Overview

URLerasmus-lean.eu/
IP 104.21.23.203 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-01 00:41:50 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-30 17:12:31 UTC 34.102.187.140
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-30 21:05:51 UTC 142.250.74.106
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-11-30 17:12:17 UTC 52.41.253.170
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-30 22:48:06 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-11-30 17:12:16 UTC 23.36.77.32
erasmus-lean.eu (5) 0 2018-05-05 20:02:08 UTC 2022-11-30 14:41:37 UTC 172.67.213.61 Unknown ranking
jqkkq.excelientdates.net (5) 0 2022-11-12 16:41:29 UTC 2022-11-30 13:16:03 UTC 63.32.216.166 Unknown ranking
www.gstatic.com (2) 0 2016-07-26 09:37:06 UTC 2022-11-30 22:12:22 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-30 17:13:24 UTC 34.117.237.239
cdn-dimi.akamaized.net (36) 0 2022-07-07 13:18:25 UTC 2022-11-30 19:58:52 UTC 184.31.15.67 Domain (akamaized.net) ranked at: 280
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-11-30 20:24:46 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-11-30 17:19:42 UTC 34.160.144.191
ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-11-30 17:12:14 UTC 142.250.74.131
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-11-30 17:26:07 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-01 2 jqkkq.excelientdates.net/ortb Phishing
2022-12-01 2 jqkkq.excelientdates.net/js/pushjs/1.0.0/subscriber.js Phishing
2022-12-01 2 jqkkq.excelientdates.net/js/pushjs/1.0.0/utils.js Phishing
2022-12-01 2 jqkkq.excelientdates.net/js/service-worker.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.23.203
Date UQ / IDS / BL URL IP
2022-12-31 14:42:29 +0000 0 - 0 - 4 erasmus-lean.eu/ 104.21.23.203
2022-12-02 04:41:42 +0000 0 - 0 - 4 erasmus-lean.eu/ 104.21.23.203
2022-12-01 00:41:50 +0000 0 - 0 - 4 erasmus-lean.eu/ 104.21.23.203
2022-11-26 22:41:55 +0000 0 - 0 - 4 erasmus-lean.eu/ 104.21.23.203
2022-11-26 06:41:46 +0000 0 - 0 - 5 erasmus-lean.eu/ 104.21.23.203


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-04 22:41:39 +0000 0 - 4 - 7 javgg.club/jav/ofje-353/ 104.21.29.138
2023-02-04 22:40:31 +0000 0 - 0 - 1 jias-silence-0aa6jiasjiasu.littlewhite267051. (...) 104.21.51.116
2023-02-04 22:39:39 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10348366032412 (...) 162.159.133.233
2023-02-04 22:39:14 +0000 0 - 1 - 0 www.jacr.org/action/consumeSharedSessionActio (...) 104.18.124.114
2023-02-04 22:39:13 +0000 0 - 1 - 0 secure.jbs.elsevierhealth.com/action/consumeS (...) 104.18.124.114


Last 5 reports on domain: erasmus-lean.eu
Date UQ / IDS / BL URL IP
2023-01-12 06:42:36 +0000 0 - 0 - 3 erasmus-lean.eu/ 172.67.213.61
2022-12-31 14:42:29 +0000 0 - 0 - 4 erasmus-lean.eu/ 104.21.23.203
2022-12-02 04:41:42 +0000 0 - 0 - 4 erasmus-lean.eu/ 104.21.23.203
2022-12-01 22:44:33 +0000 0 - 0 - 4 erasmus-lean.eu/ 172.67.213.61
2022-12-01 00:41:50 +0000 0 - 0 - 4 erasmus-lean.eu/ 104.21.23.203


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-05 08:49:43 +0000 0 - 0 - 4 recordformacion.es/ 104.21.74.156
2022-12-05 02:30:12 +0000 0 - 0 - 1 edecdc2096f.na.wy5532.com/ 185.107.56.197
2022-12-04 22:57:41 +0000 0 - 0 - 4 gdfvmhq.connatual.tk/e22d0 104.21.92.235
2022-12-04 12:16:36 +0000 0 - 0 - 4 mxvob.impreslvedates.com/c/da57dc555e50572d 52.19.101.114
2022-12-04 08:47:56 +0000 0 - 0 - 10 enspro.pl/ 104.21.61.249

JavaScript

Executed Scripts (24)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (79)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4224
Expires: Thu, 01 Dec 2022 01:52:03 GMT
Date: Thu, 01 Dec 2022 00:41:39 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 584
Cache-Control: max-age=122364
Date: Thu, 01 Dec 2022 00:41:39 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 10:41:03 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4887
Expires: Thu, 01 Dec 2022 02:03:06 GMT
Date: Thu, 01 Dec 2022 00:41:39 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 00:18:04 GMT
cache-control: public,max-age=3600
age: 1415
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Imlohd5seimiN9nG29+i323zl7/cEUJu7pTOmNJNfXw47pKfHhUjMFotKw/ua9pFEuQFYCAm+9o=
x-amz-request-id: G6KN6WCT7ANZC9KY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 23:46:03 GMT
age: 3336
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET / HTTP/1.1 
Host: erasmus-lean.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.213.61
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Thu, 01 Dec 2022 00:41:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2p%2B1C3xCU6xLLaelNB0X%2FLxMQrsXVJIggQAMdrq6Tr%2Bwl1LaofrWHraGIQIZfXgszWbMRgKH3%2Fddsi1lm6jvOC7trAVxNciMGwkMW2Ma0maXAdzdV08vfoi3Ys3OXWApSE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7727c74338151c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (48593)
Size:   42244
Md5:    a8e610759b6ed49f740ed215ff943718
Sha1:   f4c6f2b36aeed4d199daa3d36bf44e046b1e521f
Sha256: a817eea0308c56f84c8031a2ffc3aea22f6c628b2efe17bc8eb4bfd01a728284
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 01 Dec 2022 00:41:39 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /templates/crumbs/wp-content/themes/crumbs/assets/css/font-awesome.min.css HTTP/1.1 
Host: erasmus-lean.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://erasmus-lean.eu/

