Overview

URL social.medialinks.cc/files/hot_song.rar
IP199.115.115.102
ASNLEASEWEB-USA-WDC
Location United States
Report completed2022-10-01 03:04:35 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-01 2 social.medialinks.cc/files/hot_song.rar Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (17)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 21:46:18 UTC 13.224.103.25
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-30 21:45:49 UTC 93.184.220.29
mnemonic passive DNS irene-eux.com (2) 0 2022-09-21 16:06:22 UTC 2022-09-30 14:06:20 UTC 34.239.209.41 Unknown ranking
mnemonic passive DNS cartining-specute.com (1) 0 2021-01-31 23:37:43 UTC 2022-09-30 21:58:19 UTC 18.197.36.77 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-01 02:25:13 UTC 142.250.74.10
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS social.medialinks.cc (1) 0 2020-04-10 10:42:50 UTC 2022-10-01 03:04:15 UTC 199.115.115.102 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 52.89.20.60
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-30 05:18:50 UTC 69.16.175.42
mnemonic passive DNS fourth-4-cdn.com (14) 173683 2021-11-19 09:44:19 UTC 2022-10-01 01:07:57 UTC 23.88.123.143
mnemonic passive DNS example.org (1) 2333 2012-08-07 17:20:46 UTC 2022-09-30 13:45:06 UTC 93.184.216.34
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 13.224.103.24
mnemonic passive DNS ocsp.pki.goog (3) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-01 01:41:12 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-30 13:49:02 UTC 34.120.237.76
mnemonic passive DNS flirtyhoookup.com (1) 0 2020-03-26 11:26:33 UTC 2022-10-01 01:07:57 UTC 172.67.201.85 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 199.115.115.102

Date UQ / IDS / BL URL IP
2022-12-05 15:12:42 +0000
0 - 0 - 1 5fb6a.mdkjkj.wy5532.com/ 199.115.115.102
2022-12-05 14:35:28 +0000
0 - 0 - 1 www.19391.wu.wy5532.com/ 199.115.115.102
2022-12-05 14:06:39 +0000
0 - 0 - 1 khjghg.b862.fj.wy5532.com/ 199.115.115.102
2022-12-04 15:48:13 +0000
0 - 0 - 1 ybgiuif.bb.wy5532.com/ 199.115.115.102
2022-12-04 15:33:34 +0000
0 - 0 - 1 qwrer.79952.jz.wy5532.com/ 199.115.115.102

Last 5 reports on ASN: LEASEWEB-USA-WDC

Date UQ / IDS / BL URL IP
2022-12-06 04:08:56 +0000
0 - 0 - 1 tgrrre.7218.qr.wy5532.com/ 162.210.196.167
2022-12-06 03:40:30 +0000
0 - 0 - 1 shridurgadevelopers.com/avolks/prelogon/preau (...) 199.115.115.119
2022-12-06 02:48:32 +0000
0 - 0 - 1 33b42.xvtr.wy5532.com/ 162.210.196.167
2022-12-06 02:38:10 +0000
0 - 0 - 1 gzdqmvs.google.wy5532.com/ 207.244.67.218
2022-12-06 01:48:27 +0000
0 - 0 - 1 mjurr.55c9d.ad.wy5532.com/ 199.115.115.119

Last 5 reports on domain: medialinks.cc

Date UQ / IDS / BL URL IP
2022-11-10 11:40:44 +0000
0 - 0 - 1 social.medialinks.cc/files/scan0001.rar 81.171.22.5
2022-11-09 20:31:44 +0000
0 - 0 - 1 social.medialinks.cc/files/hot_song.rar 185.107.56.200
2022-11-09 02:37:30 +0000
0 - 0 - 5 social.medialinks.cc/files/hot_song.rar 185.107.56.199
2022-11-09 02:32:57 +0000
0 - 0 - 1 social.medialinks.cc/files/scan0001.rar 185.107.56.199
2022-11-08 11:42:39 +0000
0 - 0 - 3 social.medialinks.cc/files/hot_song.rar 81.171.22.7

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-11 16:12:46 +0000
0 - 0 - 13 mkkuei4kdsz.com/653/813.html 64.225.91.73
2022-10-06 22:47:38 +0000
0 - 0 - 14 mkkuei4kdsz.com/856/240.html 64.225.91.73
2022-09-26 01:21:09 +0000
0 - 0 - 1 ww17.jiggasha.com/awl/docusignOffice2017/docu (...) 93.115.28.104
2022-09-10 22:25:35 +0000
0 - 0 - 1 www.dapool.me/ 81.171.22.5
2022-09-08 17:53:42 +0000
0 - 0 - 2 ww1.ahly.com/ 64.190.63.136


JavaScript

Executed Scripts (8)


Executed Evals (20)

#1 JavaScript::Eval (size: 90, repeated: 1) - SHA256: 6c62e1035d91781258fef8d30617f55b5692ba56617087082c68069ddd95b168

                                        window.getComputedStyle(document.getElementById('__fhTestBlock2')).flexBasis === 'content'
                                    

#2 JavaScript::Eval (size: 33, repeated: 1) - SHA256: f543f9b1beb8bb051d13da0f873ab6801661e63d8b16b88b1af69ff098fb07c6

                                        'tab-size' in document.body.style
                                    

#3 JavaScript::Eval (size: 34, repeated: 1) - SHA256: 1793bf3a5d4ab2080846499c0d7bf8b754b9a0f515ae7685f09ab7b6f0e743a2

                                        Boolean(FileSystemDirectoryHandle)
                                    

#4 JavaScript::Eval (size: 57, repeated: 1) - SHA256: 93afe750f893331c7709e79b3b40b7122d4119cde3263346bdd3ad822216c2d7

                                        navigator.locks !== null && navigator.locks !== undefined
                                    

#5 JavaScript::Eval (size: 73, repeated: 1) - SHA256: 4339a0c1f2bef4619c2d2f4f3c90d08e012bcf418288c88da1ac89faccf36ec9

                                        typeof document.getElementById('__fhDateInput').showPicker === 'function'
                                    

#6 JavaScript::Eval (size: 38, repeated: 1) - SHA256: fe43b3c21a3b344dc633abee619610ebdbb8f1467c8a3ed3874c7c81f2ef5a86

                                        typeof self.reportError === 'function'
                                    

#7 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 92a69774ed25091a7d27f3692984ca2cf78cea3e730543b9d3a867ca3701fc5d

                                        'accent-color' in document.body.style
                                    

#8 JavaScript::Eval (size: 42, repeated: 1) - SHA256: 420ef951a9f49fcb514fde5a2d4bd07a98cf609fba23fcdc2fc660cb2cb10524

                                        CSSCounterStyleRule.negative === undefined
                                    

#9 JavaScript::Eval (size: 57, repeated: 1) - SHA256: d0a6a34dedec6d449895a2f8ab5a118069126807c15af12c1f0f63c2a0e76877

                                        for (let i = 0; i < who.length; i++) console.log(who[i]);
                                    

#10 JavaScript::Eval (size: 67, repeated: 1) - SHA256: 361a831d09ef76b907d6a416524915baec50c238905852e548fe0f2221a4620a

                                        typeof document.getElementById('__fhMyDialog').close === 'function'
                                    

#11 JavaScript::Eval (size: 25, repeated: 1) - SHA256: c0fee6b934b08df7fd5858201cc0c4127a85dc7d0c8fd8eb83d58cfcc1cac18a

                                        new Uint8Array([1]).at(0)
                                    

#12 JavaScript::Eval (size: 142, repeated: 1) - SHA256: 7c22b44f3ca365ec28b11ce4432231eea6de7569658bded3ac6c7b8644c51fd2

                                        let canvas2 = document.getElementById('__fhMyCanvas2');
let gl2 = canvas2.getContext('webgl');
gl2.getExtension('WEBGL_draw_buffers') !== null
                                    

#13 JavaScript::Eval (size: 92, repeated: 1) - SHA256: acb4db590b2797dcc50197ea1bad6bdfa76883bff09fd8ea23f0f21ae1fa0b60

                                        window.getComputedStyle(document.getElementById('__fhTestBlock')).color === 'rgb(255, 0, 0)'
                                    

#14 JavaScript::Eval (size: 24, repeated: 1) - SHA256: 2daeb3ad53fdaffdb2055a20bab28c77ea1cc1111862db83ac5e074d63a3e381

                                        Boolean(structuredClone)
                                    

#15 JavaScript::Eval (size: 44, repeated: 1) - SHA256: ef0cec074a1308361ef6b1a50fb53163d7dea6f35bfa7eaaa33d6f5cd853b4ba

                                        XRAnchorSet.prototype.hasOwnProperty('size')
                                    

#16 JavaScript::Eval (size: 158, repeated: 1) - SHA256: 5fd2b7ac06f14aa445293ae600a6650f7a44e5f0b1e100e2b864221aee71fd26

