veneratedfeet.wiki/?id=9d088641-e9e4-48e4-8b3e-9123671fa8f1&u=141&t=Y2xvaHJAd2luY2hlc3RlcmVxdWlwbWVudC5jb20=
46.21.22.40302 Found 0 B URL HTTP/1.1 veneratedfeet.wiki/?id=9d088641-e9e4-48e4-8b3e-9123671fa8f1&u=141&t=Y2xvaHJAd2luY2hlc3RlcmVxdWlwbWVudC5jb20=
IP 46.21.22.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?id=9d088641-e9e4-48e4-8b3e-9123671fa8f1&u=141&t=Y2xvaHJAd2luY2hlc3RlcmVxdWlwbWVudC5jb20= HTTP/1.1
Host: veneratedfeet.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.18.0
Date: Sat, 03 Dec 2022 18:22:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Location: https://www.singlesrussian.com/index.php/promote/click?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6064
Cache-Control: max-age=150605
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:22:11 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 12:12:16 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7920
Expires: Sat, 03 Dec 2022 20:34:11 GMT
Date: Sat, 03 Dec 2022 18:22:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 18:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 132
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14044
Expires: Sat, 03 Dec 2022 22:16:16 GMT
Date: Sat, 03 Dec 2022 18:22:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d2DFy1j1MsQbZkbQAvuZQWdQILEOXlG2ByRPhjUe+znjf6ycrQ8FcmbkoQrtfznpuI9EN70xlRY=
x-amz-request-id: YYXX0N0PVEKNS3CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 17:46:39 GMT
age: 2133
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 18:08:58 GMT
cache-control: public,max-age=3600
age: 794
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d5716f59d2b73da8fbbf668537ad4936
b705d0fc217bababf2512f01290f0045a1e617e6
3ff9cff35197de5075372094c719ef393928bee30ac0d116478549cf871250b1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 18:22:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 23:10:24 GMT
Expires: Fri, 09 Dec 2022 23:10:23 GMT
Etag: "b705d0fc217bababf2512f01290f0045a1e617e6"
Cache-Control: max-age=535090,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773e538f3a0bb51e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6006
Cache-Control: max-age=145485
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:22:12 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:46:57 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YTCODvdEin+cTifsM5xwpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kqq+l99IlrzAv5Ls4gz6Lkd3Abk=
www.singlesrussian.com/index.php/promote/click?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
18.144.111.139302 Found 20 B URL HTTP/2 www.singlesrussian.com/index.php/promote/click?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
IP 18.144.111.139:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /index.php/promote/click?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 03 Dec 2022 18:22:12 GMT
content-type: text/html; charset=UTF-8
content-length: 20
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
set-cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; path=/
owner_id=CP281192; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
adv_id=1477; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
adv_type=1; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
subaffid=US; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
source_id=Email; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
adv_ldp_id=CD343002; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
qpid_offer_id=SSR_835912TODSI; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
website_id=102; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
adv_click_history_id=673581885; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D; expires=Fri, 03-Mar-2023 18:22:12 GMT; path=/
location: https://www.SinglesRussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
18.144.111.139200 OK 24 kB URL HTTP/2 www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
IP 18.144.111.139:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5899), with CRLF line terminators
Hash 15a8878577b6ddf4fa58f8ca52fb055b
4c861586849b490b8d0dd329dad9fc862f308aba
fa027aa52681af57f397bbd8a4e9e83f11365d6fbaac92d2a29f79bfbec09626
GET /qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:13 GMT
content-type: text/html; charset=UTF-8
content-length: 23754
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9035
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:22:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3492c575a150dda1a1f5e1009d4e21f
163171cf1b9f576eb4079c359541a26368ba6620
0db9d4aecc91335da8e7b0d67e37c5a1acbced952c085487492754ae207ff6f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DB9D4AECC91335DA8E7B0D67E37C5A1ACBCED952C085487492754AE207FF6F2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11774
Expires: Sat, 03 Dec 2022 21:38:28 GMT
Date: Sat, 03 Dec 2022 18:22:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9035
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:22:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9035
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:22:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9035
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:22:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:54 GMT
age: 74660
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:36 GMT
age: 73718
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tp50A9LYeT1RvSPImBUoQNKtarPryKb8Zacm_nxqDh-gegwdQov7Nw==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:50:52 GMT
age: 52282
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 70990
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 44914
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 44484
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=2c0d158119eeb88bbe1cc78c3f8a863a&rt=click&p=CP281192&a=US&cmp=SSR_835912TODSI&rf=
35.190.72.161200 OK 2.7 kB URL HTTP/2 fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=2c0d158119eeb88bbe1cc78c3f8a863a&rt=click&p=CP281192&a=US&cmp=SSR_835912TODSI&rf=
IP 35.190.72.161:0
File type ASCII text, with very long lines (2710), with no line terminators
Hash f6a38eca4dff576eaa445fdf984abe99
8dacce379586aefe5750592bbd92d01625d40dc3
49330d9c567518c159c788fe2647a459efcdb9c7337c434cd3127c2d865f2060
GET /js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=2c0d158119eeb88bbe1cc78c3f8a863a&rt=click&p=CP281192&a=US&cmp=SSR_835912TODSI&rf= HTTP/1.1
Host: fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: 0
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 0
pragma: no-cache
date: Sat, 03 Dec 2022 18:22:14 GMT
access-control-allow-origin: *
content-type: application/javascript
content-length: 2710
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3492c575a150dda1a1f5e1009d4e21f
163171cf1b9f576eb4079c359541a26368ba6620
0db9d4aecc91335da8e7b0d67e37c5a1acbced952c085487492754ae207ff6f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DB9D4AECC91335DA8E7B0D67E37C5A1ACBCED952C085487492754AE207FF6F2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11774
Expires: Sat, 03 Dec 2022 21:38:28 GMT
Date: Sat, 03 Dec 2022 18:22:14 GMT
Connection: keep-alive
www.singlesrussian.com/qa/register02/images/logo.png
18.144.111.139200 OK 13 kB URL HTTP/2 www.singlesrussian.com/qa/register02/images/logo.png
IP 18.144.111.139:0
File type PNG image data, 271 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash df946f336dc442963303abaf4164a74d
3ec96342e8be375e7cb7fb2c4bbe0a4333cf2e65
01af05cdda94d508a19c4eead16de36e49aafeea65301c8896bf8d76b58a7321
GET /qa/register02/images/logo.png HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: image/png
content-length: 12628
last-modified: Fri, 03 Apr 2020 06:50:55 GMT
etag: "3154-5a25d56d17805"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/register02/css/animate.css
18.144.111.139200 OK 4.4 kB URL HTTP/2 www.singlesrussian.com/qa/register02/css/animate.css
IP 18.144.111.139:0
File type ASCII text, with very long lines (52592), with CRLF line terminators
Hash 6a4206f24d86fcdc27b7d3738db71a65
4bce89647b3be48d6708697fe1c92220bba0de01
f2cfeb0fb2123770d38edadf91710d9f3f28ca7d2d0d3c52c5b5f8fb4e5b4f8f
GET /qa/register02/css/animate.css HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: text/css
content-length: 4435
last-modified: Fri, 03 Apr 2020 06:50:48 GMT
etag: "ce3f-5a25d56680fa5"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/register02/css/layout.css?v1
18.144.111.139200 OK 3.2 kB URL HTTP/2 www.singlesrussian.com/qa/register02/css/layout.css?v1
IP 18.144.111.139:0
File type Unicode text, UTF-8 text, with very long lines (371), with CRLF line terminators
Hash 4a7e8bb44e4db60553286673a04dd61e
f7000d37c76bd00fcb396737965176be31e2f9d3
6f68469c4f110dfa7753cd3a215f8967a9cf3c5d6ab51813fe201675733f24dc
Analyzer Verdict Alert fortinet Phishing
GET /qa/register02/css/layout.css?v1 HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: text/css
content-length: 3222
last-modified: Fri, 03 Apr 2020 06:50:49 GMT
etag: "2ace-5a25d566a078d"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/register02/css/Style.css?1.0
18.144.111.139200 OK 2.8 kB URL HTTP/2 www.singlesrussian.com/qa/register02/css/Style.css?1.0
IP 18.144.111.139:0
File type ASCII text, with very long lines (416), with CRLF line terminators
Hash 9841746cdb0e571c0f08a701bdd445a7
9cbdf20d211c9208ef33ac8002ae95faa605e79b
a74b8ffa83263649fea7e46ee6e4eb3ca705440e46f278047cabb8d2e180b2ae
GET /qa/register02/css/Style.css?1.0 HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: text/css
content-length: 2782
last-modified: Wed, 07 Jul 2021 09:04:53 GMT
etag: "2774-5c684d4e31392"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/common/js/my_validate_index2.js
18.144.111.139200 OK 2.9 kB URL HTTP/2 www.singlesrussian.com/common/js/my_validate_index2.js
IP 18.144.111.139:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f1e757f7e2374c7b7162906a20688af2
ca928406b98b3611e9f23ac3157c8a116eb332a6
4cc7f63506663396d396c9e81fdda9310abfe101cfa63e57411b1263c0d1f803
Analyzer Verdict Alert fortinet Phishing
GET /common/js/my_validate_index2.js HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 2851
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "2560-5b138acc60a3b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/common/js/jquery.cookie.js
18.144.111.139200 OK 1.4 kB URL HTTP/2 www.singlesrussian.com/common/js/jquery.cookie.js
IP 18.144.111.139:0
Hash 00cfb5c8c7ec0b51b1dfb190279d570f
468f6fe01079afbcf53594f1065847f04165e249
0585e143aba785df6fb525229dd5e3466227cecc87e913459f0444e732fbf15c
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.cookie.js HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1378
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c31-5b138acc863cb"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/common/js/auto_email/autoComplete.css
18.144.111.139200 OK 376 B URL HTTP/2 www.singlesrussian.com/common/js/auto_email/autoComplete.css
IP 18.144.111.139:0
File type ASCII text, with CRLF line terminators
Hash fa161ac586a052c4476ed190ac1571e0
95bf7bc6541743739aa6d9f185d398e36dc9ce6c
f514e2d195768146c7b6453b788d6fdeb1df19ee6e5b017e0e9a1003a8e5c662
GET /common/js/auto_email/autoComplete.css HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: text/css
content-length: 376
last-modified: Fri, 09 Oct 2020 08:24:17 GMT
etag: "27d-5b138acba794b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/common/js/auto_email/jquery.autoComplete.js
18.144.111.139200 OK 1.0 kB URL HTTP/2 www.singlesrussian.com/common/js/auto_email/jquery.autoComplete.js
IP 18.144.111.139:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d4b600f68461a491b71e88dc6f0173e1
7e20eb3d42dfec881deb87d3c2d6aad1c40aca0f
c5dc9fb6467bc20ff42141ea247397131baf1e1d6240d0dd66eb62f2cf87c74a
Analyzer Verdict Alert fortinet Phishing
GET /common/js/auto_email/jquery.autoComplete.js HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c56-5b138acbfdc33"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.singlesrussian.com/common/js/jquery.min.js
18.144.111.139200 OK 35 kB URL HTTP/2 www.singlesrussian.com/common/js/jquery.min.js
IP 18.144.111.139:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 28ca33b476a0e86fa59725bdb38c7f2f
120531fc57923e78104a0aacee05c53cecbfd61f
ffbc181a3d82af401ee3645d08b10d739c12222da179cd5ec2dc67016d7c93a3
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.min.js HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 34763
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "17278-5b138accbfdab"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:22:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK 90 kB URL HTTP/2 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP 35.190.36.172:0
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt02S-RgY2VUpkCfdiNojMwyjK9Ax-c73hX4dJswIZWm-RVgTVSZ8lbGbDLcWFKjf1DYAXLar30tEACxhJJe-8w5RIXm291
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
content-language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 89647
server: UploadServer
date: Sat, 03 Dec 2022 17:29:00 GMT
expires: Sat, 03 Dec 2022 18:29:00 GMT
cache-control: public, max-age=3600
age: 3194
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
etag: "e0eff30579598f76147c9ea12f490d21"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-522SDJ
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-522SDJ
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9d89044730f7b8a1c58a2f50acc0030b
45d1e22c79c823b21cd13ee4f156a7caab9e90bf
33e850f3cfcfd6236e8fc4969c56f987f2514474c2f1730c07214b120231a367
GET /gtm.js?id=GTM-522SDJ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 18:22:14 GMT
expires: Sat, 03 Dec 2022 18:22:14 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45694
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 9d8fd40aeb216080b517684b48c1bd5f
4f66ba9db6f3bccfb164ad173b509152c49b1f13
eb448ef8ce5ca754baa1c4779f44bb2134de7f137ffba734d77b63ed4e0bdea2
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 03 Dec 2022 18:22:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 03:53:11 GMT
Expires: Sun, 04 Dec 2022 03:53:11 GMT
ETag: "4f66ba9db6f3bccfb164ad173b509152c49b1f13"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:22:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flx808.lporirxe.com/flp/ncvp.js?c=808&i=1670091733
104.18.156.225200 OK 11 kB URL HTTP/2 flx808.lporirxe.com/flp/ncvp.js?c=808&i=1670091733
IP 104.18.156.225:0
Hash e6a30d4ef5eaccb5d35d0eb5dc740052
42740eec442f77afdb474126b88300330ef2473a
b962548be39783badbf3c462775ada9eddb95b9bc6e4e5c0c313c54fb6e524aa
GET /flp/ncvp.js?c=808&i=1670091733 HTTP/1.1
Host: flx808.lporirxe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: application/javascript
content-length: 11218
last-modified: Wed, 30 Nov 2022 23:31:48 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 3326
expires: Sun, 04 Dec 2022 18:22:14 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
server: cloudflare
cf-ray: 773e539f6c3cb506-OSL
X-Firefox-Spdy: h2
aux.fqtag.com/aux/d
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/d HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 229
Origin: https://www.singlesrussian.com
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sat, 03 Dec 2022 18:22:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/register02/images/pattern.png
18.144.111.139200 OK 831 kB URL HTTP/2 www.singlesrussian.com/qa/register02/images/pattern.png
IP 18.144.111.139:0
File type PNG image data, 709 x 709, 8-bit/color RGB, non-interlaced\012- data
Size 831 kB (830650 bytes)
Hash 43b541688b8e3de8e90cde1f849d63c9
b757897621cb8c946ff64e473121e85d69c01259
550354f9dbf9602e01d868240ce1855acce334e0fea2a7c46a241d195b10fcdf
GET /qa/register02/images/pattern.png HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02/css/Style.css?1.0
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: image/png
content-length: 830650
last-modified: Fri, 03 Apr 2020 06:50:57 GMT
etag: "cacba-5a25d56f2e69d"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/register02/images/lady01.jpg
18.144.111.139200 OK 301 kB URL HTTP/2 www.singlesrussian.com/qa/register02/images/lady01.jpg
IP 18.144.111.139:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 414x644, components 3\012- data
Size 301 kB (301440 bytes)
Hash 7ed515773921408c669483a9177285da
4cdbdcbeca90ee7d68b98691c6e176e0131d8720
8d0f7f4e914d78a024259136f0b0d155b3118b1b9ecc281a4bfc2fd2b72dd514
GET /qa/register02/images/lady01.jpg HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: image/jpeg
content-length: 301440
last-modified: Fri, 03 Apr 2020 06:50:51 GMT
etag: "49980-5a25d56910bd5"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/register02/images/bg.jpg
18.144.111.139200 OK 482 kB URL HTTP/2 www.singlesrussian.com/qa/register02/images/bg.jpg
IP 18.144.111.139:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x1000, components 3\012- data
Size 482 kB (481993 bytes)
Hash 302f18edd0470ff596b30d1a6aca6b62
ad5309fa15e8c40dbe19731175c7a613145e823f
e752cebe8069c1c42dfda52602595e1851a4fe9f44a8dbd7897403edc037f678
GET /qa/register02/images/bg.jpg HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02/css/Style.css?1.0
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:22:14 GMT
content-type: image/jpeg
content-length: 481993
last-modified: Fri, 03 Apr 2020 06:50:50 GMT
etag: "75ac9-5a25d5680cbad"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 16:41:08 GMT
expires: Sat, 03 Dec 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 6067
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:22:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61747084-7&cid=1978207478.1670091734&jid=146444128&gjid=1575592780&_gid=317929977.1670091734&_u=YEBAAAAAAAAAAC~&z=1675041764
173.194.222.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61747084-7&cid=1978207478.1670091734&jid=146444128&gjid=1575592780&_gid=317929977.1670091734&_u=YEBAAAAAAAAAAC~&z=1675041764
IP 173.194.222.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61747084-7&cid=1978207478.1670091734&jid=146444128&gjid=1575592780&_gid=317929977.1670091734&_u=YEBAAAAAAAAAAC~&z=1675041764 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.singlesrussian.com
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.singlesrussian.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 03 Dec 2022 18:22:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:22:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aux.fqtag.com/aux/p
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/p HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 268
Origin: https://www.singlesrussian.com
Connection: keep-alive
Referer: https://www.singlesrussian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sat, 03 Dec 2022 18:22:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.singlesrussian.com/qa/images/favicon.png
18.144.111.139404 Not Found 254 B URL HTTP/2 www.singlesrussian.com/qa/images/favicon.png
IP 18.144.111.139:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a08cce52a8073e9562fd29bd4b5cd689
ce5f61ec712126600b7b9e4452d2eca119f24f5a
35a520f1f97939f89030a290c1d335c2552f83bb80f54550ccc69ef2c3be8c74
GET /qa/images/favicon.png HTTP/1.1
Host: www.singlesrussian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.singlesrussian.com/qa/register02.php?aid=1477&oid=CP281192&qpid_offer_id=SSR_835912TODSI&qpid_subid=US&qpid_clickid=9d088641-e9e4-48e4-8b3e-9123671fa8f1&source_tag=Email
Cookie: PHPSESSID=rjqa5u6hbchba5njjk7atkk0v3; owner_id=CP281192; adv_id=1477; adv_type=1; subaffid=US; source_id=Email; adv_ldp_id=CD343002; qpid_offer_id=SSR_835912TODSI; website_id=102; adv_click_history_id=673581885; qpid_click_id=9d088641-e9e4-48e4-8b3e-9123671fa8f1; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%221477%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP281192%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22SSR_835912TODSI%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A2%3A%22US%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A36%3A%229d088641-e9e4-48e4-8b3e-9123671fa8f1%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A5%3A%22Email%22%3B%7D; flv=kSD01TWIApTrMIzvDL2b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sat, 03 Dec 2022 18:22:16 GMT
content-type: text/html; charset=iso-8859-1
content-length: 254
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 74673
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2