search
                                         172.67.213.61
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 00:41:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 04 Dec 2018 12:48:41 GMT
Vary: Accept-Encoding
ETag: W/"5c0677a9-791a"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhVifiOO%2BFYY%2Bt3rk1jPMqRQgJju3xpJa7aDMoslDcEUvOtF7tfumJVKrNJsmYqJlOzY3rankBfEr7NU3E6q%2BukIHyoqb%2FhLs2LZYGenZsvkj8kkKQfq%2FY3HrgWnxkYY9kU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7727c745f9381c02-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with very long lines (30839)
Size:   7953
Md5:    562dfb9750f196f924d9f733043f832a
Sha1:   e4b67d67c473a71116d865a8b4b0b277df46c74e
Sha256: 717be8b870f8b65bea0ae9bcb34180e43b8187dad2e23e30122a7df81b6a03c6
                                        
                                            GET /templates/crumbs/wp-content/themes/crumbs/style.css HTTP/1.1 
Host: erasmus-lean.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://erasmus-lean.eu/

search
                                         172.67.213.61
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Thu, 01 Dec 2022 00:41:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 May 2018 16:24:23 GMT
Vary: Accept-Encoding
ETag: W/"5b0ed037-47bf"
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQX6Ce3Hc%2BLgFkDXWWkzBcRGH%2Fk1eTwoCF54FNxNqFL8XuIj%2BgUG4KXo9Qekucz8qa9WocZ3kpXgPRtCbf%2BRYJt23jSyOZOtYZVZxb2BYKKXCZUV2ZNLVgjRg3dLzMPvyFY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7727c745fee80b65-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5210
Md5:    ac9180e0d28262fb33fa82bded385483
Sha1:   b6b842d17264e2a2f8db259ef44f67059d2e3588
Sha256: 9c468f14f4aeb0ca9fa69f0ad3f101003b4df7a224fd9a2138239262e2e7dfbe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 00:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /content/photos/1/15/7b/6d/c7/6d7bc7355cbe59ecdd77a052ff0441e6/ledsagare-hitta-hur-man-onanerar-flickor-av-horor-sidor-med-kvinnliga-eskorter-franska-porrfilmer-eskort-flicka-avallon.jpg HTTP/1.1 
Host: erasmus-lean.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://erasmus-lean.eu/

search
                                         172.67.213.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 00:41:39 GMT
Content-Length: 7484
Connection: keep-alive
Cache-Control: public, max-age=10368000
Expires: Sat, 25 Mar 2023 00:41:35 GMT
Last-Modified: Wed, 19 Oct 2016 00:07:46 GMT
Access-Control-Allow-Origin: *
Age: 187194
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqj9EIgfHClbZXN5iwTzRy0d42p9w9hvL56sdxccHAIMICEYbhh4tvUAs5fWSiJ2CDChC9wpfizqetfL5elf1FDuTy4SelM5wKuCkgkUzZqOCH0JLeQzi01UxZj9BGLOVw0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7727c746c97e1c02-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 180x135, components 3\012- data
Size:   7484
Md5:    2827dfd2f3237d23b33b4dc212d2022b
Sha1:   647001ad4676009e8e39a5843659e6f400986d7e
Sha256: 61aab88275c9ee06ee5a103e639e8a09e5081120889a469d344a48ee84786d0e
                                        
                                            GET /content/photos/1/18/1c/65/85/651c852811353c3a7d65c24ce3a5dcdd/gratis-dejtingsajt-priser-dating-webbplatser-lady-f%C3%A5r-erotiska-partnermassage-hemma-eskorts-peru-katalog-%C3%B6ver-horor.jpg HTTP/1.1 
Host: erasmus-lean.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://erasmus-lean.eu/

search
                                         172.67.213.61
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Thu, 01 Dec 2022 00:41:39 GMT
Content-Length: 6851
Connection: keep-alive
Cache-Control: public, max-age=10368000
Expires: Sat, 10 Dec 2022 15:45:41 GMT
Last-Modified: Sun, 23 Oct 2016 05:12:30 GMT
Access-Control-Allow-Origin: *
X-FRAME-OPTIONS: sameorigin
Age: 93597
CF-Cache-Status: HIT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6AcFZbnO8%2BXL2efkK1zNDnfzJbhx8BOyClxM6Df0pNUUf3a9IYu3zTfdou1E3Pc9X4M4Eym8lhWGM%2BBxlEKN2oDXvGnNjfF660ID3cuTJwWVv8SIDN4JfWbB1SW%2FAmQh58%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7727c746cee11c0a-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 180x135, components 3\012- data
Size:   6851
Md5:    0495300719739d123954e3083a30e3d3
Sha1:   c19da99a3f6921045a8eed6a8d6a48e470e1bdd3
Sha256: 1d587e1122a99b13bf493e8000143073ffb8c58d316daafc9050ea555b76972c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 00:41:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9811BDB579337D8E8EE86A5F042AA89D88875F168BA2581D91A154104639F40F"
Last-Modified: Wed, 30 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18705
Expires: Thu, 01 Dec 2022 05:53:24 GMT
Date: Thu, 01 Dec 2022 00:41:39 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 00:08:56 GMT
cache-control: public,max-age=3600
age: 1964
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /landings/276666/1669379309/css/reviews.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: RfNHn0E1A0f3/DfU0Ct3hFwx+Elu38PddhPiofYZ9ZG+mVOZLlBt7nOhgHmgYZeBIcMW57/yaJ0=
x-amz-request-id: PQ8AAPZ3E0V5VXHG
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "8d406331d9e001b5484749e32a72e5cf"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 1041
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   1041
Md5:    b15da040f87f67ff6d9215e38cd80e80
Sha1:   78effe80456e82a0b5fa5d9fc2ed1bd31ae70d93
Sha256: 507a1774094b79ee6d64b97243fca1e567a54327786c016a7eb5ca755340ea71
                                        