                                        let abortController = new AbortController();
let signal2 = abortController.signal;
abortController.abort('test2');
typeof signal2.throwIfAborted == 'function'
                                    

#17 JavaScript::Eval (size: 36, repeated: 1) - SHA256: 01c41e932bc9a6e9718861f97ad6fdb35bd4f2b699d11c479abb9788c1d52958

                                        Boolean(document.hasStorageAccess())
                                    

#18 JavaScript::Eval (size: 51, repeated: 1) - SHA256: 3906813149363f1ecb7fe2c95126d12999e7ddd966cfb00a50e446ea4423818a

                                        ShadowRoot.prototype.hasOwnProperty('onslotchange')
                                    

#19 JavaScript::Eval (size: 37, repeated: 1) - SHA256: 2d6f98223aee606d4b6ff2b57a1c847225406aa1380becd205bb685b3adf5871

                                        'aspect-ratio' in document.body.style
                                    

#20 JavaScript::Eval (size: 28, repeated: 1) - SHA256: a4f48a08d01416c2784a28ba62c656e9e732761d75534f41f69892d61280fc6a

                                        Boolean(crypto.randomUUID())
                                    

Executed Writes (0)



HTTP Transactions (43)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.103.25
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 02:16:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: EjP4UNSKpKxC52D1Sr8yz_4fw9clgtiqkyMx3aa-pW74YQP5BiQorA==
Age: 2888


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8022
Expires: Sat, 01 Oct 2022 05:18:06 GMT
Date: Sat, 01 Oct 2022 03:04:24 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.103.24
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 792f70324a941726ce7e749514e6fc3c.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: yYWHKM7Ri788zf04q-5KhjYnAJwzpm1FjiGE_LIjZZs2UPSDJbr9rQ==
age: 77757
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:24 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.103.25
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 01 Oct 2022 02:29:33 GMT
Expires: Sat, 01 Oct 2022 03:05:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: LyRP6vNw6B6QYlZykBsuBFmNbsmH1c5Hh_fOFcaCwNrcGIUy0BT9gg==
Age: 2092


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /files/hot_song.rar HTTP/1.1 
Host: social.medialinks.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         199.115.115.102
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 01 Oct 2022 03:04:25 GMT
location: http://irene-eux.com/zcvisitor/c105ac41-4135-11ed-9c57-0adea874c6c3/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97
server: nginx
set-cookie: sid=c0fece98-4135-11ed-bfa5-ab7aa2f7873d; path=/; domain=.medialinks.cc; expires=Thu, 19 Oct 2090 06:18:32 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5751
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 03:04:25 GMT
Last-Modified: Sat, 01 Oct 2022 01:28:34 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /zcvisitor/c105ac41-4135-11ed-9c57-0adea874c6c3/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97 HTTP/1.1 
Host: irene-eux.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         34.239.209.41
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sat, 01 Oct 2022 03:04:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: CPkyFvNq


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   996
Md5:    e8d753d9dd59f29698caa83c3007b045
Sha1:   68e15a89ac4397c9ce9d5a8dbd725768f5e0fdcf
Sha256: 6f75dd7f382858009ce814d8870ce0221ab882e0b0fa163954516cf9013c59d2
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dQkOfOKW367biTRnRvXNXg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         52.89.20.60
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a9TjElAq77s6YMzOhYIgIjLTJws=

                                        
                                            GET /zcredirect?visitid=c105ac41-4135-11ed-9c57-0adea874c6c3&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1 
Host: irene-eux.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://irene-eux.com/zcvisitor/c105ac41-4135-11ed-9c57-0adea874c6c3/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=692c4080-2de2-11ed-8859-0a918cbcbb97
Upgrade-Insecure-Requests: 1

                                         
                                         34.239.209.41
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sat, 01 Oct 2022 03:04:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: fORtiVrp


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (353)
Size:   792
Md5:    2dd85378316105f179bd55f87e4c133a
Sha1:   f7bd6d58984e85d6af80e04a6414045f47e5df25
Sha256: 48f6c4c8925ae416ca16fe7d8f10c20435ddb9cb397aad9d8042a87f31296ac2
                                        
                                            GET /zp-redirect?target=https%3A%2F%2Fflirtyhoookup.com%2F%3Futm_source%3D9WUo4qUVvJUz%26s1%3D719fbd40-273d-47b8-882f-683d1074b172%26s2%3Dwt8vegekr6uqk3ej21prcmbi&caid=465d002b-e1fb-45a6-8cd8-e79bdf03438e&zpid=c105ac41-4135-11ed-9c57-0adea874c6c3&cid=wt8vegekr6uqk3ej21prcmbi&rt=R HTTP/1.1 
Host: cartining-specute.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://irene-eux.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         18.197.36.77
HTTP/2 302 Found
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:25 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://flirtyhoookup.com/?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wt8vegekr6uqk3ej21prcmbi
pragma: no-cache
set-cookie: cc-v4=%2FDDKTF6wtgkpLrYAkDsAyrc4jBKJSeruSUdXYcL3zA3YCOPbwqehbTPAzLuIo2YAkYGlrTp6oL4WTDh6p25Qln%2Bde4woRVcw5LSo9F32teyyEV9pjsBmyOQFQ1CfgPcn%2BCt4pUQWgpxwEweQ4VJRSw%3D%3D; Max-Age=31536000; Expires=Sun, 01-Oct-2023 03:04:25 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flirtyhoookup.com
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Sat, 01 Oct 2022 03:04:26 GMT
content-encoding: gzip
content-length: 30288
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664593466.dop204.sk1.t,1664593466.cds242.sk1.hn,1664593466.cds072.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30288
Md5:    d549b312f7a7d228b4ec229a6547dfdc
Sha1:   0766794582ad530ec0f8c2595f741086afffa312
Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
                                        
                                            GET /css?family=Open+Sans:400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 01 Oct 2022 03:04:26 GMT
date: Sat, 01 Oct 2022 03:04:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1110
Md5:    a445bd1d4262a9a4a5019c7ba090c171
Sha1:   a513e6467fc5b81556829e908ced6e7ccc110121
Sha256: 605318773c5d1bae6ca41feeba162b3cb19b4ce633884736e9627950d3b4eaf2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flirtyhoookup.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:00:13 GMT
expires: Sun, 01 Oct 2023 03:00:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 01 Oct 2022 03:04:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/prizewheel.png HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 50509
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-c54d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 501 x 501, 8-bit/color RGBA, non-interlaced\012- data
Size:   50509
Md5:    28ed8963bde38b6c401e532646cd0fa6
Sha1:   d75ab697221ddb5214ed9d3ff9bc6c5872e0e87c
Sha256: 82f6481bfeea17e8b8cdfc10fae79e1657e659a3844d0210469b8277682923c4
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/spin.png HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 2867
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-b33"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 144 x 174, 8-bit colormap, non-interlaced\012- data
Size:   2867
Md5:    2e2f9b924f05edd36f2620417dc8fd8a
Sha1:   06e571eadff431921ae8777d9f491ff863b0b8df
Sha256: a91c46cf4a70ebc5c82cfd6d83f5961320ab66e75e1be56498843c41202336ff
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/bg1.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 38427
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-961b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 828x462, components 3\012- data
Size:   38427
Md5:    55d208ec569f9387e6f1f75b0da43ac2
Sha1:   7817fcdc56166810b78fa31689fc4ec7c87b3544
Sha256: c022495d116bef443df2fc664dc6ee3d42d1d9536bd6264d2d9f7757a1c634b8
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/giftbox.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 66155
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1026b"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=266, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=260], progressive, precision 8, 260x266, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 21601-26452, spot sensor temperature 0.000000, unit celsius, color scheme 0, show spot sensor, calibration: offset 0.000000, slope 1143141114685942466571403264.000000\012- data
Size:   66155
Md5:    4bd570b34ea937b97fb0cbc8fa523b3f
Sha1:   99d24b39c0ec694e3786eaec7ea334da4f07a080
Sha256: dc6aa6a26c44a2857f24f316e654106a6b04f1241c8874d35593978e0ae445d7
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/male3.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 6336
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-18c0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   6336
Md5:    0f009026daa99305e0fb7335717a1594
Sha1:   7a27f1ae443a36969f9f2689325b6e006c3dae39
Sha256: d1db668ef30403e132bab1de4720f1c9159e8ba03dc0f3d65d5bf95f3985b80a
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/male2.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 5897
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1709"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   5897
Md5:    24195ba1d62626c4289f21237387811c
Sha1:   be2a79acb8d5e4a70ac2e4b58be0dfd6f5c34ebf
Sha256: ccb8bb5abc7700fec0145db49ddf0cca3724ffbab0ea349dd70a4c7b0ef71e3f
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/female0.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 4031
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-fbf"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   4031
Md5:    753e95c58e533d2879c587fa36286caf
Sha1:   22d593ca6dfd930626703670895f9bbebf628eab
Sha256: 5f4f19c54559ae3660e76a4ffa8f11ea8d0ceb8930d75986c6595ffcd048e1fb
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/female1.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 5854
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-16de"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   5854
Md5:    00647cf479a4dfc4d86fbca73917b9f5
Sha1:   fa64f5b7685ecbe71d740ad73411bccba68b2aff
Sha256: 5bd4960f310603d603fb4643b0b5042bc8ed664dc75c2403c1fda586f1eca17c
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/female7.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 5160
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1428"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   5160
Md5:    aa74824e8dcbdfa396d34fcba51ec424
Sha1:   ef6aa223f2d83bbca0d8dca253752ed0d00f9bb0
Sha256: 1468690451b81be74fdf90ee11d190bb1d226560f532cf4a883b50fc5dfaebcc
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/female5.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 4071
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-fe7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   4071
Md5:    5c32974286ff67d7d6c869be1e3015b2
Sha1:   a8f32356a22420ab63cb28b346e4b86e3c765bc6
Sha256: 32a264ee05d1e480fa26d4ec5db1f22b10f0c1a46e17d2b9ad58e487c954d62c
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/male8.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 4335
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-10ef"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   4335
Md5:    2694abafaef4ab89dc89090e03b2620e
Sha1:   86b50b25da796fc68153cda261fca4d22776b30d
Sha256: 3560ff7cbc9e86c333fccefe248e3ea5cdade4e46f6b2fc85d84755896cb2e5a
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/male6.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 5992
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1768"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   5992
Md5:    fc19e1e3d5722e867f99e0dea95e2bf5
Sha1:   7cde4591b92f86f99954442a9b5515474f26d246
Sha256: 1826ce29b169f340874dab804f578b98adfabd7d974d9970e8f8e08d050e1397
                                        
                                            GET /assets/4eccc9820b6806be79871424f46e4fff/images/male4.jpg HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
content-length: 5488
last-modified: Thu, 18 Nov 2021 15:35:31 GMT
etag: "619672c3-1570"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Size:   5488
Md5:    333b7d239936731c61f71e46dbf9d56d
Sha1:   63b1844c73cfb06c4541d968f3b06852995bb7d4
Sha256: e55f3cdab57eb4084f7006cfe9f7f047e638e1b257a53498aaed14b83087152a
                                        
                                            GET /media.ext HTTP/1.1 
Host: example.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         93.184.216.34
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
accept-ranges: bytes
age: 312333
cache-control: max-age=604800
date: Sat, 01 Oct 2022 03:04:26 GMT
expires: Sat, 08 Oct 2022 03:04:26 GMT
last-modified: Tue, 27 Sep 2022 12:18:53 GMT
server: ECS (nyb/1D25)
vary: Accept-Encoding
x-cache: 404-HIT
content-length: 1256
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1256
Md5:    84238dfc8092e5d9c0dac8ef93371a07
Sha1:   4a3ce8ee11e091dd7923f4d8c6e5b5e41ec7c047
Sha256: ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 03:04:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 03:04:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 03:04:26 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Sat, 01 Oct 2022 04:14:38 GMT
Date: Sat, 01 Oct 2022 03:04:26 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46fd1600-2a91-4b2c-8b8b-5f8bdd64364a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3885
x-amzn-requestid: 6e42fb31-7c36-4551-b124-b4a31807a223
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlUaFjXIAMFbrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f4f-54e426f20cdec55272e3b9ec;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QEzjyCz02zrS4ZKJfaSPDI95gZJCMS8LrusxCQtsx1PjSkEYQwG0Ww==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 23:55:27 GMT
age: 11339
etag: "0ff6e67904c9e00a4e3dda9e5ef2007ec7426018"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3885
Md5:    0de8b7bbf1fbb1da9d346d6995a7b7a4
Sha1:   0ff6e67904c9e00a4e3dda9e5ef2007ec7426018
Sha256: 9c1e15fd02fb1129821410b33b60b3fede2338f7971bfd93b1547d12255d840b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5677
x-amzn-requestid: f37f77cd-dd19-4dec-809e-66a1fb604d88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASGLHDsIAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd5a-185f9b185ed35f7317b5c2d5;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:03:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iB6v8A5GEnhmZTth__pkgsa2TNPDzUOOAA-c7RcujjWmfnEUbnHaAw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 02:26:53 GMT
age: 2253
etag: "556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5677
Md5:    13768189ef98789892981b6a2d5947e4
Sha1:   556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689
Sha256: 09ca5624173c589b5e5db05b48a8822ec257f08395cb18ed635a771edcfc8af3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23b0da68-a440-4387-9d47-1617d8157f55.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8324
x-amzn-requestid: af70bb88-e30c-49ab-b307-19ee8449d616
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZS2iEHsIoAMFjnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376ad9-732337760d4982a407053c1e;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 22:16:57 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I1NrjG7oeZTY1y95-p8V3vVQ9W7k2flj9rni795fZ_Ei8qYv3BxLPA==
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:16:58 GMT
age: 17248
etag: "342e3be8998b548a7004c2a51c9910959b3747db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8324
Md5:    26b855e3a55a0cfd23896413332a5c05
Sha1:   342e3be8998b548a7004c2a51c9910959b3747db
Sha256: dfb620bbfa8adde25d578bc9baaa165324170b2f6bbcc2275f1a824267081ccb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb90508fe-e6b6-4ad0-9afc-67b46e4d0aa4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8734
x-amzn-requestid: 7a2713f7-e16b-4952-8e2f-76022bbbd7a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSzHfH3toAMFijw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376562-27b598460ce2f319598fdd72;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:53:38 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -aqIjL70ocOyhaZ8nQJUmCfDLBN0kkmTm2vY_xtwEsWZKi3DxHR8HQ==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:19:07 GMT
age: 17119
etag: "7eea9aa04c5a72c417a580ca45341a0b5adc72cf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8734
Md5:    1c475b8cc11fdaabbda170c6605d1391
Sha1:   7eea9aa04c5a72c417a580ca45341a0b5adc72cf
Sha256: 888de88ddad429a0bdb565b1f069dab4bea55a3b8a662c4efd9b75fd261dee3b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGavx8O81EFxKrW35F7DR7DlEEimY57XJaAQQSzQ03akSA7e7nFz8g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 04:40:12 GMT
age: 80654
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b0d9d19-67ea-434c-8233-4ac3ec9e78e7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6959
x-amzn-requestid: eaf91f33-2fe3-4ed5-b89c-6199c2f17651
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCF6toAMFSDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-3b8c7f290ffda97b2d179433;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qAOX_0r1sA_Bzn-UjQXmLObAYDyjiTU45aNSOPFt8ucUOyKfrw5ieg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:52:59 GMT
age: 18687
etag: "c09ee0f2be578f0067b2ed0237d565a04438147e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6959
Md5:    21e55a6ca7350ed834993a486e138de1
Sha1:   c09ee0f2be578f0067b2ed0237d565a04438147e
Sha256: 124ca8ae6e3f7c7bb28f0d47fa693753884261ed61896eccf7bc13f249fc8960
                                        
                                            GET /assets/f.js HTTP/1.1 
Host: fourth-4-cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flirtyhoookup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.88.123.143
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: nginx
date: Sat, 01 Oct 2022 03:04:26 GMT
last-modified: Wed, 06 Apr 2022 12:56:50 GMT
vary: Accept-Encoding
etag: W/"624d8e12-681"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /?utm_source=9WUo4qUVvJUz&s1=719fbd40-273d-47b8-882f-683d1074b172&s2=wt8vegekr6uqk3ej21prcmbi HTTP/1.1 
Host: flirtyhoookup.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://irene-eux.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.201.85
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Sat, 01 Oct 2022 03:04:25 GMT
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cross-origin-window-policy: deny
set-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTMxNTQ4bQAAAApLYlpxcnJqanhLbQAAAANoaWRtAAAAJEVrVXBzZ3FqY1JqQnNRTUxjeG16cWpMVlJCTEFLdFdkUGNRWG0AAAACaGxkAANuaWxtAAAABXN1Yl8xbQAAACQ3MTlmYmQ0MC0yNzNkLTQ3YjgtODgyZi02ODNkMTA3NGIxNzJtAAAABXN1Yl8ybQAAABh3dDh2ZWdla3I2dXFrM2VqMjFwcmNtYmltAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMb0xoenFRUXZ2V0ZP.GixPxJsfCyV5WEs21KJaGHjc_0akWCVvkbOCgNQL48s; path=/; expires=Sun, 01 Oct 2023 03:04:25 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcgMIpu4IsxdaNnGj5m0AGnEqND2dhCYMT8PMa7unQnQkuEIDu3hCYghCaCPVHgUgtjX%2F1AB04aoSu72EOTbKt24Op9BslQf66la%2FVjQhfLQisfM7Yr5z29nWnx7V8WdCloGfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7531f889a9bfb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---