Overview

URLduqiujnu5touzhu.win8mi.com/
IP 72.52.179.174 (United States)
ASN#32244 LIQUIDWEB
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-28 04:44:04 UTC
StatusLoading report..
IDS alerts0
Blocklist alert8
urlquery alerts No alerts detected
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
gaut-hil.com (3) 342928 2020-07-09 20:17:47 UTC 2022-11-28 00:09:15 UTC 3.212.50.125
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
gogodating.life (27) 0 No data No data 194.87.208.59 Unknown ranking
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-27 05:29:57 UTC 34.117.237.239
duqiujnu5touzhu.win8mi.com (2) 0 No data No data 72.52.179.174 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.39.57.61
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-11-27 18:20:50 UTC 18.197.36.77 Unknown ranking
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-27 05:29:56 UTC 34.102.187.140

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-28 2 gogodating.life/cookie/js.cookie11.js Phishing
2022-11-28 2 gogodating.life/media/bbc.js Phishing
2022-11-28 2 gogodating.life/util/utils.js Phishing
2022-11-28 2 gogodating.life/media/casual/toon3/js/main.js Phishing
2022-11-28 2 gogodating.life/media/casual/toon3/js/trls.js Phishing
2022-11-28 2 gogodating.life/media/casual/toon3/js/jquery-1.11.1.min.js Phishing
2022-11-28 2 gogodating.life/media/casual/toon3/fonts/QuattrocentoSans.ttf Phishing
2022-11-28 2 gogodating.life/media/casual/toon3/fonts/QuattrocentoSansBold.ttf Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 72.52.179.174
Date UQ / IDS / BL URL IP
2023-02-01 11:45:48 +0000 0 - 0 - 1 cx3kc.hp1001.com/html/4_1078.html 72.52.179.174
2023-02-01 10:34:34 +0000 0 - 0 - 1 a8qg5.hp1001.com/cate/7_402.html 72.52.179.174
2023-02-01 06:35:42 +0000 0 - 0 - 1 61.hp1001.com/ 72.52.179.174
2023-01-30 07:17:33 +0000 0 - 0 - 1 ta.hp1001.com/show/5_9148.html 72.52.179.174
2023-01-30 06:31:55 +0000 0 - 0 - 12 6e5.hp1001.com/html/4_18.html 72.52.179.174


Last 5 reports on ASN: LIQUIDWEB
Date UQ / IDS / BL URL IP
2023-02-01 21:47:13 +0000 0 - 0 - 1 www.vova.com/pt/Criativo-Bonito-Swan-Gel-Cane (...) 69.16.230.226
2023-02-01 18:55:33 +0000 0 - 0 - 1 8c4d591d.ithemeshosting.com.php73-39.lan3-1.w (...) 184.106.55.134
2023-02-01 16:10:39 +0000 0 - 0 - 9 www.newtelegraphng.com/investigation-obstruct (...) 67.227.172.38
2023-02-01 15:00:48 +0000 0 - 2 - 0 growcurriculum.org/SubscribeNow_Prep_PreK 72.52.134.16
2023-02-01 14:00:55 +0000 0 - 0 - 10 kadyotube.com/lib/thumb/?src=kadyotube.com/th (...) 67.227.226.240


Last 5 reports on domain: win8mi.com
Date UQ / IDS / BL URL IP
2023-01-05 05:17:15 +0000 0 - 0 - 2 kaixuanmenyulecheng.win8mi.com/ 72.52.179.174
2022-12-10 21:52:17 +0000 0 - 0 - 4 sanjinqipaiyouxi.win8mi.com/ 72.52.179.174
2022-12-05 11:52:34 +0000 0 - 0 - 1 www9mcom.win8mi.com/ 72.52.179.174
2022-12-02 10:50:58 +0000 0 - 0 - 1 xinjinjiangyulecheng.win8mi.com/ 72.52.179.174
2022-12-01 07:29:22 +0000 0 - 0 - 1 laohujiyouxizaixianwan.win8mi.com/sitemap.html 72.52.179.174


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-01 20:09:32 +0000 0 - 2 - 35 1d6ce2131d3.tcompany-offer.com/?p=5221&plid=1 (...) 94.237.103.119
2023-02-01 15:03:53 +0000 0 - 4 - 8 super-dates-now.life/?u=l5fnu11&o=hrwp09h&t=1 (...) 23.88.40.171
2023-02-01 06:23:53 +0000 0 - 2 - 9 xuntoft.gg.wy5532.com/ 81.171.22.4
2023-01-31 16:13:12 +0000 0 - 4 - 36 mega-dates-now.life/?u=u50k80z&o=6rcprzv&cid= (...) 23.88.40.171
2023-01-31 07:01:54 +0000 0 - 4 - 36 mega-dates-now.life/?u=u50k80z&o=6rcprzv&cid= (...) 23.88.40.171

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (54)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8067
Expires: Mon, 28 Nov 2022 06:58:20 GMT
Date: Mon, 28 Nov 2022 04:43:53 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3642
Cache-Control: max-age=110882
Date: Mon, 28 Nov 2022 04:43:53 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:31:55 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 04:19:31 GMT
cache-control: public,max-age=3600
age: 1462
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6765
Expires: Mon, 28 Nov 2022 06:36:39 GMT
Date: Mon, 28 Nov 2022 04:43:54 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: RrbG4zuI/0TOuLG1vzNy2bzEWnCGludbbKpGAnqQwsiyhzhQnIAPlu/s4PWImC2LqvlrUAjtDnk=
x-amz-request-id: 7C73XB1FR51QSSFV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:44:53 GMT
age: 3541
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Mon, 28 Nov 2022 04:43:54 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 04:08:55 GMT
cache-control: public,max-age=3600
age: 2099
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6084
Cache-Control: max-age=108262
Date: Mon, 28 Nov 2022 04:43:54 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:48:16 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: duqiujnu5touzhu.win8mi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         72.52.179.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 28 Nov 2022 04:43:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (638)
Size:   2290
Md5:    2347ea5fc30a9eff978dd0e4fa52c217
Sha1:   fc134d2fb46d8cdc1b6eab3b186957075bb3ec24
Sha256: 78c974caaea5bee7c5803fbd977f197bbac0918b16fec3d575de9a62319b8caf
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zv5WE9pgnRG1fWPJUsDMng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.39.57.61
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MS6MXOCiPK2jWaaFzOsKwPqOnzI=

                                        
                                            GET /page/bouncy.php?&bpae=GbhGdDvHtUx%2Fj0vWlTVil1cZ9CwWQNDDNIR1wTvYJnrMf8K2CPhZwPX%2BIf%2F6Q21XkyDikTTgWdvgj1jRRVbRGHss7UH92FHzBIwkxzoC2my%2FyOBotHQNoSigzktGkGG6fJw9hzc%2FuzWq6qivdA9WPNO2kCx4mEzf8FNmNFKgbTHcQ7by1EQ%2BK8vdUW5m0haGfD9IeyPao%2Bcd2o%2FgKuKhvLwJFFSx14TQoaixLsW32KdwtOcxIfabpLUj9rzM7hkc6rCnSndvhFfbAhHNjy6sLljcAd8xjvbC9IC8nJP28WT%2FVSIb2ZSldRmuuQszu9NNFi%2BSFpQ8oXJIMym9kPXheHpX4vBC%2BW5RULiX3N6ppA%2FUGoXF9m%2FDnVj%2BTkUVyGEefHi%2BiEFwR4XIQ4590irnbNvlAs36j6oTEgTVIMqGgWCT4eUtjcNtcT6XgAw9Fjy4hPEwMQ2Q%2FYU1H%2FYXvSDiD%2BHeRjix7tXQzpXXCMqUAzEv32ylh5yaYyP%2B2Ww%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1 
Host: duqiujnu5touzhu.win8mi.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://duqiujnu5touzhu.win8mi.com/
Upgrade-Insecure-Requests: 1

search
                                         72.52.179.174
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 28 Nov 2022 04:43:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   982
Md5:    7d1f783b11da6803b6b59c1d402cb452
Sha1:   55f2f54d5ee0f457f8267c5b06a2dbcb19a6c554
Sha256: 77622ef65d2ad0f6d0bea20236afaca3df8e76d5e87449719ba97f5c7be2a7bd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114093
Date: Mon, 28 Nov 2022 04:43:55 GMT
Etag: "63834643-1d7"
Expires: Tue, 29 Nov 2022 12:25:28 GMT
Last-Modified: Sun, 27 Nov 2022 11:13:07 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u_WmsFDEGFRB9cgHs3QX0KyG2PF1aXoxcKMsyLWNa_xaw94k-UJTZA==
Age: 4341

                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fgogodating.life%2F%3Fu%3Dxunwwwr%26o%3Db0ep0zn%26cid%3Dw76qg50ajrjpukpkiv49357e&caid=ff093888-6518-4132-8d4a-9ebb07e5bd65&zpid=43308272-6ed7-11ed-bffe-12d21f78093b&cid=w76qg50ajrjpukpkiv49357e&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Mon, 28 Nov 2022 04:43:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
pragma: no-cache
set-cookie: cc-v4=zBPGtONmKoKHC3SqaZMh%2F8Guo3KKaRoPMrRzpLX%2FRcCA%2B10Xoee860JaCsWVSAVhikPWrM0KWQvP6k%2BTKgCcLF7TCirJFAGMqR7Kc3gPC7lYHh0zc2GeWt%2FKt9EWcGGqFaaVT3rk0HNFTj871IKFZg%3D%3D; Max-Age=31536000; Expires=Tue, 28-Nov-2023 04:43:55 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcredirect?visitid=43308272-6ed7-11ed-bffe-12d21f78093b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         3.212.50.125
HTTP/2 404 Not Found
content-type: text/html;charset=utf-8
                                        
date: Mon, 28 Nov 2022 04:43:55 GMT
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: EQZywdyu
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12157
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 04:43:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12157
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 04:43:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12157
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 04:43:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12157
Expires: Mon, 28 Nov 2022 08:06:33 GMT
Date: Mon, 28 Nov 2022 04:43:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 24130
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F6FADB0C8393B7BF5900A14DD3311ECE2BE30B8F06C7377490EB978E0221BE60"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 10:43:56 GMT
Date: Mon, 28 Nov 2022 04:43:56 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2YLb6Et3z5MS3x4qk32fUeOCzFeofTOiHbTH2dGaQbGe_e8yMedqqw==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 08:11:10 GMT
age: 73966
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5652
Md5:    d407d1a700a02f6422a0415be9648354
Sha1:   e9a69711e04e8028f11082285a405bafc61c5b20
Sha256: dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:18 GMT
age: 25058
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 24767
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12555
Md5:    f20d5c4b208740dd4c737b9d95c0e1d0
Sha1:   c843c5422499736a83a80c2b07475a8dbbb8860f
Sha256: f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8517
x-amzn-requestid: 12456791-0e7f-45d7-97ae-d663c8fa841d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvHHLoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-54ed1ec101789247052c9ec8;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UzzTPZIBjoow9PK-oM9rfGh5HkrivyPDofbTXy-I-9e4_baQnyKVhQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:55:42 GMT
age: 82094
etag: "9442f111d329f721ddc55100cd246586d8204048"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8517
Md5:    577b69fd08ad8368ea5a94fe41476c1c
Sha1:   9442f111d329f721ddc55100cd246586d8204048
Sha256: bdafc5068032dcf5e207cf2685a1b9350dbe8d990ba181520ff47889524532f2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff33742-bcf4-48a8-b6fb-80eca56e49e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6003
x-amzn-requestid: 55485f7d-70d3-4f00-90fa-6384e53c990a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR79tEt8oAMF8vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f1-7b8a266209a1648724c5ca9d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3edUH9nvxAHeFtJk-vye1QpLXAgSYPo62odg3mPQwE-u-npXeDDdVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:28 GMT
age: 23248
etag: "5c8be4aa5190dc7ae89674a26945bfc9ff240175"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6003
Md5:    71251bd4e19aa0d2be6336e7366f15ff
Sha1:   5c8be4aa5190dc7ae89674a26945bfc9ff240175
Sha256: fb15afbdd12ab04b3bb2785fb3ebf1f2d82f243b47f1b8c2c8788f7653f8059b
                                        
                                            GET /?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7693
Connection: keep-alive
set-cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp; path=/
cache-control: private, no-transform


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (531), with CRLF line terminators
Size:   7693
Md5:    578fe010fda022c0ac971d33b11e0252
Sha1:   388847b271caa69c83a8fca7b4666e15c0029799
Sha256: 8839e00ce5e2ff8a37ed1213a2efdf7a8163919c5cce413b4360ecc91a9ae695
                                        
                                            GET /media/casual/toon3/css/style_alt.css HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 5097
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "faef7172cb03c340a5df27533a002d1a"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA4C58CF0A7CD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5097
Md5:    faef7172cb03c340a5df27533a002d1a
Sha1:   d84c0103e7996d5558026aa9253afeeca390d654
Sha256: 5b2cf586d1b6a80ea096b4df5f234fddce3d6cedef138ac48b93b1f38d8307ad
                                        
                                            GET /cookie/js.cookie11.js HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 4157
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d69ea699f15818eb39d4f4898f75a7e3"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA5CC0AFFCD12
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1709), with CRLF line terminators
Size:   4157
Md5:    d69ea699f15818eb39d4f4898f75a7e3
Sha1:   0209181a1da02eaf3857d30efd7092ea85f4c7eb
Sha256: 1d6379dcee88d76c4895ef26cc84e178b995e0a8e1effc943691fe9c59ccdb60

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/bbc.js HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 1132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "57e25a20c9962ce9c7077e46c69a265f"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA5CBF89EC762
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1132
Md5:    57e25a20c9962ce9c7077e46c69a265f
Sha1:   cba5f15234d9059feacd95fe60fcd7165b45295b
Sha256: 329ed89ce6841f591a258c691e89ca2a55d0c8f481a7ba7c167df8f8198f2791

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /util/utils.js HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA5AED6416C59
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (641), with CRLF line terminators
Size:   7512
Md5:    01816d15ca03032751161a746e2fb7c3
Sha1:   dcc72ea5fa1356490ba473288159df9786b4a3c3
Sha256: 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/casual/toon3/js/main.js HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 405
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f2eab5d5860befa6e1b4eca345006bf1"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA505CB0DED4E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   405
Md5:    f2eab5d5860befa6e1b4eca345006bf1
Sha1:   f4f7958b8de4822f1b2e946f8ca2a4d104484866
Sha256: c00613979fdbf8d2850f0e08260b582bb8745265c28c216444bc31d475416bc3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/casual/toon3/images/body3_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7115
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "25f4616348a1f5076ddaaf43b8be0d99"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F1A7F22A7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   7115
Md5:    25f4616348a1f5076ddaaf43b8be0d99
Sha1:   1ebb536691f648bcfc91b6e0e8e7b0de099873d9
Sha256: a738b84f2486de67b74a3ce03617e248b592b3e316bc9ad5b471f13e29924210
                                        
                                            GET /media/casual/toon3/images/body2_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7139
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "25ead115fd19de86d001b9ea0e530b98"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F179BE95D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   7139
Md5:    25ead115fd19de86d001b9ea0e530b98
Sha1:   2f87b29630774c703ddd5b3f63c598099741589c
Sha256: 3b654731702ea10a66129af5b97f7dad0db5f60ef6ee0960ce99b7bf9ee6face
                                        
                                            GET /media/casual/toon3/images/body4_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 4708
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6bfe731b38785116e374e8afd448473b"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F22CBED89
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   4708
Md5:    6bfe731b38785116e374e8afd448473b
Sha1:   ce318d0506e12cb3f373b791e78fb60c183e6366
Sha256: f64c0ecdf9c70f46bbd9a30de7d9b7eba62730b88084543d31037eace2807a68
                                        
                                            GET /media/casual/toon3/js/trls.js HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 25348
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2187f773a9ee4d03d21448c6856698b9"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA58B229ACEB1
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   25348
Md5:    2187f773a9ee4d03d21448c6856698b9
Sha1:   ad93a8e10e0a04c4c32caba37ea54253e22c1369
Sha256: a6551598594d2f7e4dc32dcb406efdae0538435ef49fc83308cb1a5f40f3353e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/casual/toon3/js/jquery-1.11.1.min.js HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 95699
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "612ce073e0525fda305524a4a9949587"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA4C5DA457B53
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   95699
Md5:    612ce073e0525fda305524a4a9949587
Sha1:   a87a1ec66b4a404b2f793f2de9f806955e8952cf
Sha256: a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/casual/toon3/images/body5_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7402
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "67c337328ace4aa7c94fbcadbb997963"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F23D968AF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   7402
Md5:    67c337328ace4aa7c94fbcadbb997963
Sha1:   19ecc8595ff083a870598689b85713014b9941b4
Sha256: ab5b0cdc771fbee94ae961621de091469cd6d3ee9e0345d67fea8790f47ef21b
                                        
                                            GET /media/casual/toon3/images/age1_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 6051
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "412c98a48bd4e5f3095860f53e2fab25"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F285E17E2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   6051
Md5:    412c98a48bd4e5f3095860f53e2fab25
Sha1:   f06ffecbc1f132beb4ec81a149cc79cb5b78559b
Sha256: 1e26c71724f0061870300be2d22c080c376f3189783e4b07f13e9457b9ace154
                                        
                                            GET /media/casual/toon3/images/girl.png HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 20415
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "3e9715aca14895be6809d18ee806d561"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA505FB418982
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 320 x 352, 8-bit colormap, non-interlaced\012- data
Size:   20415
Md5:    3e9715aca14895be6809d18ee806d561
Sha1:   584fb439c7a6c3d9ac2cda1f3ee24212546d316c
Sha256: 5c30263d90e5109b19aec665afcf22292bff66fd158c31e34c08de212e14ecb7
                                        
                                            GET /media/casual/toon3/images/age2_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 9472
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bdee974dfa1bd0381fb37d21c6a24d2b"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F2A69E290
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   9472
Md5:    bdee974dfa1bd0381fb37d21c6a24d2b
Sha1:   71c58820bdcd2353850aa2efdf9bcf707198673b
Sha256: 0e9ec0e7494a79661fe5644cda9c4d6c5fe12260606ad1f3ba8105cb953d830b
                                        
                                            GET /media/casual/toon3/fonts/QuattrocentoSans.ttf HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/media/casual/toon3/css/style_alt.css
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: font/ttf
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 78036
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://gogodating.life
Access-Control-Expose-Headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
Content-Security-Policy: block-all-mixed-content
ETag: "ce091a3d610240f8ea45c336266b5792"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50EFEE96300
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  TrueType Font data, 16 tables, 1st "GPOS", 7 names, Microsoft, language 0x409, type 1 string, Quattrocento SansRegularPabloImpallari,IginoMarini,BrendaGallo: Quattrocento Sans: 2011Version 2\012- data
Size:   78036
Md5:    ce091a3d610240f8ea45c336266b5792
Sha1:   240eb69d6e901909208105620256e0871ef9737f
Sha256: 8a1e4d8cb32309d03e754bbff5cf0dea8cb14973a0a650c1cb58b8592f5da13a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/casual/toon3/fonts/QuattrocentoSansBold.ttf HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/media/casual/toon3/css/style_alt.css
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: font/ttf
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 79848
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "b80c7c5dc4739cd94fbc56b2f57509c4"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA52CDF46DE5D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  TrueType Font data, 16 tables, 1st "GPOS", 7 names, Microsoft, language 0x409, type 1 string, Quattrocento SansBoldPabloImpallari,IginoMarini,BrendaGallo: Quattrocento Sans Bold: 2011Quattro\012- data
Size:   79848
Md5:    b80c7c5dc4739cd94fbc56b2f57509c4
Sha1:   ae800186fbcf2c85b1d9f271b69455c8ad5c8f40
Sha256: fc24aac0d90f109b21b91a1c7171a9e96cf056ac8eb888be2a9d3d35d35ac795

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /media/casual/toon3/images/age3_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7696
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "47f8432cca02f63b701c2999eeea43ba"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F31DAF11F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   7696
Md5:    47f8432cca02f63b701c2999eeea43ba
Sha1:   56d51f3b5039c7e60ad400f17e123a5dff714304
Sha256: 3cf09326ff416c5f53d81127aca350009110721c6ea1e879a363d71018bf2b88
                                        
                                            GET /media/casual/toon3/images/age4_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 6924
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7d81b6b005bf4b955b5e6297172c5a8d"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F35F28C51
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   6924
Md5:    7d81b6b005bf4b955b5e6297172c5a8d
Sha1:   0bae48d0799d12602b3166a19472e1db6fedc248
Sha256: d4c8c2b2cc9bf5d502fc17d4f83ca73c4c9cbfbdff6624b3d00ba2e05f3efe94
                                        
                                            GET /media/casual/toon3/images/age5_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7158
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7f23ba7584e5f2f5f5bc1129a7a21492"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F380C0DD7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   7158
Md5:    7f23ba7584e5f2f5f5bc1129a7a21492
Sha1:   141963c0678f4591441797f99a45a03616f5c8fb
Sha256: a3f7fb4399ca65391f898e2346c079e1706165a02c04db92babe675b5cdeb490
                                        
                                            GET /media/casual/toon3/images/relations2_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 9079
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "90448128e70479a071e70b19b0f8b187"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F3E84B2CA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   9079
Md5:    90448128e70479a071e70b19b0f8b187
Sha1:   4a4e5f480b8df6e6fa4fd1ce2579a7eb33afdaf6
Sha256: ca08d85836df6ab8247acd0df5c027ec6e5d63fd436b9ebef5769fae98252638
                                        
                                            GET /media/casual/toon3/images/relations3_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 9360
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4d3d38adf2f0ce332b20112bd35cd8bf"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F4009CD16
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   9360
Md5:    4d3d38adf2f0ce332b20112bd35cd8bf
Sha1:   6b4c3de36268a2459f4970779ab51efbf5b5ccf5
Sha256: 2f824639869c4c24dc402ace4994ff5e628f7a48dd39dc5598ce36136f26719f
                                        
                                            GET /media/casual/toon3/images/relations4_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 7546
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "b3160168c65670576b0c54f6ef80c972"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F470E9071
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   7546
Md5:    b3160168c65670576b0c54f6ef80c972
Sha1:   4b4c73fea6466f0733dbe55b7b60d0fa5b05ccd7
Sha256: d26ed7a1ce5bc3a33d1d88b0b04c0c7ee156c59149af8409eb308581eea87f45
                                        
                                            GET /media/casual/toon3/images/relations5_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 8333
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c8977e9f072bac461be435c71ffd01d0"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA58B77BC31EC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   8333
Md5:    c8977e9f072bac461be435c71ffd01d0
Sha1:   f13fbff743f380f87271d37af099e83ad8186e61
Sha256: ad74a6271b89a55e3df1ec7dfd3c938024b701b0d5ef3bf939793e30b8100bf8
                                        
                                            GET /media/casual/toon3/images/body1_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 9351
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "85ccecbbf23425d18c7c012f7341ce27"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50601D24ADD
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   9351
Md5:    85ccecbbf23425d18c7c012f7341ce27
Sha1:   7317eda85c061ee60c072d89fe407f37c26c0d1e
Sha256: 1b10dd2a543fef61a4a61836377e5461b57c95dd95d12f1e35c57b26d7edf834
                                        
                                            GET /media/casual/toon3/images/relations1_o.jpg HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Content-Length: 9613
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "974ca1664d2cea320c17179302d33d4e"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 172BA50F3B613C2A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Tue, 28 Nov 2023 04:43:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Size:   9613
Md5:    974ca1664d2cea320c17179302d33d4e
Sha1:   dc48c7bc4b20d281f190ff2ad5579df2f853864e
Sha256: a66348a7dfa7072dedec904d8069b573678ca9bb73168170ed010640ef929af1
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gogodating.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gogodating.life/?u=xunwwwr&o=b0ep0zn&cid=w76qg50ajrjpukpkiv49357e
Cookie: sid=t2~yfgl0dphzwwshzovg3tcjibp
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         194.87.208.59
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Mon, 28 Nov 2022 04:43:56 GMT
Connection: keep-alive
Cache-Control: no-transform

                                        
                                            GET /zcredirect?visitid=43308272-6ed7-11ed-bffe-12d21f78093b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcvisitor/43308272-6ed7-11ed-bffe-12d21f78093b/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a5081790-0845-11ed-bde8-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         3.212.50.125
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Mon, 28 Nov 2022 04:43:55 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: yZqPlqsA
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /zcvisitor/43308272-6ed7-11ed-bffe-12d21f78093b/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=a5081790-0845-11ed-bde8-128084d1ce51 HTTP/1.1 
Host: gaut-hil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://duqiujnu5touzhu.win8mi.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         3.212.50.125
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Mon, 28 Nov 2022 04:43:55 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: yZqPlqsA
X-Firefox-Spdy: h2


--- Additional Info ---