                                            GET /landings/276666/1669379309/css/style.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: lq2CzU6bPxV7bKVOiKRPihzc/F1oX0TGkeV8c+ueUb8Dt0XyltCrgX9qYoD/P4wdSOU5u6kJZBw=
x-amz-request-id: PQ8A2A4NVPFWSNF1
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "dc3b12df3464b9db5c0357f195ec3efd"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 2688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   2688
Md5:    eb4bfd5944da82807cb317fd8320789d
Sha1:   04dada62a704144982ec4fe8340c400228f366d9
Sha256: df909a279e69ac102198705aaa41bf58969150546bab7ad211ce13d7408e3c9e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 625
Cache-Control: max-age=117336
Date: Thu, 01 Dec 2022 00:41:40 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:17:16 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /landings/276666/1669379309/css/popup.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: C1aZo4yTFG6lz299Y2B3i2emhFkzv7NMSKqMhCbQPp4Who7P90X7wxER2GvcPnFkLd2JKDTFMUA=
x-amz-request-id: 77ZE7SH0QRW6Z366
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "7b875d022914f8540722b4a8a849afc1"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 592
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   592
Md5:    19c3d57c07d70876216fef8502dcf39e
Sha1:   ea20b89b045c862c0055d5e893622859402b1385
Sha256: 4c7d6de63342324cb48e933c4c6603ea6e252bddc9b5f88ce4eee7d9c733c80e
                                        
                                            GET /landings/276666/1669379309/css/timer.css?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: pyTJ9qwLdAKitNUBPA6+0tY8j28wFR+3XL9R+LZRggdpakRB3/rhGkrFVc+aQoCOuTcO46Tlxhg=
x-amz-request-id: PQ854F3HPMWQXS3D
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "9ec38af926ee0d5ce953930a92f3955b"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 706
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   706
Md5:    4c41cb67e8ba22c9dd2bb8077689991a
Sha1:   711413f121b71479e1578549b444fd3c37e0b938
Sha256: 7a8ad02cdec0e7e5e49112001431dcba243f148c35e4f1a722733ed400c02a06
                                        
                                            GET /landings/276666/1669379309/js/jquery.validate.min.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: osEvBdXrEjtcewXQD6YBIL0wv7hHC0tE8PQywsP+7bNTBywLw2aMz+OQeRb5cBVQzM6vx/97YCM=
x-amz-request-id: PQ8D7KCWF1T2Y6C2
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "23d73c6bd6cbea8f06d0cc227896a827"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 7815
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24228)
Size:   7815
Md5:    f808399407c6ac496fe830d5deacb05f
Sha1:   151039ee8631ce8ff989c5cf795c2feba950a499
Sha256: 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958
                                        
                                            GET /landings/276666/1669379309/js/jquery-2.2.4.min.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: w911M+KuGp6QDlxeWXgptzqlxDrWiWVWLKa0kJk7DNkmsyoMRXEd+ExrDzynumvRr2ntwJkD8Pw=
x-amz-request-id: PQ8EKP16MNNQA6S7
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /landings/276666/1669379309/js/title_tanslate.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 1ZIBlEhPbU2D/MaAmLNyAC1xi3ZyO8M71yYPhrFcpxqkTGJwdhG+YKxt0iJmJwlfHrn/EI46+PQ=
x-amz-request-id: SEB01PB2KDRDPQTS
Last-Modified: Fri, 25 Nov 2022 12:28:34 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1298
Md5:    0e212ad4454c941c45c2e57df42c2b4f
Sha1:   fe9d7c484c2c0d7a6475692ef984c53a06c95406
Sha256: e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3
                                        
                                            GET /landings/276666/1669379309/js/translates-review.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: McaBSjjPtNVo4k9EZOAKv6IaVbgJn/KwaHsAaDfxxuWjZjEm3G3S3p/43ZyEiXd3Sn7JFitrvCg=
x-amz-request-id: SEBEMF03BD576YSP
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "9061bd0c6ff627d3a43a9e6c125350a7"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 14059
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   14059
Md5:    7e68f840e901ef970f740ce8219ceced
Sha1:   b6acb9f49a8fc69974bb3af8b94df3812f60850c
Sha256: 51370edca224a86fc7ed3ea85308c34f1527b62420f659594eaf90f46a8c6a9e
                                        
                                            GET /landings/276666/1669379309/js/timer.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 0hJyOsr8pHgrj6QRlWorStw9e+FisKfQSa/V6aakqOEF+Kl7EKgd6sLfnNO4/PhaBFgxZZQF7HQ=
x-amz-request-id: DW151D4RX9JG399C
Last-Modified: Fri, 25 Nov 2022 12:28:34 GMT
ETag: "3350ef7fbc19030e06999dbb12a2c9b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 903
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   903
Md5:    24af8e8209962d30b5e6bb428d28489c
Sha1:   a00033869880cf83bc81fde7874242d838b59e34
Sha256: 52fe1029652b5a0576cdae96e8278900eb7eee3f81a1ae66ea88129aa6f3f924
                                        
                                            GET /landings/276666/1669379309/js/translates.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: VCAM+61Btjjzx6VxfAcbRuYg0VnwwjLiTosxt96pEFLrIg9zb42aYsgkNKgbXervg+unBKoI5Bw=
x-amz-request-id: DW1591J378F0WVPY
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "b9627d60572ae478211faf00a5dbb72e"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 29792
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   29792
Md5:    8942f742642e48afd843395edc850387
Sha1:   5bb7401d364efee9e973b49c14e20a89b0067feb
Sha256: c7813b66c17adb4e7c356ef0fe6a215bd8f99ba562f5b0f6f37508debd5a1c80
                                        
                                            GET /landings/276666/1669379309/js/translate-popup-timer.js?1669379309 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: ARKvFPxk7Pcvo1cvZAJ6tDczf7yxBkndRihm1l9dZ9EiUHClYVLLjmCYFHn5v4rn49wF7i6ykYw=
x-amz-request-id: SEB57JQDC8B88681
Last-Modified: Fri, 25 Nov 2022 12:28:34 GMT
ETag: "e87a84612ebce6b2a84f41ef7f6d40b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Length: 1080
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1080
Md5:    b8caed488bbb08c2414fb1c79c9c8d35
Sha1:   8bda431010a9d7666cd6c2c15f9a3b7f81634ed8
Sha256: d72877ab0432583bfed248050bf32ad260c7b06c4e20a714d07ee65e7948ee0c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 00:41:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/276666/1669379309/images/8-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: OXHBksFWZ8xdw2DVKKlXF2ti6uhRMZY5ZwXR1bOQg0rPBevJd5apePWHOXCrurgnO1hms32Y5q4=
x-amz-request-id: QJRDAFH5GZQCV5SJ
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "ef40a69fcb961a0677eaf2e29b93aa3a"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 13479
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   13479
Md5:    ef40a69fcb961a0677eaf2e29b93aa3a
Sha1:   eb5624143cf58053ab45715cf155f92fc875aefc
Sha256: 4e54bd6e80377744a79017ba800639924466266601a06ca194aaeea290e086fa
                                        
                                            GET /landings/276666/1669379309/images/7-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: f+oXZait9Yb84fzC1FlRV+7+Xsv3ynDDtzohz0vGjOn81eAhboa3VtVZ9MIfevnTDtjJSzbRhjw=
x-amz-request-id: H0AHCMSS7HD4ZYQY
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "12ec30bbdbaf0895e9b0757dfa2db143"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15653
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15653
Md5:    12ec30bbdbaf0895e9b0757dfa2db143
Sha1:   3af93753793232dacc7b8d2383ded325965d7d65
Sha256: 89b5109517f86d9ed451390ef0d377979d75511a5d83e8ea5397cb33f5826dff
                                        
                                            GET /landings/276666/1669379309/images/icon-like2.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 9Js1diSq7D7BxwoH4r/Y3F5EZ6eUF4Vsr4GVNW8pLB5IJgCUzP8JymL105Gj4UD/iHX4vHaVu7g=
x-amz-request-id: 42BTZH91Y7E10YK4
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "a1d69d8f51567ce108bdd71df17be930"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 473
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (369)
Size:   473
Md5:    a1d69d8f51567ce108bdd71df17be930
Sha1:   ee47468e7ce8b6736092f038625b904a7735f0ee
Sha256: 9d56addf8e2312e9df672eb51ee9f4cf8081613ff05e3ff99cb0ec23bcde7d7f
                                        
                                            GET /landings/276666/1669379309/images/blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: n5q9uXtQ/Ulue2Apofp3Kh10kHWUtWa/tbnwobXydqJTTFu8YG5yU3RE2NP+HPr0wJYSWIBHLqY=
x-amz-request-id: QJR9XV9FVYRD0VQG
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 502
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   502
Md5:    87487ad255dde0624f59abb85602defc
Sha1:   caafad17df41875bed690353ead6cc495a9bf8c2
Sha256: f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
                                        
                                            GET /landings/276666/1669379309/images/6-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 0e7uJ+I4qPAZsmgn06ZpeLQuoIpYuZyhmYLZ/6JsTnEI9S2ikb7AdFiGq1jfJYKDRstbPJR9uco=
x-amz-request-id: QJR2EFWQJDHJMJYR
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "f424c0e5631daf23b07f1ecdcaf8f69c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 14265
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   14265
Md5:    f424c0e5631daf23b07f1ecdcaf8f69c
Sha1:   30a7543a419fa3ffac589f53aee088af4ed767c5
Sha256: 4b82ecdaeda6d935e3dcf4ab5684d2393018ba6b604d63e9a52d6af976f069e8
                                        
                                            GET /landings/276666/1669379309/images/2-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: NREJgdCUZDf3fQMbpSttIip9fiT236OSGr3FttwO2knJ06pixhzSAr7U2q/n6H6nvSiTAe4Dl5o=
x-amz-request-id: 3YQ32MYYWRPSJTTF
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "8406e97c1968881d481cd55c66743204"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 14098
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   14098
Md5:    8406e97c1968881d481cd55c66743204
Sha1:   73f0e213341a617f9405726ca05af91c0b3f32fd
Sha256: c30bd722ab48311f023fc896cedf6032b03961b4395962dfa919284c5d2c9d33
                                        
                                            GET /landings/276666/1669379309/images/logo_inst3.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: uEwdSt7qWrejisELwPgft4lR9b8pQRfqNvQuUEMRHGp6B4bstxehmxtDpDatpDrI2SlOa56+YGE=
x-amz-request-id: MV9WXC2AGKX1GSRA
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "0025657d9d2274a15aed06a9eadd2ab2"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 7042
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (6173)
Size:   7042
Md5:    0025657d9d2274a15aed06a9eadd2ab2
Sha1:   2838a36bfaa63abfe8b9f4bca8f8fe1a7ab7405d
Sha256: d7b396cbae8aa719a1a277fa8fcf7df40f61b50e59b5937fcb347c679c6e990c
                                        
                                            GET /landings/276666/1669379309/images/icon-city.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: gGLdmUkG8cmq4s4T57h8oUMUA4IIpYGGcScXAdU+BhUmbIo+rP3mLuL3DAW1kP4XD/nJuaGfTRE=
x-amz-request-id: MV9PVC70QPSW97Z1
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "5f5ead641bc30316f498592eec2016a1"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 839
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735)
Size:   839
Md5:    5f5ead641bc30316f498592eec2016a1
Sha1:   3195aa33596ba190a6584ccb75124dd9d9c13261
Sha256: f028477ede528af987acd2bea73c8e462ea4cd6cf1137aae5085c85a82d93409
                                        
                                            GET /landings/276666/1669379309/images/110010_4.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: UtS6GlIBtkKIs+m/3IUCXdp9C09oa2VKAYbOCV/OxfqaPgqAAS21HMlMhBq3W5pLQ+MdculKXY8=
x-amz-request-id: MV9WVB4CMATH47VH
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "daf4cb58fb756b1ed20036941b7a6b72"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 55243
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size:   55243
Md5:    daf4cb58fb756b1ed20036941b7a6b72
Sha1:   f59a45cb83366de64071b3a35dfcb54aabbdcd9a
Sha256: 42b2fe5d347c3c56725d0addd7129d13ce335df871730534ecee42d2df3a637b
                                        
                                            GET /landings/276666/1669379309/images/3-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 79XFHhz1pxJxrfSEUUwlwb5CRwziiXFdN60lhHJNGpE3QPE1wEHA8Z2wQGqEQjJhsO8FE1VNH7Q=
x-amz-request-id: 5ASXQ5JW1C5Q4H9B
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "d8f5f0299333c22c41ab084120961d49"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15013
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15013
Md5:    d8f5f0299333c22c41ab084120961d49
Sha1:   6c2d6cb9323765201658e9ba588d6e0d43d5df67
Sha256: a7bc234fdfee5b1fbd7558be17adc06905c4667dc6e93ad6b0783642a6b314fe
                                        
                                            GET /landings/276666/1669379309/images/unlock.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: bnYm/hDSiYzIe+xU8LLRG7uJs9H2GldbzY+vUVJ489xlkNLEPUonU5g7qPsy+Glr5TtiBM8LwrY=
x-amz-request-id: MV9Q65XQRTKKNGYY
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2378
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)
Size:   2378
Md5:    a732e1e06affb4575c050fdb0131e5ca
Sha1:   da4f4f204a4d22c7424274a91520e0ea993c48c7
Sha256: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
                                        
                                            GET /landings/276666/1669379309/images/password.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 60TpfOBuF00GHOrjJYXoz0AnhdEOEtShtabzNEEq1LCJA4NZVoV/fTLT1Al7UC/4vstBaw5fL80=
x-amz-request-id: 3YQ4A8X2S3EV5E7S
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1339
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)
Size:   1339
Md5:    f42aef7f97d4c9bdb074673081f38ac7
Sha1:   0231df782e371d139c826e091279acd9a07e691c
Sha256: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
                                        
                                            GET /landings/276666/1669379309/images/shield.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: zV11vq7ARR+Lv+OOomMq3G8JVcqO28SrZ13gz2vr5emZNiTbC7A6FZ/TQON9N08XJrWaBl41NIM=
x-amz-request-id: 3YQ70H4YXQN7M8E6
Last-Modified: Fri, 25 Nov 2022 12:28:33 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1539
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)
Size:   1539
Md5:    0c7a0dfd64cf020cd8a6dc0c3df1dbdf
Sha1:   f705635388aebebae1223d828c38233067f28ab1
Sha256: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
                                        
                                            GET /landings/276666/1669379309/images/icon-message.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 4mxjbQZH2sZWyltLA6HUey3fKueU970nOu6UX5XmjORCJ1c4tj3UgYHUpq0SunrNCfV9lIxYmBA=
x-amz-request-id: 3YQD55RV3D7AXQHD
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "8f91b2bbb14c2fac1a9be78688501512"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 883
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (779)
Size:   883
Md5:    8f91b2bbb14c2fac1a9be78688501512
Sha1:   631540540c371fe7074b5736dce68f10d76700f0
Sha256: 5b52df3b82f51d9330bf1b66b9683545368475ed5f25362c64feb438fb14bd4f
                                        
                                            GET /landings/276666/1669379309/images/icon-direct.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: f5OqvLMX7YGP21RMcnEXL102Zz/zlYIYif8/vBRBayjqoyJsRaaLE/leJ9SfiO6Y/tBBR9qMmBI=
x-amz-request-id: 5ASJPYNRQJN413N7
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "9adf524396b45e89252717b159cfb95d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1141
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1037)
Size:   1141
Md5:    9adf524396b45e89252717b159cfb95d
Sha1:   39a3a6bc588085fc604976c6bb4cfe42dfc8dc50
Sha256: e0705f46c1c0c8fd1c1d82f60925008491aa7a2b2ed0351fac96c76d5f2bf13d
                                        
                                            GET /landings/276666/1669379309/images/5-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: Lwx1lh3V/U6GNSWt3bqy4lB8gdHfDpy+XxJ6V43M9imOr51dewYwiugrwqdO8jw7fSzyuRICg3g=
x-amz-request-id: PD07NBDTECMMXXZ3
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "08c6cea7e489f3caf50bfa02fcffc8d5"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15153
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15153
Md5:    08c6cea7e489f3caf50bfa02fcffc8d5
Sha1:   0cfe3d1447e01aaea5fc2fada138c1fa21a93c86
Sha256: 0d825e2c84a926c72864a619b1d587c3716a9043321fba9913db5d3c8e3e444a
                                        
                                            GET /landings/276666/1669379309/images/1-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: jGErxkZ2HTD56AtINNnyVi818rsF7yH+dMknYRtYGcXsKUn2PmVLjBuV2nCywHZHElvP5s4Uw6o=
x-amz-request-id: 5ASVSBTFH3SYTX7A
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "0b2eb782c549d40b2bcb97934ab6f821"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 15567
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   15567
Md5:    0b2eb782c549d40b2bcb97934ab6f821
Sha1:   fb97adbc62515352937ab61093322449676dd0df
Sha256: 55e214ad65a4e7402c23c8a9f8f8d94ed849cdaf9925bc730d3f4ce27dba16d2
                                        
                                            GET /landings/276666/1669379309/images/icon-flag.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 817kSxUy2vHWuIY7qXoBjAZPDQQC0h3kubbXxGZhzWQc4a2kaJeLT/+8BoeF/nhhk7FL9PVrgzk=
x-amz-request-id: 3YQ7TGJQY2RQC07S
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "5da118a4447db10c8aceb6cb0e69e89c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 658
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (554)
Size:   658
Md5:    5da118a4447db10c8aceb6cb0e69e89c
Sha1:   343954956bcd542cdae0ee819584ee05f2b69d4c
Sha256: ab6ed8c891db0448668e8711a25e42cd27f6e4375fc3e780f041dd24f1544229
                                        
                                            GET /landings/276666/1669379309/images/4-eu.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: mGfO3DzsznYBMBnJmUU5dt37+1TZ+meo8Ip86I3ZojdpZr3gN3RByNH/h7qWepCsxmOIznI8/KM=
x-amz-request-id: CRFBK9KTDRPNZ599
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "4031404ec6ab92ac12eea40f1a074794"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 16220
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size:   16220
Md5:    4031404ec6ab92ac12eea40f1a074794
Sha1:   21787edc4ce197faebbe7f14996dc00374a63c06
Sha256: 34eae0af9c07a88aa5002540d93c2b02a557199f5c73a15909aba6eb1f0bdd03
                                        
                                            GET /landings/276666/1669379309/images/49.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 7QVBlhT6HJ38BSPGAHDkVM/wVto2ZhgMFUMU1IAdFEMU55FadXyEfGzSsvSjyvxRt1gyDPpRTaw=
x-amz-request-id: 63KC3GXYYJGWAS1V
Last-Modified: Fri, 25 Nov 2022 12:28:31 GMT
ETag: "372e58a66b7d92e1dd903f32fb308d1e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4510
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 336 x 336, 8-bit/color RGB, non-interlaced\012- data
Size:   4510
Md5:    372e58a66b7d92e1dd903f32fb308d1e
Sha1:   40be5d7067b822dfed07e173acd11cfceaa9e329
Sha256: 82408edfa51c2d831b86658b6637a6950986c342195aa08fd1467ea1d71b9793
                                        
                                            GET /landings/276666/1669379309/images/icon-home.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: gZK+wMb3CYkX7Qesb1gXah1RjWbWKar6S0nMlLV6FnnDMnBONInAideDj0MSnkgxh5sSzpCqT0I=
x-amz-request-id: 63KFT2ZKNWHRZB6A
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "02866968d59a649b76df83c300d2d8f6"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 889
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (785)
Size:   889
Md5:    02866968d59a649b76df83c300d2d8f6
Sha1:   8293027c754094ab05cb7d6daa7f7cdb1be5c98e
Sha256: ce26e303b33d69ca20eb3079b4c37ed364eacb8c633260c56315d6db74414b74
                                        
                                            GET /landings/276666/1669379309/images/icon-search.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 4gnmI6cCReTcflcF38yO+6tnr0BzgifCogQ7SKqAxlXSSxUTe3l/PPpXdo7Wqf7UlyMjj/7lYOg=
x-amz-request-id: 1W556NNCRNAGN31S
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "aa6ea58a389a3ebe541d5f9d622dedd7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1189
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1085)
Size:   1189
Md5:    aa6ea58a389a3ebe541d5f9d622dedd7
Sha1:   9fb684b6f6cd982396bd8c8e745997c3a01dd6be
Sha256: 4aa4713ccd74ad24299b1558cb49061c90076e841b3b1177fb3b056a8448b4c5
                                        
                                            GET /css2?family=Inter:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 00:41:40 GMT
date: Thu, 01 Dec 2022 00:41:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1705
Md5:    4ffdc75c5f5ac6dd3ca303b88200bfae
Sha1:   57ce6b6a3250ccc5e26ddbcee3344fe98fb16492
Sha256: b58e231ac9d9f97da1db44b36b462d1782886c642458eeada2a589677b26222f
                                        
                                            GET /landings/276666/1669379309/images/icon-like.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: uZ9bLeVqSjYdQ/Ah83lAU3/QQ5cDRb6tiJdgigkS+LhOqxALH7HHpFhYaSkZNMsZ3Sv8mTHIMsM=
x-amz-request-id: 1W5AHPSZG3M00F4V
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "2457f6954df5056e25151bcdd05a2718"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 914
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (810)
Size:   914
Md5:    2457f6954df5056e25151bcdd05a2718
Sha1:   41ab46311796f9ade12cae960687a422ee8ff0a0
Sha256: c1a26e7a024fd0e566423b10e91c63854979ce89f3fe2625043dc52dfe20891b
                                        
                                            GET /landings/276666/1669379309/images/icon-user.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/276666/1669379309/css/style.css?1669379309
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 3MqOo84ppMN/Fy1NisiOZPkALZzLZdReOS4Hk0nR4AUnd1FKBt3qnURii8Q0pkuSkHAQNZjvsRY=
x-amz-request-id: 63KFSVJXMBJT1K5E
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "00aa56c530f0df6ddbb8805f25376920"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 844
Date: Thu, 01 Dec 2022 00:41:40 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (437)
Size:   844
Md5:    00aa56c530f0df6ddbb8805f25376920
Sha1:   2331bb67d5538e5fb2c010ef41541ce8dc8acfc1
Sha256: ed65348e7b16bbe9b436282214590814692d0fb779fc2155c82ca0d94fe5a94e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JCEztQG0JlsWgazyZlnQKQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.41.253.170
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RGfVvhXEhzaVfWwQ37RFDw6drWI=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 00:41:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /ortb HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 288
Origin: https://jqkkq.excelientdates.net
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/c/da57dc555e50572d?s1=15966&s2=56630&s3=3.testse2&s5=backuser&click_id=68-1381-20221201034136a723dafc&iexpp=1&j1=1&j3=1
Cookie: unique_id=6387e48f00016757; unique_id2=6387e48f00029a2b; 6387e48f00029a2b_c=1; ref_token=179854_153115_15966; 6387e48f00029a2b_sl=[276666]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Thu, 01 Dec 2022 00:41:40 GMT
content-length: 13
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   13
Md5:    1031bf08481e45e42ceb3fd978c3d379
Sha1:   3d6d43df4c45f09f5d68593646fd83352323a5ea
Sha256: c99e0e70ba976626855bf7f83fc0e333b57833bcaf3dcfba16215a6e4fa3e208

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jqkkq.excelientdates.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:27:29 GMT
expires: Fri, 24 Nov 2023 05:27:29 GMT
cache-control: public, max-age=31536000
age: 587651
last-modified: Mon, 11 Jul 2022 21:07:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17076, version 1.0\012- data
Size:   17076
Md5:    e248902a9f045310063e7a14a46fd9ae
Sha1:   aec66565f555ee0ca4d39e584a1b484db127fa3b
Sha256: 262a1054100218e2efaa4b2e214e4fb8e920c5a30a53300b80145511df3de895
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 00:41:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 00:41:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 01 Dec 2022 00:41:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jqkkq.excelientdates.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 01:47:01 GMT
expires: Mon, 27 Nov 2023 01:47:01 GMT
cache-control: public, max-age=31536000
age: 341679
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size:   37924
Md5:    e08be6d5d433944f7ad52902e4d24db5
Sha1:   e2600c1d60d12d397b3ee44411a021231d71e974
Sha256: 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
                                        
                                            GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/c/da57dc555e50572d?s1=15966&s2=56630&s3=3.testse2&s5=backuser&click_id=68-1381-20221201034136a723dafc&iexpp=1&j1=1&j3=1
Cookie: unique_id=6387e48f00016757; unique_id2=6387e48f00029a2b; 6387e48f00029a2b_c=1; ref_token=179854_153115_15966; 6387e48f00029a2b_sl=[276666]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 00:41:40 GMT
expires: Thu, 08 Dec 2022 00:41:40 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3769
Md5:    ab12011773a278be9700069f92087ca2
Sha1:   d98b03093510053cd0fde81a419450cfac03b46b
Sha256: 995b4c98b4bfad74f811d691db0a398a45424e9b155350c19b7241f55b28623c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/pushjs/1.0.0/utils.js HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/c/da57dc555e50572d?s1=15966&s2=56630&s3=3.testse2&s5=backuser&click_id=68-1381-20221201034136a723dafc&iexpp=1&j1=1&j3=1
Cookie: unique_id=6387e48f00016757; unique_id2=6387e48f00029a2b; 6387e48f00029a2b_c=1; ref_token=179854_153115_15966; 6387e48f00029a2b_sl=[276666]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 00:41:40 GMT
expires: Thu, 08 Dec 2022 00:41:40 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7480
Md5:    f6d1a13675be32118569feccaa36157d
Sha1:   27b375eea172acedaa00a57a1dbf4b7f9b400a76
Sha256: 9dde212ece8da8a484dd00d501c8e0ef2e0222a2067273fd02937736326be281

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:07 GMT
expires: Fri, 24 Nov 2023 21:48:07 GMT
cache-control: public, max-age=31536000
age: 528813
last-modified: Thu, 10 May 2018 20:35:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25088)
Size:   8604
Md5:    73069e532b7039778d3a7128c997c61a
Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc
Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 10:16:35 GMT
expires: Thu, 30 Nov 2023 10:16:35 GMT
cache-control: public, max-age=31536000
age: 51905
last-modified: Thu, 10 May 2018 20:35:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35547)
Size:   10017
Md5:    fa9987a23f5a9d865766e952511baa30
Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13777
Expires: Thu, 01 Dec 2022 04:31:18 GMT
Date: Thu, 01 Dec 2022 00:41:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13777
Expires: Thu, 01 Dec 2022 04:31:18 GMT
Date: Thu, 01 Dec 2022 00:41:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13777
Expires: Thu, 01 Dec 2022 04:31:18 GMT
Date: Thu, 01 Dec 2022 00:41:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13777
Expires: Thu, 01 Dec 2022 04:31:18 GMT
Date: Thu, 01 Dec 2022 00:41:41 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3751
x-amzn-requestid: 80396218-5515-4f77-9d57-95b323e1f1c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzNHHGGoAMF8mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbed-09f83d1a5b7f65175fb137ab;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _mQdH9J5CaTiYNIQf5xVn-HGUP5tKhW_1foVDdpsVIoG_NKb9wZOJg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 10316
etag: "bfb37735a2500848338a8fa12f28516a1ad9b5ba"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3751
Md5:    609419f1a2c58ae67febde5e2cb91c9f
Sha1:   bfb37735a2500848338a8fa12f28516a1ad9b5ba
Sha256: 32a4a65c8bd4da715b5331537bd606bab2767ad8c07af3b8aebbe5cad5591812
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7837c610-4f38-4ecd-b984-5752ff89a1f8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7957
x-amzn-requestid: 54f43d6b-cf41-4067-b459-6b8d98869354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91PGgNIAMF2Xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-069ac54c22797a511c69a220;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5et72pBhP9fdm4fNy6V5AJjs7B5N3HUGgaToNJV3LbA59D-0QDAMvw==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 03:31:51 GMT
age: 76190
etag: "01a07f9a5725f608fafeced7b3d1ebdbcb776c29"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7957
Md5:    37004182402c955f288eb1fa8df7aef4
Sha1:   01a07f9a5725f608fafeced7b3d1ebdbcb776c29
Sha256: c90c80dd5cadbde3fef20a9c4561b1efa47401e5f6bdf64c91246553c50204f0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc1fe6f5b-2658-4434-b276-36d841c8ceee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8124
x-amzn-requestid: e000c0d5-82d0-41a8-8def-b36970226969
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0UqEd1oAMFakQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdb7-27efd8c92b8f6e4f257cec3b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1GIxjB2nXfoxuqJHLtkXl4OJT_Po5DJA_w26E2K8WOmm_PZw1qU3IQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:19:35 GMT
etag: "ec0fd74a981603e197df26c6fb79ef039f737557"
age: 8526
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8124
Md5:    42c762f71487f8e0285dd2129700f069
Sha1:   ec0fd74a981603e197df26c6fb79ef039f737557
Sha256: 8a40883d87b1e2c6e116e3cf881a8b39c987200a8556b651f78a376b3ddbaa26
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabcce497-e838-40ff-ab98-af5f631b766f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2382
x-amzn-requestid: 7279ff68-1e32-4c57-9b9d-f5803a19e8e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJYQuEmEIAMFkeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63806d9e-2cf28dc150b53b9f3c60bb4c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 07:24:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UaUyc03Gw0P7G_7gjAyp-c3XxjIDbllO7lmG_8UWVCuBP4WgEgSydQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 14:26:41 GMT
age: 36900
etag: "b3eaec75f854d22cd1dcd6aa42e37f6d0df50036"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2382
Md5:    f5469e846da1e0f21cfc480f56a656a6
Sha1:   b3eaec75f854d22cd1dcd6aa42e37f6d0df50036
Sha256: d5701207a8b6b358359ebfd85a6916af7a3abf79acba235bf7d4131b0bc2e9b5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q9y5-OF59ODaZRd9YFFdM2rIH0bYYyIT40rCwr8cBwBQd0GOqtNobg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:08:51 GMT
age: 9170
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10437
Md5:    291127b670135b42b6e9687aa2a13237
Sha1:   99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
Sha256: 49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 08:50:17 GMT
age: 57084
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4762
Md5:    d2dd5a4bcfd47db8f38544bf39ce3031
Sha1:   fa2217bae05b7beca2e12597eaad835298276b82
Sha256: 3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e
                                        
                                            GET /landings/276666/1669379309/images/4.mp4 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://jqkkq.excelientdates.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
x-amz-id-2: Opz2p0c5eSzvvKaVpnQ7aQaI8XAqYjlu69Anwl2vFC+LPG3Vo8NzqakhikkHiNHAOXGkMl8lfcs=
x-amz-request-id: M03VK96XR99W5944
Last-Modified: Fri, 25 Nov 2022 12:28:32 GMT
ETag: "7be5f3025f66769e720214f2fd221905"
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 01 Dec 2022 00:41:40 GMT
Content-Range: bytes 0-1264919/1264920
Content-Length: 1264920
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
                                        
                                            GET /css?family=Roboto%3A300%2C300i%2C500&ver=4.9.6 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://erasmus-lean.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 00:41:39 GMT
date: Thu, 01 Dec 2022 00:41:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/da57dc555e50572d?s1=15966&s2=56630&j1=1&j3=1&s3=3.testse2&click_id=68-1381-20221201034136a723dafc HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://erasmus-lean.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Thu, 01 Dec 2022 00:41:39 GMT
set-cookie: unique_id=6387e48f00016757; Path=/; Expires=Mon, 30 Jan 2023 00:41:39 GMT; Secure; SameSite=None unique_id2=6387e48f00029a2b; Path=/; Expires=Wed, 01 Mar 2023 00:41:39 GMT; Secure; SameSite=None 6387e48f00029a2b_c=1; Path=/; Expires=Wed, 01 Mar 2023 00:41:39 GMT; Secure; SameSite=None ref_token=179854_153115_15966; Path=/; Expires=Sat, 31 Dec 2022 00:41:39 GMT; Secure; SameSite=None impression=; Path=/; Expires=Thu, 01 Dec 2022 00:41:39 GMT; Secure; SameSite=None 6387e48f00029a2b_sl=[276666]; Path=/; Expires=Thu, 15 Dec 2022 00:41:39 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/service-worker.js HTTP/1.1 
Host: jqkkq.excelientdates.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=6387e48f00016757; unique_id2=6387e48f00029a2b; 6387e48f00029a2b_c=1; ref_token=179854_153115_15966; 6387e48f00029a2b_sl=[276666]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 01 Dec 2022 00:41:40 GMT
expires: Thu, 08 Dec 2022 00:41:40 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing