079d51eb6ac25d5e59a4666e758d0c1e86f7 Loading...

	secureimage.securedataimages.com/images/common/js/zxcvbn-async.js	454 B	2023-03-07	2024-02-26
Pretty URL secureimage.securedataimages.com/images/common/js/zxcvbn-async.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2024-02-26 01:23:29 Times Seen179 Hash bb0a2344a1232727465e7199a582703e 081c0b83171671c913f187346ab6dd8ec12c0aa4 84b86b956c0e934e696de2580c9d648206806a82ea884f4a8435efd07bc3e6cd Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U&co=aHR0cHM6Ly9oZWF0ZWRhZmZhaXJzLmNvbTo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=wcjmido4mxsj	69 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U&co=aHR0cHM6Ly9oZWF0ZWRhZmZhaXJzLmNvbTo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=wcjmido4mxsj IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 03:02:12 Times Seen99534 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 03:03:08 Times Seen37081953 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	secureimage.securedataimages.com/images/common/js/backbone_0.9.10.js	18 kB	2023-03-07	2024-02-26
Pretty URL secureimage.securedataimages.com/images/common/js/backbone_0.9.10.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2024-02-26 01:23:29 Times Seen182 Hash 44a81b4ba37828fc620b47a5c55da53e 64d76035ef563288f2964fa73843634655d6043d 16c631ff3afa4003239ee66d4691bf24831567a4ec9175bac2c949aae6ab2d89 Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	594 B	2023-03-12	2024-02-07
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:24:42 Last Seen2024-02-07 10:20:21 Times Seen87 Hash ceefb6b6b7db4c27a54d2daaa7dfc3fe 7fbf40bb563b24a9b65f99cf8dc35fdb9a750c11 6fe508090f3e8393e284da4fe15249a5a64fa9fe3bac1d55f5447ca8ac17a2ae Loading...

	www.googletagmanager.com/gtm.js?id=GTM-P8ZF4WS	120 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-P8ZF4WS IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:01:34 Last Seen2023-03-13 11:01:34 Times Seen1 Hash b3644f06f6706136d568a849d0c76582 04803f2c34c2a2528a7657b98478e9dd4b82b9cc 5f45938a8d992fc9a7bbabb704f7f2ffdde7fd08a68ff2c4bf53e002fc4a39db Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U&co=aHR0cHM6Ly9oZWF0ZWRhZmZhaXJzLmNvbTo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=wcjmido4mxsj	36 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U&co=aHR0cHM6Ly9oZWF0ZWRhZmZhaXJzLmNvbTo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&cb=wcjmido4mxsj IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:01:34 Last Seen2023-03-13 11:01:34 Times Seen1 Hash 86a7c09377b18843646e3813ee587f82 3d65389e94e722442f1ab8ae890f54d3ba87f1f5 fa8ab4644f1ab31f88dfad6f37e5e6661391ab63bc3a3c4a515524e8ae888874 Loading...

	secureimage.securedataimages.com/images/common/js/zxcvbn.js	698 kB	2023-03-07	2024-02-26
Pretty URL secureimage.securedataimages.com/images/common/js/zxcvbn.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2024-02-26 01:23:29 Times Seen179 Hash eca5f479c97f4ce47cf6a696b4a30079 e419ac603c35c16f353b6feb04ef1a7ad40dc43b 5e2528ac40c07ca936a033f121ad4840a70e8a357c5ee367077127e43ee123eb Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U	178 B	2023-03-12	2023-03-26
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6Lf57BsUAAAAAKMhSgtXdURk4YNgpMMuiifba3_U IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:24:42 Last Seen2023-03-26 04:22:51 Times Seen3 Hash 6abec717cea72e1a01c647498ee0a65d a539f0589ba1c504b95cd431c2e439d338103736 b5d0dc9c204012a9232e725ff871b341af0f4abcf0d1c4fa17ceb6b330da9a59 Loading...

	secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:43 Last Seen2024-04-25 05:20:07 Times Seen2263 Hash a1cd7fc161a5cb1d7102d1e72ee1e67f 295153b52a34427bcaecb4a55c0aabcca825d544 af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee Loading...

	heatedaffairs.com/images/common/js/english_statedropdown_utf8.js	39 kB	2023-03-07	2023-08-18
Pretty URL heatedaffairs.com/images/common/js/english_statedropdown_utf8.js IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2023-08-18 00:46:31 Times Seen152 Hash a75ce240dd6f463a5c74e5a45c2aa3ab 860f4dddd43a50f62ea1ba127c3a3fe9e617885d f349d51b29ffd040018d59367378fe1215369b8ada130277c028dc2e89785ae9 Loading...

	secureimage.securedataimages.com/images/common/js/underscore_1.3.3.js	13 kB	2023-03-07	2024-02-26
Pretty URL secureimage.securedataimages.com/images/common/js/underscore_1.3.3.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2024-02-26 01:23:29 Times Seen179 Hash 9d5b578c7e1e243e24608a68cdb14d80 8ad6b5351c06c211a2e810ced808697a8c00f3bd c541a7ed87b26e80ee7945546bc8e024d6a507fed4dd051970397552b76b90e7 Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	412 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:01:06 Last Seen2023-03-13 15:37:41 Times Seen1 Hash 10fa8a547b2ef125150037f815579540 32d80f0b24826584a73c4113d51300b7666282cb a0a04c24a9bdaac0e8aa2d22df95a7ae8c0d744a31b732da3d6e4bb279c79e40 Loading...

	secureimage.securedataimages.com/images/common/js/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-04-26
Pretty URL secureimage.securedataimages.com/images/common/js/jquery-1.12.4.min.js IP 192.229.233.220 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 01:40:45 Times Seen118737 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	182 B	2023-03-07	2024-02-26
Pretty URL heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69 ASN #25875 VARIO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:43 Last Seen2024-02-26 01:23:27 Times Seen94 Hash 9e630ab25f084d66f8f67b366b832328 030f683decd314f5fcc45e690dcc3a403d1771f2 39b364dd328df7a1c6885f93e76aea4b7d334c8104c265df36f169862ef14f30 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6a3c1e3a120be4e035e322c68dd503f9	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 6a3c1e3a120be4e035e322c68dd503f9 a5e4b5e2582288db30e3e8a309e79dd3bc30df9b f00c4fa0123db2791dc34da467be1797fe727652a37bcd967753739158deed2d Loading...

	#2 Eval - f36e4d0961d40ef71e8bd20ba0f929fe	16 kB	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash f36e4d0961d40ef71e8bd20ba0f929fe cae72965339f0db453f17b1831fad21b4cb08360 e1a4bc1babc09967a368fe423660be9c79500204b341c68b432adb9ee56baa3b Loading...

	#3 Eval - 14b6bfb40a2b73465086367c3515eaab	18 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:01:34 Last Seen2023-03-13 11:01:34 Times Seen1 Hash 14b6bfb40a2b73465086367c3515eaab eb37f86f8a2637a85551b76567b543c290a9ac33 c8284ec641c91da04a1e11ce26e1ed3a35fd7ad66b0cce6ba47eeb554a5c60a8 Loading...

	#4 Eval - 703b9b4ee324ed5bea800395d6e7b778	64 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 703b9b4ee324ed5bea800395d6e7b778 d9dbc963793c903a99ad1184d4a8c8b76f00a92b ac3659fff3d443c469cac8e740b2ebacc39f1260da426918c1fedd90dea242fd Loading...

	#5 Eval - 459ec9cfee68d036557a8679627d303d	22 B	2023-03-12	2023-03-18
Pretty Observations First Seen2023-03-12 19:03:02 Last Seen2023-03-18 07:43:22 Times Seen1 Hash 459ec9cfee68d036557a8679627d303d 25b45ef0c0ea6e24c150ab10bec3eac40902795a b004954a8ae3697a3df5d38a4d92354a8918e637c53204ae3cf8f6ade91de69f Loading...

	#6 Eval - ffe20516f2a9246be7760707e4241859	17 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 11:01:34 Last Seen2023-03-13 11:25:09 Times Seen1 Hash ffe20516f2a9246be7760707e4241859 a15ae557c179738ef746866562085e6723fd84d6 0c588fbf297f5a0db6f2cc4021082ad22b58c562be14594ce00399e50402b5f2 Loading...

HTTP Transactions (82)

	URL	IP	Response	Size
	tiny.cc/zzztsz	157.245.113.153	301 Moved Permanently	169 B
URL HTTP/1.1 tiny.cc/zzztsz IP 157.245.113.153:0 ASN #14061 DIGITALOCEAN-ASN File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 169 B (169 bytes) Hash 130d1009f10d4fb1cede97de52442d1f 20a7a05cc7df967bae4e1b71f5e8f299eb556003 c389e590871a87f27ad27393cf7f2947c3ede6ba1cca818cbcff4131e0d0eac4 HTTP Headers `GET /zzztsz HTTP/1.1 Host: tiny.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Server: nginx/1.22.1 Date: Sun, 29 Jan 2023 09:29:34 GMT Content-Type: text/html Content-Length: 169 Connection: keep-alive Location: https://tiny.cc/zzztsz`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3eb88dea4fe00db1182370e72683c3ab ca520abf1e91bfd2aef40c6a1270a911071e8922 d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4994 Expires: Sun, 29 Jan 2023 10:52:48 GMT Date: Sun, 29 Jan 2023 09:29:34 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5eb7c9bc996a0ff420e58af45526f053 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6136 Expires: Sun, 29 Jan 2023 11:11:50 GMT Date: Sun, 29 Jan 2023 09:29:34 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 29 Jan 2023 08:43:08 GMT content-type: application/json age: 2786 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 302c7548412192add063ad6c8b99cf3b e5d178931a27db036ce8daae302594d3ff7050b8 fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4243 Expires: Sun, 29 Jan 2023 10:40:17 GMT Date: Sun, 29 Jan 2023 09:29:34 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: Xg1BzVTNGzx0Ew2XwXaDCf9U36s000qLg9TZoSqhoP9CqiNd6jSaBvAudRfpciYdF1vvZ0WpGgk= x-amz-request-id: RC1BYWZHGM6NTQ87 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 29 Jan 2023 09:21:20 GMT age: 494 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 29 Jan 2023 09:29:34 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 04fdbcbdaa3604422454dbbe2bb98fdd 3f1bfb6359c8820c5808c152b733899aa14451d0 e3b3d80553123c43477ff63f6e468b96148e7dcad4902c6c102235f3a7fa192b HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E3B3D80553123C43477FF63F6E468B96148E7DCAD4902C6C102235F3A7FA192B" Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=1677 Expires: Sun, 29 Jan 2023 09:57:31 GMT Date: Sun, 29 Jan 2023 09:29:34 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 29 Jan 2023 08:41:41 GMT age: 2874 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18897 Expires: Sun, 29 Jan 2023 14:44:32 GMT Date: Sun, 29 Jan 2023 09:29:35 GMT Connection: keep-alive`

	push.services.mozilla.com/	34.208.13.28	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.208.13.28:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Q8WRaO8VH2D/Zkxg8819DQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: yRV0adyeLrLXLOpJFwTTxKxBU8w=`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ef589be52a3e55b643978f17949a73da 74545de6f144282252ff92c751f97cc835c80341 7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:35 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	googleads.g.doubleclick.net/pagead/drt/so?r=7198016984506610114	142.250.74.162	200 OK	0 B
URL HTTP/2 googleads.g.doubleclick.net/pagead/drt/so?r=7198016984506610114 IP 142.250.74.162:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /pagead/drt/so?r=7198016984506610114 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://accounts.google.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin content-type: text/html; charset=UTF-8 x-content-type-options: nosniff date: Sun, 29 Jan 2023 09:29:36 GMT server: cafe content-length: 0 x-xss-protection: 0 set-cookie: _drt_=; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none DSID=; expires=Thu, 01-Jan-1970 00:00:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires: Sun, 29 Jan 2023 09:29:36 GMT cache-control: private X-Firefox-Spdy: h2

	googleads.g.doubleclick.net/aclk?sa=L&ai=CtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU&num=0&sig=AOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA&client=ca-pub-0466582109566532&adurl=http://www.max64.com/abd0000095	142.250.74.162	302 Found	0 B
URL HTTP/1.1 googleads.g.doubleclick.net/aclk?sa=L&ai=CtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU&num=0&sig=AOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA&client=ca-pub-0466582109566532&adurl=http://www.max64.com/abd0000095 IP 142.250.74.162:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /aclk?sa=L&ai=CtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU&num=0&sig=AOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA&client=ca-pub-0466582109566532&adurl=http://www.max64.com/abd0000095 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Found P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Date: Sun, 29 Jan 2023 09:29:36 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Accept-CH: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64 Location: http://www.max64.com/abd0000095 Content-Type: text/html; charset=UTF-8 X-Content-Type-Options: nosniff Server: adclick_server Content-Length: 0 X-XSS-Protection: 0

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash ed8a8c45dceab588456b222e04775919 0242859712655caa3c3e9b936878c7c7874b7b5a 669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.max64.com/abd0000095	92.205.15.154	301 Moved Permanently	259 B
URL HTTP/1.1 www.max64.com/abd0000095 IP 92.205.15.154:0 ASN #21499 Host Europe GmbH File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 259 B (259 bytes) Hash 3fbc1454891c879cff96402f38f04f46 bcdae4eabce02248bca8f0abc3a1e669ef9e78ea a11f1d966daa0c5023e0b75b44613258ac391d093924316fccadd69c3d2bd9a3 HTTP Headers `GET /abd0000095 HTTP/1.1 Host: www.max64.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently Date: Sun, 29 Jan 2023 09:29:36 GMT Server: Apache Location: https://heatedaffairs.com/go/p142055.subfreeaccess2 Content-Length: 259 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11247 Expires: Sun, 29 Jan 2023 12:37:03 GMT Date: Sun, 29 Jan 2023 09:29:36 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11247 Expires: Sun, 29 Jan 2023 12:37:03 GMT Date: Sun, 29 Jan 2023 09:29:36 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11247 Expires: Sun, 29 Jan 2023 12:37:03 GMT Date: Sun, 29 Jan 2023 09:29:36 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dfb84426fed94988d5c90372baff059c f1c4740830034ff8a5759d59ae3f657ea524d083 d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A" Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11247 Expires: Sun, 29 Jan 2023 12:37:03 GMT Date: Sun, 29 Jan 2023 09:29:36 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg	34.120.237.76	200 OK	5.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.0 kB (5021 bytes) Hash d19ea264e32a923808112293d74b97c7 19a01a961cca989ee07ff53e50d6f2e65d73729a 16792f5d3ff24bda8f7ac4b6b522c736c4e070b5aa9fd109fa868906064278c8 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5021 x-amzn-requestid: 040ca906-0e98-4919-a238-06ad180d6260 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fcj5zESeoAMFqUg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d4e6a4-7f81446e78d233f16fc9b73f;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 09:11:01 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: XeoloS-lP9UvWYMvblLHSIJdYMAU3yDj5AmJsYwxHtH3l2UjMkkung== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 21:46:36 GMT age: 42180 etag: "19a01a961cca989ee07ff53e50d6f2e65d73729a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg	34.120.237.76	200 OK	9.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.2 kB (9167 bytes) Hash 3be81f83687ddb6c93d3ff3c09a9dba2 50a48e737310d3f31840db4301b25927fbcc12c5 e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9167 x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fPGLfFtOIAMFp7w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0 x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 20:46:16 GMT age: 45800 etag: "50a48e737310d3f31840db4301b25927fbcc12c5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4475 bytes) Hash 4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4475 x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_e6HsaIAMF5Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 21:56:46 GMT age: 41570 etag: "ab4f6528594a1725934727dc7d834c028a79c609" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5594 bytes) Hash 4c77437e3a7361861aed8bfecbfe6bd6 fefd238c13c0fdfb7d964c90fcc8a8cbbf953034 282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5594 x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fLyeEGOloAMFpzA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0 x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 14:55:48 GMT age: 66828 etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11624 bytes) Hash 6021d6a06bff2826eb341747e82484f7 a817ff1ba206234627706551820d0d9856b398de f0ba6de8709fdb73e94dbdace635232c76b9d70dad73badaca0542d9ad49604d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8f2806c-ec5e-41a0-85d8-007f6d34d108.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11624 x-amzn-requestid: be28746a-a238-4718-a307-3a15dde1ed3d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fVqzvF57oAMFUdw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d224e4-5d9eb5ec3f2041c71d7c6fce;Sampled=0 x-amzn-remapped-date: Thu, 26 Jan 2023 06:59:48 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: HDcUb2ol2cYtxbpXtbXXM4aKulevAnfl7r65-Fy2NvA8gND3TRjepw== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 06:43:30 GMT age: 9966 etag: "a817ff1ba206234627706551820d0d9856b398de" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg	34.120.237.76	200 OK	8.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.7 kB (8652 bytes) Hash 43c4a8e963936a8064dbd2bd3c67b905 8508727c97127c98b886833af28b3470306216c2 070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8652 x-amzn-requestid: 21c734f0-cd73-4691-812e-7cd3908f8f89 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fRbH4HtPIAMFUGA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d07232-291e20fb41c53db7664d04b2;Sampled=0 x-amzn-remapped-date: Wed, 25 Jan 2023 00:05:06 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: j2zDtHz3pZLHJKG3-PaITyUzHOQBEELzuDIt7sbB8X_B10OxG394tg== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google date: Sun, 29 Jan 2023 06:49:29 GMT age: 9607 etag: "8508727c97127c98b886833af28b3470306216c2" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c499b53c89b851144645b3de6b3dc33e 1636b13ad4239910ab55f477024cdf021477d7c3 f7282ec1f3c8129d2b8267ab4f6764c5ddf604b3983b01c00290cd00a9f5a3d1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F7282EC1F3C8129D2B8267AB4F6764C5DDF604B3983B01C00290CD00A9F5A3D1" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4464 Expires: Sun, 29 Jan 2023 10:44:00 GMT Date: Sun, 29 Jan 2023 09:29:36 GMT Connection: keep-alive`

	heatedaffairs.com/go/p142055.subfreeaccess2	69.165.107.69	302 Found	261 B
URL HTTP/1.1 heatedaffairs.com/go/p142055.subfreeaccess2 IP 69.165.107.69:0 ASN #25875 VARIO File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 261 B (261 bytes) Hash 2a54c0951a56a9435f948456edc70c1a 870ca2b6909dec76d11ffc5da9ae7613e759b19b 9f8941ea232ebbc8c40fe783238b07c137eaa5da1db6f7e89d7df8f116dcc48c HTTP Headers `GET /go/p142055.subfreeaccess2 HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/1.1 302 Found Date: Sun, 29 Jan 2023 09:29:37 GMT Server: Apache Strict-Transport-Security: max-age=300; includeSubDomains X-PERF: 0.115139,0.071244,DB_35_0.0196590,CD_18_0.0033050,PK_2_0.0000690,CE_36_0.0208620 Location: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 Set-Cookie: ALPO=238285048; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure click_id_time=1901497799_2023-01-29 01:29:37; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 261 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1

	heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1	69.165.107.69	200 OK	18 kB
URL HTTP/1.1 heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 IP 69.165.107.69:0 ASN #25875 VARIO File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (634) Size 18 kB (17480 bytes) Hash 1f7057bd1b03e541719640e93830b874 81665cdc2c99aa406ff96a96d468545e9680a1ab 5251b64964fbf611b3b7b9ee2895d87db3800301be5dbced3068663966bfd731 HTTP Headers GET /go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:37 GMT Server: Apache Set-Cookie: ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; Secure; path=/; domain=heatedaffairs.com; expires=Tue, 28-Jan-2025 09:29:37 GMT; secure v_hash=_english_31877; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure IP_COUNTRY=Norway; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure HISTORY=20230129-1-Dc; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure throttling={"time":1674984577,"AppD":1,"GTM":0}; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:37 GMT; secure X-PERF: 0.107798,0.016675,TS_38_0.0289600,TM_32_0.0214700,CD_31_0.0099790,FS_23_0.0044390,PK_4_0.0033210,CE_40_0.0229540 Strict-Transport-Security: max-age=300; includeSubDomains X-Frame-Options: SAMEORIGIN ETag: TESTBED P3P: CP="DSP LAW" X-ApacheServer: si205-102.friendfinderinc.com Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 17480 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/html;charset=UTF-8

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 86352d15c37831cf9bf1e41325029224 ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21 154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js	216.58.207.234	200 OK	61 kB
URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.10.4/jquery-ui.min.js IP 216.58.207.234:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (64560) Size 61 kB (61441 bytes) Hash 45eb5ca2675d433e4b1bd361b684cdca 3194791975f93e8be941a6dd6f5828a437677b72 09e90ed27d9f5bedc2992c1c2e5ed7ccce4fe7f86a1f39ffd32e2dbfa00b40b9 HTTP Headers `GET /ajax/libs/jqueryui/1.10.4/jquery-ui.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 61441 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sat, 28 Jan 2023 10:20:43 GMT expires: Sun, 28 Jan 2024 10:20:43 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 age: 83334 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.google.com/recaptcha/api.js?hl=en	142.250.74.164	200 OK	556 B
URL HTTP/2 www.google.com/recaptcha/api.js?hl=en IP 142.250.74.164:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (850), with no line terminators Size 556 B (556 bytes) Hash f678bcfbe98b4039961065c12543bfd0 31a000bba532f910d036c24c795ef3636450e4c3 1dabb56e42c7b0a90264a0e7d8884e4111eed0e1b6321cab5f6e26440d63da8d HTTP Headers `GET /recaptcha/api.js?hl=en HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK expires: Sun, 29 Jan 2023 09:29:37 GMT date: Sun, 29 Jan 2023 09:29:37 GMT cache-control: private, max-age=300 content-type: text/javascript; charset=UTF-8 cross-origin-resource-policy: cross-origin content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 556 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8c630e9bbc930d1c367efa81b67be3f7 ec536695531d40a813d99a06271c7c2d698d51d3 39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	heatedaffairs.com/images/ffadult/css/header.css	69.165.107.69	200 OK	20 B
URL HTTP/1.1 heatedaffairs.com/images/ffadult/css/header.css IP 69.165.107.69:0 ASN #25875 VARIO File type data Size 20 B (20 bytes) Hash 7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2 HTTP Headers GET /images/ffadult/css/header.css HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0} Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:37 GMT Server: Apache Strict-Transport-Security: max-age=300; includeSubDomains X-Frame-Options: SAMEORIGIN Last-Modified: Tue, 10 Nov 2020 02:06:40 GMT ETag: "fbdc450-0-5b3b7213300af" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-ApacheServer: si211-103.friendfinderinc.com Content-Length: 20 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/css`

	secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2	192.229.233.220	200 OK	15 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 IP 192.229.233.220:0 ASN #15133 EDGECAST File type Web Open Font Format (Version 2), TrueType, length 14932, version 1.0\012- data Size 15 kB (14932 bytes) Hash 24f7b0944e9e03a905f9d7701573b2cd c7a9a4c42d3d84f112940645abd416a59eb71c89 f677ee2d82dfb11f08175f673cf3f065b0d5e491b4485e01259a492715c746e2 HTTP Headers GET /images/production/gfonts/fonts/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2 HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://heatedaffairs.com Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * age: 295608 cache-control: max-age=2592000 content-type: text/plain; charset=UTF-8 date: Sun, 29 Jan 2023 09:29:37 GMT etag: "126602cf-3a54-58e85c98feac0" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Thu, 25 Jul 2019 18:42:27 GMT server: ECS (ska/F71C) x-cache: HIT x-cache-hits: 0 content-length: 14932 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-select.css	192.229.233.220	200 OK	1.5 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-select.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text Size 1.5 kB (1455 bytes) Hash 5b45adeeb52d6bb2b10b054dc14754b7 d8fa80e5082c2fe9a0be43a6bfaf2b8447571333 27be77a5fed6474a42c53509c0ccce5a77224a4a5ced3e65fa6ce833344053fb HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/bootstrap-select.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 68500 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fce15ef-192f-54c5a8879bb00" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Tue, 04 Apr 2017 17:23:24 GMT server: ECS (ska/F709) vary: Accept-Encoding x-cache: HIT x-cache-hits: 0 content-length: 1455 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/custom.min.css	192.229.233.220	200 OK	6.7 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/custom.min.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (2180) Size 6.7 kB (6732 bytes) Hash 3b00ac5af1402133154e99fa07f40a5c 03d3865e4b5f899c0bd43aba7bc691f86de85bb0 b7d1b60babe4d78417dbb7c82567d88829c3a9dcf8110c9e5dfc8e2427b64e87 HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/custom.min.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 412772 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fce1600-7fb8-552fa75ba5280" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Wed, 28 Jun 2017 00:42:34 GMT server: ECS (ska/F706) vary: Accept-Encoding x-cache: HIT x-cache-hits: 0 content-length: 6732 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/fruit3-svg.css	192.229.233.220	200 OK	609 B
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/fruit3-svg.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text Size 609 B (609 bytes) Hash f5cc4ed009653a239f90255451381b15 dd5c8885b9313abb44109e00539fb7548757fb08 527d11a5bec8224fc3977a42b5e1d79efd3fa8f13951451f37b9588253e83c86 HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/fruit3-svg.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 152280 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "12662bb5-747-58e87aadea380" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Thu, 25 Jul 2019 20:57:02 GMT server: ECS (ska/F71C) vary: Accept-Encoding x-cache: HIT x-cache-hits: 1 content-length: 609 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2	192.229.233.220	200 OK	15 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 IP 192.229.233.220:0 ASN #15133 EDGECAST File type Web Open Font Format (Version 2), TrueType, length 14880, version 1.0\012- data Size 15 kB (14880 bytes) Hash 819af3d3abdc9f135d49b80a91e2ff4c 0fd9f29faa386a9c8de328f799d2698948ed3d25 1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc HTTP Headers GET /images/production/gfonts/fonts/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://heatedaffairs.com Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site `HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * age: 96728 cache-control: max-age=2592000 content-type: text/plain; charset=UTF-8 date: Sun, 29 Jan 2023 09:29:37 GMT etag: "126602c1-3a20-58e85ce63e100" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Thu, 25 Jul 2019 18:43:48 GMT server: ECS (ska/F70A) x-cache: HIT x-cache-hits: 0 content-length: 14880 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/font-fruit3.css	192.229.233.220	200 OK	2.2 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/font-fruit3.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text Size 2.2 kB (2193 bytes) Hash 7c7eabf9920bd42b3ed67a7a3354f901 9bedcf4f63e75ce5ae6ca1eca11ff503cd2c5835 8105b26179f98be7e9ba19294930eb13e068d59b75bc2a492cf28b9e104bfdef HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/font-fruit3.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 861487 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "12660e1d-2b96-58e98556e04c0" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Fri, 26 Jul 2019 16:50:03 GMT server: ECS (ska/F714) vary: Accept-Encoding x-cache: HIT x-cache-hits: 0 content-length: 2193 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/js/fruit3-svg_v2.js	192.229.233.220	200 OK	25 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/js/fruit3-svg_v2.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (1981) Size 25 kB (25019 bytes) Hash 464e9060c657fedeee6bc32430778d0c d301138f4d17619ba1cda7a549586ef0a9bdd116 8cfb6db5cd5a262f0e2dde51b78f9a67fabcfe4fb179c7c3bb76154c98e325a8 HTTP Headers `GET /images/production/fruit_3/v1_1_0/js/fruit3-svg_v2.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 237364 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "12661c87-14c57-58f013fe0f540" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Wed, 31 Jul 2019 22:00:13 GMT server: ECS (ska/F706) vary: Accept-Encoding x-cache: HIT x-cache-hits: 1 content-length: 25019 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js	192.229.233.220	200 OK	33 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/js/jquery/jquery-1.11.0.min.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (32341), with CRLF line terminators Size 33 kB (33375 bytes) Hash c63024c7eb52a22c22e68dcfdaf376e6 ab978e2f700e067c19ed486850b12204fd48bc2c 81f745c1100bb010cac7c7808eaec62a3caa6354842157485bf66c2af71c3092 HTTP Headers `GET /images/common/js/jquery/jquery-1.11.0.min.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 436440 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fbcaa73-1787f-4f7bc073a0d80" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Wed, 23 Apr 2014 21:00:54 GMT server: ECS (ska/F717) vary: Accept-Encoding x-cache: HIT x-cache-hits: 12 content-length: 33375 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/jquery/jquery-migrate-1.2.1.min.js	192.229.233.220	200 OK	3.1 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/js/jquery/jquery-migrate-1.2.1.min.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (7085) Size 3.1 kB (3063 bytes) Hash e1084a25976d8b8999acadc7350ffb48 99b723d38b78d8347e8dfa60193b12864a370227 b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13 HTTP Headers `GET /images/common/js/jquery/jquery-migrate-1.2.1.min.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 413217 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fbcabe3-1c1f-4f94d536e8ef4" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Tue, 13 May 2014 19:46:54 GMT server: ECS (ska/F718) vary: Accept-Encoding x-cache: HIT x-cache-hits: 1 content-length: 3063 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/jquery-1.12.4.min.js	192.229.233.220	200 OK	34 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/js/jquery-1.12.4.min.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (32077) Size 34 kB (33760 bytes) Hash 90af67e8fd4d5ab0d104b28b82a5f9e3 0172e38010ebd25ebcb3f0a4094be0e20f72ac48 971b268c15450ab1dded5c1e8e7875660b086b2ca6c45a31ddfa82486b1d06d3 HTTP Headers `GET /images/common/js/jquery-1.12.4.min.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 460612 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fbcabf8-17b8b-570e9f6c0c7af" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Fri, 13 Jul 2018 23:37:33 GMT server: ECS (ska/F706) vary: Accept-Encoding x-cache: HIT x-cache-hits: 4 content-length: 33760 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/handlebars-1.0.0.beta.6.js	192.229.233.220	200 OK	13 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/js/handlebars-1.0.0.beta.6.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (3450) Size 13 kB (12997 bytes) Hash c76c8ac862e779f45f68a7f8e7dcda86 d965e49550a274f5a0f6a8ad6edf964b3cf61224 1974cc3b77205539b83d9d7a47ec4d100287ef880ec298681f9c301987c516d3 HTTP Headers `GET /images/common/js/handlebars-1.0.0.beta.6.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 491495 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fbca986-e5d1-4c50ab408d244" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Tue, 17 Jul 2012 18:27:47 GMT server: ECS (ska/F70B) vary: Accept-Encoding x-cache: HIT x-cache-hits: 13 content-length: 12997 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/underscore_1.3.3.js	192.229.233.220	200 OK	4.4 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/js/underscore_1.3.3.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (519) Size 4.4 kB (4387 bytes) Hash 97315e90efa8a9360cc1723f0cb72f3f f674643c54f8eb827a0131fd3dd95ee16f42376d d4fea116d583df00adc36f731c9b69357435d82a09c17fff1ed87eb2867d970c HTTP Headers `GET /images/common/js/underscore_1.3.3.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 504785 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fbcb42a-3216-4c00578058ea5" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Mon, 14 May 2012 21:07:07 GMT server: ECS (ska/F711) vary: Accept-Encoding x-cache: HIT x-cache-hits: 25 content-length: 4387 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/backbone_0.9.10.js	192.229.233.220	200 OK	6.3 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/js/backbone_0.9.10.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (558) Size 6.3 kB (6299 bytes) Hash c86f026b361b55f6d55589b29592a2a8 78dd3d09bd62e0b79686f07635d809aed2047856 b0d313935daa86b9a2ce74edeb4bfc91a163f040a26bf789dc6209f04122120f HTTP Headers `GET /images/common/js/backbone_0.9.10.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 491493 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fbca476-476e-4d46315d56500" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Tue, 29 Jan 2013 01:12:20 GMT server: ECS (ska/F714) vary: Accept-Encoding x-cache: HIT x-cache-hits: 10 content-length: 6299 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/zxcvbn-async.js	192.229.233.220	200 OK	305 B
URL HTTP/2 secureimage.securedataimages.com/images/common/js/zxcvbn-async.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (454), with no line terminators Size 305 B (305 bytes) Hash e43f705d7647c5f3cf787c513513530d c085ed6c15cd1a8b8e5207390a3b0688328d17e3 8539a7af228643a4ac230ad54787717001caab9f9fc0f1d6209c428f6263112b HTTP Headers `GET /images/common/js/zxcvbn-async.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 491494 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fbcb44a-1c6-4f7df744a2e17" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Fri, 25 Apr 2014 15:16:47 GMT server: ECS (ska/F70D) vary: Accept-Encoding x-cache: HIT x-cache-hits: 7 content-length: 305 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/ffadult/partners/31877_1636690331.svg	192.229.233.220	200 OK	9.7 kB
URL HTTP/2 secureimage.securedataimages.com/images/ffadult/partners/31877_1636690331.svg IP 192.229.233.220:0 ASN #15133 EDGECAST File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators Size 9.7 kB (9737 bytes) Hash e988d54957e56ca8f1c33b1fa2f2a30b b76eca63c2737a5cb877223b1b50425cd830a536 3ce79e933c5821667aa27f75fa4b40b5341b53f8f792163645cf55651811604f HTTP Headers `GET /images/ffadult/partners/31877_1636690331.svg HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK accept-ranges: bytes age: 444795 cache-control: max-age=2592000 content-type: image/svg+xml date: Sun, 29 Jan 2023 09:29:37 GMT etag: "1702b3c3-2609-5d08fac38a640" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Fri, 12 Nov 2021 04:12:51 GMT server: ECS (ska/F709) x-cache: HIT x-cache-hits: 0 content-length: 9737 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js	192.229.233.220	200 OK	27 kB
URL HTTP/2 secureimage.securedataimages.com/javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (65536), with no line terminators Size 27 kB (27239 bytes) Hash 81db2a9c3df8aef926362a89f44e638f a6cccd97c19b8604d50e32aca34fde8ff7257c59 e5cf1f0d853e3f3b4b5af5fca466a3cf75ca853978de25d2f3ccf777531e70fe HTTP Headers `GET /javascript/live_cd/secure/ffadult-registration_stepbystep-1674150126.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 833901 cache-control: max-age=2592000 content-type: text/javascript date: Sun, 29 Jan 2023 09:29:37 GMT expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Thu, 19 Jan 2023 17:51:16 GMT server: ECS (ska/F6FE) vary: Accept-Encoding x-cache: HIT x-cache-hits: 57 x-perf: 0.022330,0.022299,CD_1_0.0000310 content-length: 27239 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1	192.229.233.220	200 OK	20 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1 IP 192.229.233.220:0 ASN #15133 EDGECAST File type assembler source, ASCII text, with very long lines (540) Size 20 kB (20200 bytes) Hash d09cbdf3d9e08fd8acdd4d917a9362ed f95046c53066fba6ddb53b189b63b4eb0acaf1ae 710c60e2582b595658f76f7b067cf74b2526004e63f2aa798952015eea43e659 HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1 HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 2051009 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "126f8b92-21b43-58f25fd6e9d00" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Fri, 02 Aug 2019 17:50:12 GMT server: ECS (ska/F70F) vary: Accept-Encoding x-cache: HIT x-cache-hits: 16 content-length: 20200 X-Firefox-Spdy: h2`

	heatedaffairs.com/images/common/js/english_statedropdown_utf8.js	69.165.107.69	200 OK	9.5 kB
URL HTTP/1.1 heatedaffairs.com/images/common/js/english_statedropdown_utf8.js IP 69.165.107.69:0 ASN #25875 VARIO File type Unicode text, UTF-8 text Size 9.5 kB (9533 bytes) Hash 70c6f3e0333633df56b01b67cfeb9ca4 17e11ba9a8cd6a80007794bad4b573c6597d4bb0 ca4eef90ed9aa28d0739a0fe12a180e74df1ea1dc1ac6b56fb1fa48393b5b4cf HTTP Headers GET /images/common/js/english_statedropdown_utf8.js HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0} Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:37 GMT Server: Apache Strict-Transport-Security: max-age=300; includeSubDomains X-Frame-Options: SAMEORIGIN Last-Modified: Thu, 24 Sep 2015 10:05:47 GMT ETag: "250790e-992a-5207b5ffc74c0" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip X-ApacheServer: si204-163.friendfinderinc.com Content-Length: 9533 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: application/x-javascript`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-custom.css	192.229.233.220	200 OK	1.6 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-custom.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (493) Size 1.6 kB (1638 bytes) Hash 09176ca717ad9c769a2c944a3e5e9156 1cd78bfd6a2e54440c62a9830c340476aa91689e e3f84f2bdab2dff346156b62bf641a695329603eaee30aebad4841c3f4443a2b HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/bootstrap-custom.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 2051309 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fce15ee-31bb-53169be9f6ec0" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Tue, 26 Apr 2016 21:12:03 GMT server: ECS (ska/F71D) vary: Accept-Encoding x-cache: HIT x-cache-hits: 14 content-length: 1638 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/HoldOn.min.css	192.229.233.220	200 OK	1.8 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/HoldOn.min.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (13117) Size 1.8 kB (1806 bytes) Hash 76632094d8b7871141a92eabffe69225 cd4e04caf51fb38bcb3f1bb6f0b21eaf3d15a364 cd0b1df5ef7f5c45a2070154eaba5d5c46fb0dc0cebdf807f1ba3186d18448fc HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/HoldOn.min.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 2053813 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fce15eb-333e-52b83739e0800" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Thu, 11 Feb 2016 19:21:04 GMT server: ECS (ska/F70D) vary: Accept-Encoding x-cache: HIT x-cache-hits: 0 content-length: 1806 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/slider.css	192.229.233.220	200 OK	973 B
URL HTTP/2 secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/slider.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text Size 973 B (973 bytes) Hash bb1fe19a3f1a0e27d95a86e2b2e70234 7734e7c47284b26e82ac54493959cce72e98f456 1b557bfa3cfedd26b23288a414e37ea8bb2c5f7a4daf1a63afeab5b84905695d HTTP Headers `GET /images/production/fruit_3/v1_1_0/css/slider.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 2489063 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT etag: "fce1648-10b2-537235cde2a40" expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Fri, 08 Jul 2016 17:45:05 GMT server: ECS (ska/F711) vary: Accept-Encoding x-cache: HIT x-cache-hits: 0 content-length: 973 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/global_facelift-1636690372.css	192.229.233.220	200 OK	21 kB
URL HTTP/2 secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/global_facelift-1636690372.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (381) Size 21 kB (21266 bytes) Hash dab33c3089f6dcc802e83c4e761417d2 9776105361e9a2319a8deda822fdbc4bfbe91a08 6c1ac2cf9c4e65e7dbee3eec2f61658ff40f7d4278a1b7361376a82d2c362f0c HTTP Headers `GET /css/live_cd/ffadult/english/31877/secure/global_facelift-1636690372.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 1700873 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:37 GMT expires: Tue, 28 Feb 2023 09:29:37 GMT last-modified: Mon, 09 Jan 2023 17:01:44 GMT server: ECS (ska/F70B) vary: Accept-Encoding x-cache: HIT x-cache-hits: 0 x-perf: 0.041563,0.023399,TM_3_0.0085680,CD_3_0.0003650,DB_16_0.0073760,FS_1_0.0004340,PK_1_0.0000270,CE_18_0.0013940 content-length: 21266 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/production/gfonts/open-sans-italic-v2.css	192.229.233.220	200 OK	894 B
URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/open-sans-italic-v2.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text Size 894 B (894 bytes) Hash 8fbbad63a80f7d4b51f3c0d56d082abf 1f094dc5d3b9f827b181088e46903ab33b6e5c86 8bb839903cd86a12106502e5980a208e8580e4d04084a991777bc7179aa6d72b HTTP Headers GET /images/production/gfonts/open-sans-italic-v2.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://secureimage.securedataimages.com/images/production/fruit_3/v1_1_0/css/bootstrap-v2.css?v=1 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 405381 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:29:38 GMT etag: "126f8a92-3797-58f02494c5880" expires: Tue, 28 Feb 2023 09:29:38 GMT last-modified: Wed, 31 Jul 2019 23:14:26 GMT server: ECS (ska/F713) vary: Accept-Encoding x-cache: HIT x-cache-hits: 15 content-length: 894 X-Firefox-Spdy: h2`

	heatedaffairs.com/css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css	69.165.107.69	200 OK	705 B
URL HTTP/1.1 heatedaffairs.com/css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css IP 69.165.107.69:0 ASN #25875 VARIO File type ASCII text Size 705 B (705 bytes) Hash 2755b01f14c693d7d0dda656524f6b45 0c5cfc9f62dab0362c12ee742210629807fba720 50f3da9d994f61306d30beef2eaefc8e0c274bc7c8bccaa1cef26bc5d786d273 HTTP Headers GET /css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0} Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:38 GMT Server: Apache X-PERF: 0.000796,0.000769,CD_1_0.0000270 Strict-Transport-Security: max-age=300; includeSubDomains X-Frame-Options: SAMEORIGIN Cache-Control: max-age=2592000 Last-Modified: Sun, 29 Jan 2023 09:29:08 GMT Vary: Accept-Encoding Content-Encoding: gzip X-ApacheServer: si205-102.friendfinderinc.com Content-Length: 705 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/css`

	secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/landing_page_111-1636690372.css	192.229.233.220	200 OK	3.8 kB
URL HTTP/2 secureimage.securedataimages.com/css/live_cd/ffadult/english/31877/secure/landing_page_111-1636690372.css IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text Size 3.8 kB (3844 bytes) Hash f49e2f42015aee24b958f585ea79757a 42adbe486adaf3b9289c84c3c0ff217111aad4bd d3c61182ee663ce7c4d9c1c497bedfe4bfff30d4fc87b990842bbb431f7ce0d7 HTTP Headers `GET /css/live_cd/ffadult/english/31877/secure/landing_page_111-1636690372.css HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 61 cache-control: max-age=2592000 content-type: text/css date: Sun, 29 Jan 2023 09:28:36 GMT expires: Tue, 28 Feb 2023 09:29:38 GMT last-modified: Sun, 29 Jan 2023 09:28:36 GMT server: ECS (ska/F70A) vary: Accept-Encoding x-cache: HIT x-cache-hits: 1 x-perf: 0.040370,0.026581,TM_3_0.0022460,CD_3_0.0003280,DB_18_0.0084500,FS_1_0.0008430,PK_1_0.0000270,CE_19_0.0018950 content-length: 3844 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash bab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	secureimage.securedataimages.com/images/production/gfonts/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2	192.229.233.220	200 OK	14 kB
URL HTTP/2 secureimage.securedataimages.com/images/production/gfonts/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2 IP 192.229.233.220:0 ASN #15133 EDGECAST File type Web Open Font Format (Version 2), TrueType, length 14380, version 1.0\012- data Size 14 kB (14380 bytes) Hash 33543c5cc5d88f5695dd08c87d280dfd 600db9374e47e4f73a59ccc0a99bcc42f4a3e02a 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52 HTTP Headers GET /images/production/gfonts/fonts/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://heatedaffairs.com Connection: keep-alive Referer: https://secureimage.securedataimages.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * age: 328856 cache-control: max-age=2592000 content-type: text/plain; charset=UTF-8 date: Sun, 29 Jan 2023 09:29:38 GMT etag: "126602ba-382c-58e85c015c500" expires: Tue, 28 Feb 2023 09:29:38 GMT last-modified: Thu, 25 Jul 2019 18:39:48 GMT server: ECS (ska/F710) x-cache: HIT x-cache-hits: 0 content-length: 14380 X-Firefox-Spdy: h2`

	www.googletagmanager.com/gtm.js?id=GTM-P8ZF4WS	142.250.74.40	200 OK	45 kB
URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-P8ZF4WS IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (5726) Size 45 kB (44788 bytes) Hash 4b217b10e1833ed8994dd40a39eb9b5d 29e7d55c08c95179698439334339d5a24b7ab297 81097ad777bbb2c51e25dc090319c22cb1ea9359aa597f64d4e4bb5285ef9c26 HTTP Headers `GET /gtm.js?id=GTM-P8ZF4WS HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 29 Jan 2023 09:29:38 GMT expires: Sun, 29 Jan 2023 09:29:38 GMT cache-control: private, max-age=900 last-modified: Sun, 29 Jan 2023 09:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 44788 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash bab8a4c1e6bb2e6c9cc00222eef1235d 1a5dd108e9f9aaf33bc048b0097a9f510d295cad fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	heatedaffairs.com/images/common/fonts/opensans-regular-webfont.woff2	69.165.107.69	200 OK	19 kB
URL HTTP/1.1 heatedaffairs.com/images/common/fonts/opensans-regular-webfont.woff2 IP 69.165.107.69:0 ASN #25875 VARIO File type Web Open Font Format (Version 2), TrueType, length 18752, version 1.6554\012- data Size 19 kB (18752 bytes) Hash 787788288214310291ec08f0df249ae8 b30bba8b8b58bf3a6de02231cdeebe6f01472665 b5d0983b0bcea1e4ffbe5bcb321a80a2f2ec0ffccd943d69bf4bd5d578782b46 HTTP Headers GET /images/common/fonts/opensans-regular-webfont.woff2 HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://heatedaffairs.com/css/live_cd/ffadult/english/31877/secure/font_face-1636690372.css Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0} Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:38 GMT Server: Apache Strict-Transport-Security: max-age=300; includeSubDomains X-Frame-Options: SAMEORIGIN Last-Modified: Thu, 16 Oct 2014 21:01:08 GMT ETag: "fbc9855-4940-505908c242175" Accept-Ranges: bytes Content-Length: 18752 X-ApacheServer: si210-132.friendfinderinc.com Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/plain`

	heatedaffairs.com/qz/phone/info	69.165.107.69	200 OK	646 B
URL HTTP/1.1 heatedaffairs.com/qz/phone/info IP 69.165.107.69:0 ASN #25875 VARIO File type JSON data\012- , ASCII text, with very long lines (646), with no line terminators Size 646 B (646 bytes) Hash 0b220643eb1d05f373769bfa9d9bcdac c49f9cccf5be736ff5d545837bc40f1be9e1b953 a154113d304843f9784159cc6d73551b32249851eb69571221423c45275defab HTTP Headers GET /qz/phone/info HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0} Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:38 GMT Server: Apache Content-Length: 646 Keep-Alive: timeout=5, max=11 Connection: Keep-Alive Content-Type: application/json`

	secureimage.securedataimages.com/images/ffadult/favicon_1.ico	192.229.233.220	200 OK	1.2 kB
URL HTTP/2 secureimage.securedataimages.com/images/ffadult/favicon_1.ico IP 192.229.233.220:0 ASN #15133 EDGECAST File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1.2 kB (1150 bytes) Hash 882d7e558961083850b80102009a9d1d 147a47e00209e81812e70ddc7bd3141489fc98bb ac28e29b2ab8aebc74ac3b6d106a024d753994643545a09c02815e65f1ed85a8 HTTP Headers `GET /images/ffadult/favicon_1.ico HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK accept-ranges: bytes age: 168035 cache-control: max-age=2592000 content-type: image/x-icon date: Sun, 29 Jan 2023 09:29:38 GMT etag: "fbd6f7e-47e-48cda4d17b0c0" expires: Tue, 28 Feb 2023 09:29:38 GMT last-modified: Mon, 02 Aug 2010 17:12:11 GMT server: ECS (ska/F716) x-cache: HIT x-cache-hits: 0 content-length: 1150 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/others/ajax-loader.gif	192.229.233.220	200 OK	1.7 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/others/ajax-loader.gif IP 192.229.233.220:0 ASN #15133 EDGECAST File type GIF image data, version 89a, 32 x 32\012- data Size 1.7 kB (1710 bytes) Hash 28f1c0ead0381f5496397520865438ed e63cbb54f31de3b980bfc5b15e2aefba5ea41985 42d42e4bd6c484ca7e126ba3d22f022abd7e2a83f006c0b2adc1423200f1c1bc HTTP Headers `GET /images/common/others/ajax-loader.gif HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * age: 124817 cache-control: max-age=2592000 content-type: image/gif date: Sun, 29 Jan 2023 09:29:38 GMT etag: "fbd17c8-6ae-5083ba2fbea8f" expires: Tue, 28 Feb 2023 09:29:38 GMT last-modified: Wed, 19 Nov 2014 19:58:34 GMT server: ECS (ska/F6FD) x-cache: HIT x-cache-hits: 4 content-length: 1710 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	216.58.211.3	200 OK	164 kB
URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 216.58.211.3:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (771) Size 164 kB (163774 bytes) Hash 57c909ab73fc27ec24f737bbf1cb1de8 89b2c02e9e7a9a764518fca545d3eec2044fd6d9 7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b HTTP Headers `GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://heatedaffairs.com Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 163774 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 23 Jan 2023 17:09:34 GMT expires: Tue, 23 Jan 2024 17:09:34 GMT cache-control: public, max-age=31536000 last-modified: Mon, 23 Jan 2023 01:02:00 GMT content-type: text/javascript age: 490804 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 8cf65fcdafa84b63cf7005fe57927fcb 3f7d163a96e7f00eb2de9828624ec46e22b4b40a dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 29 Jan 2023 09:29:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	heatedaffairs.com/p/xmlfeed.cgi	69.165.107.69	200 OK	76 B
URL HTTP/1.1 heatedaffairs.com/p/xmlfeed.cgi IP 69.165.107.69:0 ASN #25875 VARIO File type XML 1.0 document text\012- XML document, ASCII text Size 76 B (76 bytes) Hash 758432f51d9dac21b5578e7ee3155e0d 5d3454214cd9f8fb21d4785736aff017a1ab348a 123e0ef75e385fd05d5ea68451d0c2949210730a77769ef6112e65d7efd315c7 HTTP Headers POST /p/xmlfeed.cgi HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 533 Origin: https://heatedaffairs.com Connection: keep-alive Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}; tracking_id=guest_80c836a8-2fab-454d-ba00-691d58341551 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:39 GMT Server: Apache X-PERF: 0.011494,0.008895,DB_2_0.0014470,CD_3_0.0007300,PK_1_0.0000470,CE_3_0.0003750 Strict-Transport-Security: max-age=300; includeSubDomains X-Frame-Options: SAMEORIGIN P3P: CP="DSP LAW" X-ApacheServer: si204-163.friendfinderinc.com Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 76 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/xml`

	heatedaffairs.com/go/page/city_list.html?dcb=heatedaffairs.com&who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs&ajax=1&no_perf=1&skip_load_popunder=1&use_ajax=1&country=Norway&state=0&rid=3493045749	69.165.107.69	200 OK	1.8 kB
URL HTTP/1.1 heatedaffairs.com/go/page/city_list.html?dcb=heatedaffairs.com&who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs&ajax=1&no_perf=1&skip_load_popunder=1&use_ajax=1&country=Norway&state=0&rid=3493045749 IP 69.165.107.69:0 ASN #25875 VARIO File type ASCII text Size 1.8 kB (1814 bytes) Hash 7ead2f2e29dcdce7f03910687e10ed53 80397bdbf117944651f351c6ceaa22a033bf49b0 ad37c90c1dc6f72387b5563125f7a333afd78f94daf38c78420321e155dfd94b HTTP Headers GET /go/page/city_list.html?dcb=heatedaffairs.com&who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs&ajax=1&no_perf=1&skip_load_popunder=1&use_ajax=1&country=Norway&state=0&rid=3493045749 HTTP/1.1 Host: heatedaffairs.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: https://heatedaffairs.com/go/page/landing_page_111?pg=2&pid=p142055.subfreeaccess2&ip=auto&no_click=1&alpo_redirect=1 Cookie: ALPO=238285048; click_id_time=1901497799_2023-01-29 01:29:37; AB_TRACKING=h9HoKxdexARfM1Mq6dKEaE; ffadult_who=r_BbX8m2s.roLowgtLG8kALrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; v_hash=_english_31877; IP_COUNTRY=Norway; ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; HISTORY=20230129-1-Dc; throttling={"time":1674984577,"AppD":1,"GTM":0}; tracking_id=guest_80c836a8-2fab-454d-ba00-691d58341551 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin HTTP/1.1 200 OK Date: Sun, 29 Jan 2023 09:29:39 GMT Server: Apache Set-Cookie: ffadult_who=r_Hooc2Q.gqsLcwGZpBfvhCrKWDiRsHNcIlXnAKh4U4VXyFjnNnNuaCpWugFDUgGclMU6EWAGFauLSCZg7_EE4B6oUPFcAchs2KFgOmYFhJIUsJfjTZBzzOqpwNchA7FEzRUDAOKI3Zz0agrwZZckyABUhY45rrIZxAByG0v_Cl71.AmE8LnPnFjjxqUW.BqDs; Secure; path=/; domain=heatedaffairs.com; expires=Tue, 28-Jan-2025 09:29:39 GMT; secure v_hash=_english_31877; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure IP_COUNTRY=Norway; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure ffadult_tr=r_VVa_axMHtuWu79QwCmYpqzZcdbwarp7lCXUzFh2tJWmmYrQ24nTGgakbsz6fbmcy; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.7559&country_name&Norway&lat&59.9452&region_name&&country_code&NO&region&&city&&postal_code&&latitude&59.9452&lon&10.7559&dma_code&&country_code3&NOR; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure HISTORY=20230129-2-Dc1; Secure; path=/; domain=.heatedaffairs.com; expires=Tue, 28-Feb-2023 09:29:39 GMT; secure X-PERF: 0.033252,0.011173,DB_1_0.0007080,TS_1_0.0119130,TM_3_0.0008900,CD_19_0.0028380,FS_3_0.0008280,PK_2_0.0000640,CE_12_0.0048380 Strict-Transport-Security: max-age=300; includeSubDomains X-Frame-Options: SAMEORIGIN ETag: TESTBED Vary: Accept-Encoding Content-Encoding: gzip X-ApacheServer: si204-253.friendfinderinc.com Content-Length: 1814 Keep-Alive: timeout=5 Connection: Keep-Alive Content-Type: text/html;charset=UTF-8

	secureimage.securedataimages.com/images/ffadult/PMKTG-297/lander-step-pg2.jpg	192.229.233.220	200 OK	25 kB
URL HTTP/2 secureimage.securedataimages.com/images/ffadult/PMKTG-297/lander-step-pg2.jpg IP 192.229.233.220:0 ASN #15133 EDGECAST File type gzip compressed data, max compression\012- data Size 25 kB (24605 bytes) Hash a42c6333a13e5376af95f46fd9c7b627 57a98e519a44915e39a0cb6f23812adfa6611e67 62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b HTTP Headers `GET /images/ffadult/PMKTG-297/lander-step-pg2.jpg HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * age: 398581 cache-control: max-age=2592000 content-type: image/jpeg date: Sun, 29 Jan 2023 09:29:38 GMT etag: "fbd7430-23353-52a75fd12fa8a" expires: Tue, 28 Feb 2023 09:29:38 GMT last-modified: Fri, 29 Jan 2016 09:52:08 GMT server: ECS (ska/F70A) x-cache: HIT x-cache-hits: 0 content-length: 144211 X-Firefox-Spdy: h2`

	secureimage.securedataimages.com/images/common/js/zxcvbn.js	192.229.233.220	200 OK	330 kB
URL HTTP/2 secureimage.securedataimages.com/images/common/js/zxcvbn.js IP 192.229.233.220:0 ASN #15133 EDGECAST File type ASCII text, with very long lines (52854) Size 330 kB (329762 bytes) Hash fd67aa4c76945172d145dd81e33ad1e1 ac9ff40ca134053898acd867ee7717176d302af1 ccbc6be172f90394fef84c517f1015eefc0a8b5ff62f4434a5f7b0449b2c57bc HTTP Headers `GET /images/common/js/zxcvbn.js HTTP/1.1 Host: secureimage.securedataimages.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK content-encoding: gzip accept-ranges: bytes age: 334315 cache-control: max-age=2592000 content-type: application/x-javascript date: Sun, 29 Jan 2023 09:29:39 GMT etag: "fbcb465-aa838-4f59d55116c76" expires: Tue, 28 Feb 2023 09:29:39 GMT last-modified: Thu, 27 Mar 2014 21:33:12 GMT server: ECS (ska/F70E) vary: Accept-Encoding x-cache: HIT x-cache-hits: 6 content-length: 329762 X-Firefox-Spdy: h2`

	region1.google-analytics.com/g/collect?v=2&tid=G-FLZ8S7HDKL&gtm=2oe1p0&_p=486298546&cid=732391329.1674984586&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674984585&sct=1&seg=0&dl=https%3A%2F%2Fheatedaffairs.com%2Fgo%2Fpage%2Flanding_page_111%3Fpg%3D2%26pid%3Dp142055.subfreeaccess2%26ip%3Dauto%26no_click%3D1%26alpo_redirect%3D1&dt=Heated%20Affairs%20-%20Married%20Dating%2C%20Cheating%20Dates%20%26%20Discreet%20Encounters&en=page_view&_fv=1&_nsi=1&_ss=1	216.239.34.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FLZ8S7HDKL&gtm=2oe1p0&_p=486298546&cid=732391329.1674984586&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674984585&sct=1&seg=0&dl=https%3A%2F%2Fheatedaffairs.com%2Fgo%2Fpage%2Flanding_page_111%3Fpg%3D2%26pid%3Dp142055.subfreeaccess2%26ip%3Dauto%26no_click%3D1%26alpo_redirect%3D1&dt=Heated%20Affairs%20-%20Married%20Dating%2C%20Cheating%20Dates%20%26%20Discreet%20Encounters&en=page_view&_fv=1&_nsi=1&_ss=1 IP 216.239.34.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-FLZ8S7HDKL&gtm=2oe1p0&_p=486298546&cid=732391329.1674984586&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674984585&sct=1&seg=0&dl=https%3A%2F%2Fheatedaffairs.com%2Fgo%2Fpage%2Flanding_page_111%3Fpg%3D2%26pid%3Dp142055.subfreeaccess2%26ip%3Dauto%26no_click%3D1%26alpo_redirect%3D1&dt=Heated%20Affairs%20-%20Married%20Dating%2C%20Cheating%20Dates%20%26%20Discreet%20Encounters&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://heatedaffairs.com Connection: keep-alive Referer: https://heatedaffairs.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://heatedaffairs.com date: Sun, 29 Jan 2023 09:29:39 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	142.250.74.67	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 21:48:03 GMT expires: Fri, 26 Jan 2024 21:48:03 GMT cache-control: public, max-age=31536000 age: 214896 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	142.250.74.67	200 OK	16 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Size 16 kB (15552 bytes) Hash 285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15552 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 26 Jan 2023 16:40:43 GMT expires: Fri, 26 Jan 2024 16:40:43 GMT cache-control: public, max-age=31536000 age: 233336 last-modified: Mon, 16 Oct 2017 17:33:02 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2	142.250.74.67	200 OK	15 kB
URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 IP 142.250.74.67:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data Size 15 kB (15340 bytes) Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5 81d5d4c7b5035ad10cce63cf7100295e0c51fdda c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd HTTP Headers `GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15340 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 27 Jan 2023 10:05:13 GMT expires: Sat, 27 Jan 2024 10:05:13 GMT cache-control: public, max-age=31536000 last-modified: Mon, 16 Oct 2017 17:33:16 GMT content-type: font/woff2 age: 170666 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg	34.120.237.76	200 OK	7.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.2 kB (7201 bytes) Hash 47514f1386d4e6962ac2c931647f60f4 c8da685b6a5aee80c98d4173ffe226b672f054c3 474d462b5d4dbd15b7f759457fe1ed084819cea563ef7c1285028dad9a4a404c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK server: nginx content-length: 7201 x-amzn-requestid: ba830369-3a5f-45bc-9af9-5ad9ee58f43f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fbvRREJqIAMF8Uw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d4926e-6983a44e506dcd4d203c2688;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: k8zu8NNW1XfVlVQuIh495I2sE9YzQQXRooJmVFb2Yqav_D5UCehhLw== via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sat, 28 Jan 2023 21:53:26 GMT age: 66533 etag: "c8da685b6a5aee80c98d4173ffe226b672f054c3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	tiny.cc/zzztsz	157.245.113.153	303 See Other	0 B
URL HTTP/2 tiny.cc/zzztsz IP 157.245.113.153:0 ASN #14061 DIGITALOCEAN-ASN File type Size 0 B (0 bytes) Hash HTTP Headers `GET /zzztsz HTTP/1.1 Host: tiny.cc User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 303 See Other server: nginx date: Sun, 29 Jan 2023 09:29:35 GMT content-type: text/html; charset=utf-8 location: https://accounts.google.com/Logout?service=wise&continue=http%3A%2F%2Fgoogleads.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCtHoIVxn3UvjLOYGKiAeelIHIBfLQnccEAAAQASAAUNTx5Pf4_____wFgvwWCARdjYS1wdWItMDQ2NjU4MjEwOTU2NjUzMsgBBOACAKgDAaoE5AFP0NHr5cHwFmWgKNs6HNTPVk7TWSV-CDHX83dKdGSWJ2ADoZNIxUHZwjAODRyDY_7nVtpuqSLOTef4xzVxDQ2U22MNbGak33Ur7i2jDB8LdYt9TbC3ifsXmklY5jl3Zpq4_lP7wagVfjt0--tNPPGTR96NGbxgPvfHMq9ZsTXpjhc_lPlnyGjlWzF8yn437iaxhGRwYLt_CymifLO2YaJPkCm9nLpONtUM-mstUSpKQrP2VjjaZkbDtuK0naLLBV37aYEY4TzWQi8fQGN47z4XgpinBCna91zQayZjn2wxccDCl0zgBAGgBhU%26num%3D0%26sig%3DAOD64_3Qi4qG3CRVHRI5AHSkSGuL7HJqSA%26client%3Dca-pub-0466582109566532%26adurl%3Dhttp%3A%2F%2Fwww.max64.com%2Fabd0000095 x-frame-options: sameorigin x-xss-protection: 1; mode=block x-robots-tag: nofollow, noindex content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML