Report - clik.global-trk.com/aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=8jSi113015876&aff_id=7204&aff_sub3=63882c7846e5e600011c946d&aff_sub=501

Report Overview

Submitted URL
clik.global-trk.com/aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=8jSi113015876&aff_id=7204&aff_sub3=63882c7846e5e600011c946d&aff_sub=501_0
IP
34.242.181.14
ASN
#16509 AMAZON-02
Submitted
2022-12-01 05:01:18
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	349 B	31.13.72.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.149.83.187
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	727 B	3.3 kB	104.18.20.226
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	519 B	694 B	142.250.74.163
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	953 B	188.114.97.1
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
kingered-banctours.com	844736	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.5 kB	18.195.123.247
cdn-dt.fcdn.info	230544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	25 kB	104.21.234.86
clik.global-trk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	479 B	2.1 kB	34.242.181.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	20 kB	142.250.74.131
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	11 kB	87.250.251.119
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	520 B	694 B	142.250.74.164
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	29 kB	104.17.24.14
app.swpush.com	319657	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	5.1 kB	188.114.96.1
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	21 kB	142.250.74.110
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	613 B	714 B	74.125.131.154
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	6.7 kB	93.184.220.29
v.gambol.link	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	602 B	959 B	18.156.16.63
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	1.3 kB	142.250.74.106
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	29 kB	31.13.72.12
subscribe.swpush.com	504964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.6 kB	188.114.96.1
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
l12.datingtopia.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	706 B	104.21.65.62
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	67 kB	151.101.65.229
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	36 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	kingered-banctours.com	Sinkholed
2022-12-01	medium	kingered-banctours.com	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie	486 B	2023-03-11	2023-08-05
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:06:56 Last Seen2023-08-05 05:23:20 Times Seen7 Hash 2554fa32557299b32acd18e5e61427b4 c98a79bde494c171d8f9bc15bd2e52491c574aa3 dcf4450bdb83decd29daeab83fafa608449eca8294eb23a66a15be5d8bce2b3f Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie	8.4 kB	2023-03-11	2023-03-11
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:21:18 Last Seen2023-03-11 23:21:18 Times Seen1 Hash 141ea1f0667c33652ae66443afd65552 440a56c5298d89105207d4c61b45d098fac82ef3 305520cfbf9e6a4aabef951faccf6402f80a4c626e21c34609a4bec96f33db5b Loading...

	cdn-dt.fcdn.info/swpush.min.js	34 kB	2023-03-07	2023-08-07
Pretty URL cdn-dt.fcdn.info/swpush.min.js IP 104.21.234.86 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-08-07 07:25:23 Times Seen135 Hash af2540aefe6334edb036a720947abb72 f17f394267c73b004d0f2c6dfb8a790aa2d7bf7e 7af8787e4bc78270a5a72a75f86a45ae9d3bd803c3c57ec3efb84d2aabe102a2 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-10
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-10 19:48:26 Times Seen1646 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	connect.facebook.net/signals/config/1426921724108509?v=2.9.89&r=stable	301 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/1426921724108509?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:21:18 Last Seen2023-03-11 23:21:41 Times Seen1 Hash bf8db00a5dc98b85696f4903ae8ff821 ce7e2f90279f6911791041ebf95401848a17105e 6ff969070c9e4079da9e9c9973d3c204737617bdaa0b502cee79dcd2a107ac2b Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie	2.0 kB	2023-03-08	2023-08-05
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:49 Last Seen2023-08-05 05:23:20 Times Seen90 Hash d00e6ad49da65d35d2c16a0e8dc62528 288f34d1c15166d79dfb6e21eae4d544f9d8fcde dfc2a1ae536ba70b69ca552d509366a0dbc8d7489af802a59cd70d7eb06cc5a3 Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie	64 B	2023-03-07	2023-06-03
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2023-06-03 23:52:16 Times Seen3 Hash a8fd51875ebf85929d55cbca281af8c8 0a7935609c4e652ac7385240212c46eb0766f439 e18eb1d0dceaab228ea0b8574efb80a50d47e89d0bb980f42d8f1074035de602 Loading...

	l12.datingtopia.com/j56le98/js/fn.js	502 B	2023-03-11	2023-06-03
Pretty URL l12.datingtopia.com/j56le98/js/fn.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:06:56 Last Seen2023-06-03 23:52:16 Times Seen4 Hash cc4d50800fcd93497d25b6c309d76fe4 6455a66293112b3e26034565b6d08682a2366b76 6b2c588c281dbf5bd57ff7c9587e7e4c0ffb5a33c16613be58f800bb480cd011 Loading...

	kingered-banctours.com/hp	382 B	2023-03-07	2024-05-07
Pretty URL kingered-banctours.com/hp IP 18.195.123.247 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-07 16:22:32 Times Seen1254 Hash 10263a40a9d604e06e31e20f0b213918 524c7e3d46f4c3b19319ff3315ba6adfafd5eb3b 1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie	98 B	2023-03-11	2023-08-05
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:06:56 Last Seen2023-08-05 05:23:20 Times Seen7 Hash 6f5cc698895f00f4798f7d42444b060b c2b16ed17b409db7247bb27c79362981ebf5ffe2 4577d7f1f7c1fd1283deecd001c978da857c9a2aea80272c9a0d4b2c63c4e360 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 00:18:10 Times Seen37531154 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-10 23:23:07 Times Seen97913 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

HTTP Transactions (66)

URL IP Response Size

clik.global-trk.com/aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=8jSi113015876&aff_id=7204&aff_sub3=63882c7846e5e600011c946d&aff_sub=501_0

34.242.181.14

302 Found

385 B

URL HTTP/1.1
clik.global-trk.com/aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=8jSi113015876&aff_id=7204&aff_sub3=63882c7846e5e600011c946d&aff_sub=501_0
IP
34.242.181.14:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
385 B (385 bytes)
Hash
bc9b466981de9b6c1df0b6ea3e3d64d5
70e57245fde049185adbb25c1ee370b6ee1974ea
3e20ea3dc280bb407fbb56beeab3e94a335b0d11ee2bbe53d5ba3e9c2f5c6da8

HTTP Headers

GET /aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=8jSi113015876&aff_id=7204&aff_sub3=63882c7846e5e600011c946d&aff_sub=501_0 HTTP/1.1
Host: clik.global-trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 05:01:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 385
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://v.gambol.link/bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_7154=ENC03516dea56afd6f71c99b7d3117e33c928e7fdcb660a5f6972570ebbd9d2a4fafdf0504b759d218ae2acab0348aebf40844e0d2fc140ab839282461e3856d3ffff1c15b2e2b804474191f6d7030eeba0db42eb0d63652296a77fe3f10244f17cb05d5ae24d52aa9308aa993b4ab60ea5c56cc424930b683051d49e7dcb84e79d83e23388edf0a5404e31a3db25f5daf499d7f7452aceb4961e32d09ac0b1f7ee0200ec9007; expires=Sun, 01 Jan 2023 05:01:07 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 25 Oct 2025 15:41:07 GMT; path=/; SameSite=None; Secure
Tracking_id: 102cd926709d4b7bb2c46dc46e59d5
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: e965d8bbcd4d46dbe6a00dd0dcbd7cec
Access-Control-Allow-Headers: Tune-SDK-Version

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3563
Expires: Thu, 01 Dec 2022 06:00:30 GMT
Date: Thu, 01 Dec 2022 05:01:07 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: max-age=109219
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:07 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:21:26 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 04:19:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2482
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Thu, 01 Dec 2022 06:50:39 GMT
Date: Thu, 01 Dec 2022 05:01:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cqv1P0MEK4mFUBqHPIRl7BoMNE7f9mUHiXPT4MVRofZwUCuj0HGxCtBWEBY8TXXZKGTul4WkpSE=
x-amz-request-id: 8NEHAV6RGXGZRPXB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 04:45:31 GMT
age: 936
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

v.gambol.link/bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5

18.156.16.63

302 Found

0 B

URL HTTP/2
v.gambol.link/bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5
IP
18.156.16.63:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5 HTTP/1.1
Host: v.gambol.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 05:01:07 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wu37a1pf40h3itrk2get8oie
pragma: no-cache
set-cookie: bacf24eb-ee09-4999-950c-bd9380adc496-v4=5xxUrUoZbCJTXyJCJmqVPXaIZJ3xUFi4B2-ODXzmovs; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:01:07 GMT; Domain=v.gambol.link; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=r4e10y4WrYyb6C2mQU6F3fCV3L4JffHx2SXZXwIAvwhhCcuoEm07O%2BEDzydHTddUEgchHwz8XLP6bNLBJt8mNzrUYaRrtpgzjg1rfXYSJ9ZAw7jd2iVYv9Wn0of7txK5Olp%2B5aKZLlA2LO6ay26GXg%3D%3D; Max-Age=31536000; Expires=Fri, 01-Dec-2023 05:01:07 GMT; Domain=v.gambol.link; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 05:01:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wu37a1pf40h3itrk2get8oie

18.195.123.247

302 Found

0 B

URL HTTP/2
kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wu37a1pf40h3itrk2get8oie
IP
18.195.123.247:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wu37a1pf40h3itrk2get8oie HTTP/1.1
Host: kingered-banctours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 05:01:07 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie
pragma: no-cache
set-cookie: 0e565a05-6b58-4a68-8931-3234a344b16f-v4=HLAmnlP3udPY2WyjzmH-UHS7oTpyz-GROIvduzTOHHM; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:01:07 GMT; Domain=kingered-banctours.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=ohUJrGM-tqyUqdldEUe3xP5JSe8cea5-yoox6Pq3_Bvxd0mycIRzZWQ-CC7M3dQD_rrGMZaUNK7s55CxG8I2wGF0puUHwL-6Yxwf0eHI0vLZw6ZHNyO7xsnNcMWo3oV74Qz1-IF2vx_S7GaDw_V1XMMB11iK_RolzINQtQOvjB3HHM3T6cx9S3xLJqQbU0J07U7t99anA-H24wv4HQA2S2aiTmg6t3VUjvEYW5KNpVWYB6rLdTabHqfjcbAzPTmArynGTqzIM9-R2WHsIVmdu7ulQeg46cty9gY6qMw2_o3l4m4EyAZPNTBaiyCKAJEQeHIiB1aqQApBdDUjjc3om74rZYzo-bdy_vfrlYg24A7wQ2-2F3m1Upu6IaaZzwGq1OV_mOQz3cbGrElN9w0cHfw9KZFpdk8OTkOQs6zizr4W3RM41Vqj6nwkHG0xlM9Ocwi3oF2aEXij0VyZu7tWUxO5ZWRcNB-SlNwsqh0mHkeKRvBuv4cFLcXSpdUkcfkP; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:01:07 GMT; Domain=kingered-banctours.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 04:11:15 GMT
cache-control: public,max-age=3600
age: 2992
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bf9e2e94c25978cafa9051ddac7804a0
241f23b2f445531965a581a1db62e669fda220e1
b78ef1ced95e8dae2401e37272c0c74ea6e4231945c5655cc879ab7909459ce9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=161996
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:07 GMT
Etag: "63880adf-117"
Expires: Sat, 03 Dec 2022 02:01:03 GMT
Last-Modified: Thu, 01 Dec 2022 02:01:03 GMT
Server: nginx
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2946
Cache-Control: max-age=104089
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:55:57 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bf9e2e94c25978cafa9051ddac7804a0
241f23b2f445531965a581a1db62e669fda220e1
b78ef1ced95e8dae2401e37272c0c74ea6e4231945c5655cc879ab7909459ce9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=161996
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Etag: "63880adf-117"
Expires: Sat, 03 Dec 2022 02:01:04 GMT
Last-Modified: Thu, 01 Dec 2022 02:01:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.24.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27748 bytes)
Hash
638a4990025383a0f83ebf29bdb84a68
153e8818dc42f598e47fde8cf398f1447649a4d0
878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:01:08 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3037892
expires: Tue, 21 Nov 2023 05:01:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DGIIaiQS0lGL2vqNqYLLqoSTo7O6WRTL4X0KaJ1xAdpkyPu5v1vLCNYqdebcTryP%2BUUX93yNKBKOgX%2B%2BD1RQvu%2BzOO82CvVdJz%2FqdlF1ynBUvH2HKnHOVlFLAlqpscuprStHSee"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7729435f4af3b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kingered-banctours.com/hp

18.195.123.247

200 OK

382 B

URL HTTP/2
kingered-banctours.com/hp
IP
18.195.123.247:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (381)
Size
382 B (382 bytes)
Hash
10263a40a9d604e06e31e20f0b213918
524c7e3d46f4c3b19319ff3315ba6adfafd5eb3b
1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hp HTTP/1.1
Host: kingered-banctours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 05:01:08 GMT
content-length: 382
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.149.83.187

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.83.187:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Tr/s36itvJxLkJRLIp3W5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2EESzNCQ8KN96HpL3Ea/5yxNEB4=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
fac97585e2ade88546f664f3bdc32c19
951f4b7f91f0d963e56bbab370647caed9f60287
7328b50cc11ed5cc081891644a18261991fefc7083d1b4bfb76ff3ccb91de1a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=148351
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Etag: "6387d593-118"
Expires: Fri, 02 Dec 2022 22:13:39 GMT
Last-Modified: Wed, 30 Nov 2022 22:13:39 GMT
Server: nginx
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
fac97585e2ade88546f664f3bdc32c19
951f4b7f91f0d963e56bbab370647caed9f60287
7328b50cc11ed5cc081891644a18261991fefc7083d1b4bfb76ff3ccb91de1a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=148351
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Etag: "6387d593-118"
Expires: Fri, 02 Dec 2022 22:13:39 GMT
Last-Modified: Wed, 30 Nov 2022 22:13:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

11 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (11198 bytes)
Hash
0cd38430d8d0032505f60be044bbdcd8
fba5a1f007ccc5067335695f9bff12825ad6d1e4
a33aa48ee1c41c8d6a025fb0bb70ebdaa3906d4a68fdabd6e47923e98f66cea9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

151.101.65.229

200 OK

67 kB

URL HTTP/2
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Size
67 kB (66654 bytes)
Hash
abdd26bf39ab05e9898e3cf1ddbd3fd9
93521bf8e710e9ec024f0e9e24441ccd81c4a6f1
06c56ad9020dc6ef1a5d0141d5c172c0029d18f2dafe0b79a84bb0c4db2aa52d

HTTP Headers

GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.249.0
x-jsd-version-type: version
etag: W/"28441-HHcPD8UUl0943tDpENjh6gMs5yQ"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Dec 2022 05:01:08 GMT
age: 38162
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66654
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

216.58.207.227

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Size
35 kB (34852 bytes)
Hash
0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:29:21 GMT
expires: Fri, 24 Nov 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 577907
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
bf4e100eaf315f162b2944a4788424a3
06b4f9cfe21567611455c8027c1d9210185ba7d8
3fbec0db105a8b3402516a2f02a753e59d0efe38631de093d285f6211c0121fe

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 05:01:08 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78A12757C72E70FCDF773DDBCB6B3832E74CF061"
Expires: Thu, 01 Dec 2022 16:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2896
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772943622afeb4ed-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Ubuntu:300,400,700

142.250.74.106

200 OK

574 B

URL HTTP/2
fonts.googleapis.com/css?family=Ubuntu:300,400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
574 B (574 bytes)
Hash
ae0cc6b2f1996ef4e7dfcfb7cb5e0f6d
2689508f39aa17875dbd102696b939509ab8fee1
cfe64f34299b309c2cc72bc941efb410e98feafc5c08f610e60e618f59e76f2b

HTTP Headers

GET /css?family=Ubuntu:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 05:01:08 GMT
date: Thu, 01 Dec 2022 05:01:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2855
Cache-Control: max-age=142184
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 20:30:52 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: nD0RNBzNXz4OhO5F2S/qxa9oIQfnX5Lb4fk2etkFJgVXNuxdOxJ6zzvpFLztYlMJWOySiypagKEmt5n7bqXJUA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Thu, 01 Dec 2022 05:01:09 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 04:41:08 GMT
expires: Thu, 01 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 1201
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2856
Cache-Control: max-age=142184
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:09 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 20:30:53 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a98f82d2ecb0ce80de9b393e33c7d97b
c431a7ac9d33902d8a1ce508b55afe8974e3fe5f
3b55a3b3d11a87172c61c9daacb7f5a68e401400a3318c84cd9d4248c2a29c40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5282
Cache-Control: max-age=122972
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:09 GMT
Etag: "63875dcf-117"
Expires: Fri, 02 Dec 2022 15:10:41 GMT
Last-Modified: Wed, 30 Nov 2022 13:42:39 GMT
Server: ECS (amb/6BC1)
X-Cache: HIT
Content-Length: 279

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
d27d40ef61da63a75a8774e292631778
c19de49a4fca93792e64092c882646d12017dbb1
52b71e6e04a4eb72ba1d9d96d9adf41ea09e5e351aaf6d651de8bccc91d7d3cc

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 05:01:09 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 05 Dec 2022 02:13:23 GMT
ETag: "c19de49a4fca93792e64092c882646d12017dbb1"
Last-Modified: Thu, 01 Dec 2022 02:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2991
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77294363fc29b4ed-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a98f82d2ecb0ce80de9b393e33c7d97b
c431a7ac9d33902d8a1ce508b55afe8974e3fe5f
3b55a3b3d11a87172c61c9daacb7f5a68e401400a3318c84cd9d4248c2a29c40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5282
Cache-Control: max-age=122972
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:09 GMT
Etag: "63875dcf-117"
Expires: Fri, 02 Dec 2022 15:10:41 GMT
Last-Modified: Wed, 30 Nov 2022 13:42:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

mc.yandex.ru/watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1633%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1164445244833%3Ahid%3A169810309%3Az%3A0%3Ai%3A20221201050107%3Aet%3A1669870868%3Ac%3A1%3Arn%3A321183957%3Arqn%3A1%3Au%3A1669870868191529963%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A30%2C233%2C199%2C0%2C655%2C0%2C%2C506%2C4%2C%2C%2C%2C1630%3Ans%3A1669870865741%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669870868%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29

87.250.251.119

200 OK

419 B

URL HTTP/2
mc.yandex.ru/watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1633%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1164445244833%3Ahid%3A169810309%3Az%3A0%3Ai%3A20221201050107%3Aet%3A1669870868%3Ac%3A1%3Arn%3A321183957%3Arqn%3A1%3Au%3A1669870868191529963%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A30%2C233%2C199%2C0%2C655%2C0%2C%2C506%2C4%2C%2C%2C%2C1630%3Ans%3A1669870865741%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669870868%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size
419 B (419 bytes)
Hash
8200c4676241b8aa34f9e55252ba3fed
734bba829be73ae7981fe2cb96128d8134851442
2731a68999417a1cd8ba37512e0c2f32354824ad40d3313d8e2a9a67823816f8

HTTP Headers

GET /watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1633%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1164445244833%3Ahid%3A169810309%3Az%3A0%3Ai%3A20221201050107%3Aet%3A1669870868%3Ac%3A1%3Arn%3A321183957%3Arqn%3A1%3Au%3A1669870868191529963%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A30%2C233%2C199%2C0%2C655%2C0%2C%2C506%2C4%2C%2C%2C%2C1630%3Ans%3A1669870865741%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669870868%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l12.datingtopia.com
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 419
date: Thu, 01 Dec 2022 05:01:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://l12.datingtopia.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 05:01:09 GMT
last-modified: Thu, 01-Dec-2022 05:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/48184178?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1633%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1164445244833%3Ahid%3A169810309%3Az%3A0%3Ai%3A20221201050107%3Aet%3A1669870868%3Ac%3A1%3Arn%3A321183957%3Arqn%3A1%3Au%3A1669870868191529963%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A30%2C233%2C199%2C0%2C655%2C0%2C%2C506%2C4%2C%2C%2C%2C1630%3Ans%3A1669870865741%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669870868%3At%3APreeland&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)

87.250.251.119

302 Found

6.5 kB

URL HTTP/2
mc.yandex.ru/watch/48184178?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1633%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1164445244833%3Ahid%3A169810309%3Az%3A0%3Ai%3A20221201050107%3Aet%3A1669870868%3Ac%3A1%3Arn%3A321183957%3Arqn%3A1%3Au%3A1669870868191529963%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A30%2C233%2C199%2C0%2C655%2C0%2C%2C506%2C4%2C%2C%2C%2C1630%3Ans%3A1669870865741%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669870868%3At%3APreeland&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size
6.5 kB (6524 bytes)
Hash
eef3f5d216d5f64e58582319f59c5de1
60c9b2ed12a553187183a022ae9a1aeff5bd0fb2
bcf174434b3285b87f569adbd7eaaf270e6ca4907a9400f7ecba924f16889113

HTTP Headers

GET /watch/48184178?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1633%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1164445244833%3Ahid%3A169810309%3Az%3A0%3Ai%3A20221201050107%3Aet%3A1669870868%3Ac%3A1%3Arn%3A321183957%3Arqn%3A1%3Au%3A1669870868191529963%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A30%2C233%2C199%2C0%2C655%2C0%2C%2C506%2C4%2C%2C%2C%2C1630%3Ans%3A1669870865741%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669870868%3At%3APreeland&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1633%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1164445244833%3Ahid%3A169810309%3Az%3A0%3Ai%3A20221201050107%3Aet%3A1669870868%3Ac%3A1%3Arn%3A321183957%3Arqn%3A1%3Au%3A1669870868191529963%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A30%2C233%2C199%2C0%2C655%2C0%2C%2C506%2C4%2C%2C%2C%2C1630%3Ans%3A1669870865741%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669870868%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 01 Dec 2022 05:01:09 GMT
access-control-allow-origin: https://l12.datingtopia.com
set-cookie: yandexuid=420455521669870869; Expires=Fri, 01-Dec-2023 05:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=420455521669870869; Expires=Fri, 01-Dec-2023 05:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1650159421669870869; Path=/; SameSite=None; Secure
i=fwtxwbiNxICcENbwdwFWfV+Hm5lJFo5ghwCvl3D6VagZaXbjmYA//mfT9f/gysEKOMNqCtlZ5JNLaO0GyQLP1x3dZ7E=; Expires=Sun, 28-Nov-2032 05:01:08 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701406869.yc.1669870869#1701406869.yrts.1669870869#1701406869.yrtsi.1669870869; Expires=Fri, 01-Dec-2023 05:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 05:01:09 GMT
last-modified: Thu, 01-Dec-2022 05:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

cdn-dt.fcdn.info/swpush.min.js

104.21.234.86

200 OK

24 kB

URL HTTP/2
cdn-dt.fcdn.info/swpush.min.js
IP
104.21.234.86:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (34449)
Size
24 kB (24530 bytes)
Hash
b3861a3de2c530c0bbc1d9cd0342e06a
ba364acae757037bd184c99991bea9cc1403936f
dda691e5dcff50a28ed69811bf25a45a7005036373c113aef1e44c77cbbe6c46

HTTP Headers

GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:01:08 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 669887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPQoIsxtsw2ZiLepGsCKz7vgHT6Xf5pKp1a6Ot8boondzAVsBBw16jIUvP8r5ih5w4eaD1smWZe%2BVdy6QvKxl75Lw0U4wnb3IID8QeME3wmDVYtks9tECa9%2Bj6OFLQupts02"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77294361196972c7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d

188.114.96.1

204 No Content

0 B

URL HTTP/2
subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d HTTP/1.1
Host: subscribe.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://l12.datingtopia.com/
Origin: https://l12.datingtopia.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 01 Dec 2022 05:01:09 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMMlImMoatBBeiy81oCR7vNqr4%2BrEoG%2Fg%2B4s7jtsW4G4i5vW2VAotDKW%2FIgSxetkl1Gsv%2FksL7lbRLgYYQrDvmzdFB2aMm0mBIPxp3EpNLpn1O6YqdoSlJRmq%2FIKeFDE%2BeKkajRCgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772943647ff6b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

app.swpush.com/get-keys

188.114.96.1

200 OK

4.3 kB

URL HTTP/2
app.swpush.com/get-keys
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2147), with no line terminators
Size
4.3 kB (4252 bytes)
Hash
dcaa339f63e6a52962a8e6fb2284cf1c
d7f4dec8b813ec98357c322f195f36bcdd356697
35fb25c8407b55b8f9d118b1a35ab243fd885685ad26e871c4daf9bf7208f325

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie
Content-Length: 89
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:01:09 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp4g7kKEsBBvH6hiejMX%2FtaajJfChgsxzjJFq2i7Q02Mu2BPYq5yJ1cBS%2FDZ55dw2yu9vwWjvx8HAgyfW%2BBQY3p26Q3G5Dq9kWTr5kKXv5%2F%2FaTzxSyu2focIDSqLKD8Bww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77294362df16b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d

188.114.96.1

200 OK

5 B

URL HTTP/2
subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

HTTP Headers

GET /subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d HTTP/1.1
Host: subscribe.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:01:09 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzqBiGN%2Fztx5F1vBOPQqzEHS0vhayVDBFT8w%2Bx4oo8FVZiT0WBbWfdwBZ%2Bv5wlONSGDziYzmBVhKiaMxwjN%2BjbfM8yZzdl3aLWL8HI6dNii8gSjsU7kUfBLy0Xx%2FjIqs5XELOQ%2FcYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7729436578a8b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mc.yandex.ru/metrika/advert.gif

87.250.251.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 05:01:09 GMT
access-control-allow-origin: *
etag: "63875d46-2b"
expires: Thu, 01 Dec 2022 06:01:09 GMT
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

509 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
509 B (509 bytes)
Hash
58d8234a02b744d331e9d68cd1b46ea4
5a1c2bdd7b6a6d1939206cbcceb5680ce37073b1
d56d1c1b4ac9a6374990177e64bfddb4ca239ca70efbed4c0bb4470131c861e8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:01:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3620
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:01:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1df312f-7c86-4a62-be1e-1a72c9b2d228.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1df312f-7c86-4a62-be1e-1a72c9b2d228.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
72735620afafb0d8d91b6d83cf292298
9de2fd7c375e92fd60444dc677cf09428393eff3
9dd40d4adf9e3dacb962cc6e1bd00d38473125567eb2b57eef643be972dfe69f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1df312f-7c86-4a62-be1e-1a72c9b2d228.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: 9474178d-c342-498a-996d-1ef3b804f1a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cWh0hEx_oAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385b01c-33e27513010fdec8627942be;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 07:09:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4R5jPnETZnbrWCUXoWvq3FTs_NOJMQWCaHbK321P4qqRgv05JtR1kA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 07:18:56 GMT
age: 78133
etag: "9de2fd7c375e92fd60444dc677cf09428393eff3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10985 bytes)
Hash
f07f254d44ff2fb86ee22cee39ef3eb0
0660a548a491d4a58ca2246f094f0553437c3f61
859b2416d638b1dc91ff563800517124b38d45b4c5db99e21539c1700829dbe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: ef9e5eb9-b7b3-41e9-9837-a5979ab35d94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91OFzsoAMFcew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-53b152c0027d26e52383e27e;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F_ZBWwAOPbEjvMD1ChrgN9QYUyyFYdtRT6CcX6gviowmeinPRgVtnA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:19:21 GMT
age: 2508
etag: "0660a548a491d4a58ca2246f094f0553437c3f61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10437 bytes)
Hash
291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q9y5-OF59ODaZRd9YFFdM2rIH0bYYyIT40rCwr8cBwBQd0GOqtNobg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:08:51 GMT
age: 24738
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9993 bytes)
Hash
70afa08b7d0b64772b90ae190689e6c1
527cf32104041423176fadd3cfc2120fe63f6bfc
31ebf9decb53b8180922c4b10d0427aba95a802246a5ced8ec368d814a33b843

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9993
x-amzn-requestid: 7d7febbc-2bdf-44e9-9727-9c56b5bcb138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1VNFZiIAMFV-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cf54-1f89231026a9b5c467324134;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Zc0QAEb9prX_ZBUYuD-407TwT2ATljy_OTmUNq31I9udG16Dx3JWtw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:00:48 GMT
age: 25221
etag: "527cf32104041423176fadd3cfc2120fe63f6bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4762 bytes)
Hash
d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 08:50:17 GMT
age: 72652
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4409 bytes)
Hash
b8802d5080eb35e4052ef31cf7658650
1e78566f2e69268c5f753fb49112ab07aae3eccf
9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4409
x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz7XEE2IAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 25884
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1426921724108509&ev=PageView&dl=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&rl=&if=false&ts=1669870868202&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669870868201.527768265&it=1669870867717&coo=false&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1426921724108509&ev=PageView&dl=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&rl=&if=false&ts=1669870868202&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669870868201.527768265&it=1669870867717&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1426921724108509&ev=PageView&dl=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3D0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T%26lptoken%3D168d698b870d26fa672b%26cid%3Dwu37a1pf40h3itrk2get8oie&rl=&if=false&ts=1669870868202&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669870868201.527768265&it=1669870867717&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 01 Dec 2022 05:01:10 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&gjid=1806118152&_gid=1913740008.1669870868&_u=IEBAAEAAAAAAACAAI~&z=12146186

74.125.131.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&gjid=1806118152&_gid=1913740008.1669870868&_u=IEBAAEAAAAAAACAAI~&z=12146186
IP
74.125.131.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&gjid=1806118152&_gid=1913740008.1669870868&_u=IEBAAEAAAAAAACAAI~&z=12146186 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Content-Type: text/plain
Origin: https://l12.datingtopia.com
Content-Length: 0
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://l12.datingtopia.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Dec 2022 05:01:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&_u=IEBAAEAAAAAAACAAI~&z=306282076

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&_u=IEBAAEAAAAAAACAAI~&z=306282076
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&_u=IEBAAEAAAAAAACAAI~&z=306282076 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 05:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&_u=IEBAAEAAAAAAACAAI~&z=306282076

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&_u=IEBAAEAAAAAAACAAI~&z=306282076
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=1641539941.1669870868&jid=1332807512&_u=IEBAAEAAAAAAACAAI~&z=306282076 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 05:01:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:01:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie

104.21.65.62

200 OK

0 B

URL HTTP/2
l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie
IP
104.21.65.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=0HhwfNcR_I9pqSI2d5owZdkOqY62Mg2VIn3F5IYiwVo-UN8mWPzZirUv6DAZlTYcgnoeqlFbYnvFXrNAuWXLl5sS7eEnH_qFgevtj2m0utUzeXTGUoZ5Yf5f9682nIpygrU3Nwfndrq1hj2yqiut7Hd6LyGS9r5UChpnYTymPEJAaK1VVeLNr5DATclhDBuwUMqqqNGoxblXMIV3r4Y7ALwik204mFiwl6stGGmZzkaHsG6zekpbePkaer4GSRLWhFS6Bt6xpzlpYqRq9LXJmXkq6egBtalmsutlKYFu4il7BemB3U3_lld2Xo7SiuUGknGmR-w3isk4jTmH_3_LpwXIMYcaV1dwhS4W8eLvP7fd1T6_L-DTV3R-g5IY0ccj7-noZDn0n5QcA6QocTeqvhny_OQuOhHnt-lYN_VhxyymgenmuWB_AXb3ELzBU6jJbT6jC8YUAXQGx2l60TDwfIC9Qt9OmTemINR5x8h6HY6L9MuVujUuqb_0x31Zbt9T&lptoken=168d698b870d26fa672b&cid=wu37a1pf40h3itrk2get8oie HTTP/1.1
Host: l12.datingtopia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:01:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.12
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI%2B5zgS%2B9ZolFQpvvMKN2UmhGDGiqCagL7dOkcfOPZ7dQIOWSgD5NR%2BpGkutAWzQ3mYr7L3XQAujE%2BcO5vXi8CJmGHG4rU0oOzg4JAu2gcW1zV1blJOvKpBK49EHoEflBD485T2V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7729435d2ff10b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjam.com/cdn/sw.min.js

188.114.97.1

200 OK

0 B

URL HTTP/2
cdnjam.com/cdn/sw.min.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/sw.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:01:09 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"b585b42672057da38c103f8002eaf012"
last-modified: Thu, 17 Mar 2022 13:12:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8D719DDEB8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3666
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdxpofAmfHG3BeyR5TviXn1CdIqgkRgCZk03zVIp1Ko%2BiI5Bn5PNno6Xgrk8C%2Bw29NVekx427UOsoZ8r6v%2Bi5KHkyL9JU1KWoqjLX7iP4zVFHJOSr7qoeHu6Rya9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772943640f3ab506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations