30.lopaset.com/l/PA/12/?resubscription=70&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175301 Moved Permanently 0 B URL HTTP/1.1 30.lopaset.com/l/PA/12/?resubscription=70&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/PA/12/?resubscription=70&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 30.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 13:24:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 08 Dec 2022 14:24:39 GMT
Location: https://30.lopaset.com/l/PA/12/?resubscription=70&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7765d28ffbd895fc-ARN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2446
Expires: Thu, 08 Dec 2022 14:05:25 GMT
Date: Thu, 08 Dec 2022 13:24:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4270
Expires: Thu, 08 Dec 2022 14:35:49 GMT
Date: Thu, 08 Dec 2022 13:24:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8281
Expires: Thu, 08 Dec 2022 15:42:40 GMT
Date: Thu, 08 Dec 2022 13:24:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 13:08:12 GMT
content-type: application/json
age: 987
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: oz905nfsTpGrZ2UEQb6oasausYqZDKWdFeqzyKNrdaqT1Hf1g9bU43+pw2FHVIN8jttyZ9YdM7w=
x-amz-request-id: G47BVB24JHE1PRGQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 12:49:47 GMT
age: 2092
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zErpQ3nhDAQ
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zErpQ3nhDAQ
IP 216.58.211.3:0
Hash bd032f22c0cffd1031a3baafa272aa99
070553084a2306286a97d36b51e5b47f90241a3e
0549cc050251e194c996ad4cc65cc084bff09f8150e133d72ccab3fee1561512
POST /s/gts1p5/zErpQ3nhDAQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:24:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:39 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ded083d05f79696e6dcf5b5d8654b1c
8baaec77710500f563c6376667f6b94754b85fea
b51a9e988f9ac92e707c088e1d500b28f9d660f4b33eb518440a4fab65432177
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B51A9E988F9AC92E707C088E1D500B28F9D660F4B33EB518440A4FAB65432177"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3301
Expires: Thu, 08 Dec 2022 14:19:40 GMT
Date: Thu, 08 Dec 2022 13:24:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 13:07:58 GMT
age: 1002
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4341
Cache-Control: max-age=161673
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 13:24:40 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:19:13 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 76 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash c9f8485abd5dda2cf99de044075282f6
fc46abb4a7443f16aae2757bb808f8c24c6506e9
6ea7522b86999ca38e3b2c0474229004aff0f081583c761fd3c067bece88c89a
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://32.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 14529bbc5f40666b0f449492552fb94b
ceb594229dc222e8d9feab593c4e09ece9e6c38d
0291b423b2fd1c2fc9871a202066d74abe3d3953d2eac090c6b550fef7aee215
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://30.lopaset.com/
Origin: https://30.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://30.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5123db7ee1ff4079b864dc81ed0b8caa; expires=Fri, 08 Dec 2023 13:24:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vLaaQvtevMXv9lgFJjDWTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LdNEk7X886L+OTze6GkSGMQu8z8=
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 37d5e52ac44deafccf610527e9709d3f
27424fb6de8c40815125b0d7dc420f2a8b710bde
923fb19aef1b063a57d944b2124153079f0e630aec4f37da09495b0aa1aabbaa
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.lopaset.com/
Origin: https://31.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://31.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ff52df950b8d42e28e8c1df94bde69f4; expires=Fri, 08 Dec 2023 13:24:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32.lopaset.com/
Origin: https://32.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://32.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://30.lopaset.com/
Origin: https://30.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://30.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://31.lopaset.com/
Origin: https://31.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://31.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://32.lopaset.com/
Origin: https://32.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://32.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
36.lopaset.com/l/PA/12/skip-button.webp
104.22.65.175200 OK 5.0 kB URL HTTP/2 36.lopaset.com/l/PA/12/skip-button.webp
IP 104.22.65.175:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 639x273, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash da2dc41d023f4fcc89675351f9117c3d
bff287be312236d01df91ec7db9a58c4bde224f4
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
Analyzer Verdict Alert fortinet Phishing
GET /l/PA/12/skip-button.webp HTTP/1.1
Host: 36.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://36.lopaset.com/l/PA/12/?resubscription=64&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: image/webp
content-length: 5006
cf-ray: 7765d29a2b299902-ARN
accept-ranges: bytes
age: 23144
etag: "l/PA/12/skip-button.31c9ae67f7.webp"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 3183b2a048e6501ca07fb446fa531c0f
081a2f73a8ca6f8f5055867849105ad8130a7543
544f736becaa9f349981b05f1b60fd9f99223bfcd4b3a2b15b0d934369bcbe8b
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://31.lopaset.com/
Content-Type: application/json
Origin: https://31.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: c378f6571616ad58946c46742cc826c2
access-control-allow-origin: https://31.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 0e5d6931660c553dabd35767692aa092
8723bfb3126574e48fe0b48b7a2c4c533166ee1b
7f95e220e8498d0a80225edf8dfe63012e03437f10b1a6e7624a737e543af911
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://30.lopaset.com/
Content-Type: application/json
Origin: https://30.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 97ab47c0778146f91ee0ab55f7ded78b
access-control-allow-origin: https://30.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 9094a7988429f5f4eaae2034a7aec5ea
575ac0798eb451fd6630525420855ed709cd78a6
f7b703e02b3021d4012534c98ab25b7e66c61cd3e2772c404298868e62317b93
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://32.lopaset.com/
Content-Type: application/json
Origin: https://32.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 2b226de1a94546fe4adec72bb8a54b27
access-control-allow-origin: https://32.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33.lopaset.com/
Origin: https://33.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://33.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://33.lopaset.com/
Origin: https://33.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://33.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash c1e4851cd8339d169e6b543a918078f7
95f7da3ac89733be2b3d4bb5f10b67a64e32e3c0
59cbe80503515486381bc677ae147b3c2bd21fa2faab4394e4005ef59cce2afe
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://33.lopaset.com/
Content-Type: application/json
Origin: https://33.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 35e53db80197eceecf911b3812458c26
access-control-allow-origin: https://33.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://34.lopaset.com/
Origin: https://34.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://34.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://35.lopaset.com/
Origin: https://35.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://35.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
38.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 255 B URL HTTP/2 38.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
File type ASCII text, with very long lines (554)
Hash 204ea1f2951cf57443b11c04310f2a35
478cdbc5f50ad7ba8362cb18ca3c132902c39341
91f9fd8bffbd71495ff1285c66af1965064fd0fac17ca2cf4045eb561f1d87ca
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 38.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d29c2d879902-ARN
age: 23143
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash 07a6d87c6cb0a88a0d0a5caf11996ad4
1d39405b41756168167f43a4f7ba02d072ebaba2
79f1e72c7a66d2c5c7493c8f022a09f13c3519a9fcbc92f38d922f631c30107e
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://37.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://35.lopaset.com/
Origin: https://35.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://35.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
38.lopaset.com/l/PA/12/?resubscription=62&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 12 kB URL HTTP/2 38.lopaset.com/l/PA/12/?resubscription=62&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 6b8b0075dbb8c8044fcba5a9bac939c1
2bee524c2009d463f452f9b3671c141860871b75
e7e50c3ee118d7cd3889f607f025af8daed343667eb5f3924ac0973b39e1065d
GET /l/PA/12/?resubscription=62&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 38.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://37.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d29b8cd79902-ARN
age: 23143
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://36.lopaset.com/
Origin: https://36.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://36.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
39.lopaset.com/l/PA/12/?resubscription=61&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 12 kB URL HTTP/2 39.lopaset.com/l/PA/12/?resubscription=61&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash eea222534821be66ac13c321128b8f0c
15a2c9283ca27525fdbe93a773776fa0c290fa9a
26734e469eda499dc33dd116b0d6287e22794396510f64fecd12fd93f7387a8b
GET /l/PA/12/?resubscription=61&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 39.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://38.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d29c7def9902-ARN
age: 23143
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
1.lopaset.com/l/PA/12/?resubscription=60&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 17 kB URL HTTP/2 1.lopaset.com/l/PA/12/?resubscription=60&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash bdce5e89aa586298d23812939c3ac834
f2589b4b16b24bc1110450212b656f3a80ff9f0a
57c6942037580124335d95454003b42703a0f149aaef11d06e299a4538a4a4bb
GET /l/PA/12/?resubscription=60&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 1.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://39.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d29d6f2c9902-ARN
age: 23911
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://36.lopaset.com/
Origin: https://36.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://36.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash b23acfd85e856fc402c7216e96c81872
578fda371e4f48c0ad171cd8aaee49ffe367f337
8881c35ba387910bab914e4434e5316a11f9333f281ad660c80ce02a816df946
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://39.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://37.lopaset.com/
Origin: https://37.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://37.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 13:24:41 GMT
Connection: keep-alive
2.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 758 B URL HTTP/2 2.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
File type ASCII text, with very long lines (554)
Hash 869527ea2fc49b84c00f6cd6ba3f0b73
36376829ba78cf6c98de98d0d18bcd6d5a3e7372
287b2c602d000ac5fcf98ab2ab33f2500dd5ad2557596d5689cf0f66ad673da3
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 2.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d29f09699902-ARN
age: 23910
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
33.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 39 kB URL HTTP/2 33.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
File type ASCII text, with very long lines (554)
Hash 7cfc248c76395911aeefc87bdb7438f4
354f5642dfa4de846a42ed8973eb05b8824b692a
274465afb80a25e0530bdf193d5ef8f77b4980f3a3581ab28199a988f265f5cd
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 33.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2970e899902-ARN
age: 23162
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 13:24:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2687
Expires: Thu, 08 Dec 2022 14:09:28 GMT
Date: Thu, 08 Dec 2022 13:24:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:35:32 GMT
age: 49749
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash bab7017b8bbf89022eff18c642627c24
e5d18b7b25b60a77d74a890512ad6aed307b45ff
2f6630e2bb614d9826dd166352fd291090f9f8c7db67c3e9e4c6f01a25e9e940
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://37.lopaset.com/
Content-Type: application/json
Origin: https://37.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: e57c5bbbf400f5efedb0ef1cdde8687d
access-control-allow-origin: https://37.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f5ce4070e5050733be6bded399afe53
77cf1dd30e86f5568a8e64cb42f536cf2af9301c
7fe19657e1add41e913e9a326023ff484180ca17615175ddc5d2ab57217566bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F377ab47f-a48d-4112-a562-b49a358636f1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4538
x-amzn-requestid: 143f359f-c0fd-4d32-8de5-cc2c2804bb39
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gIHzXoAMFqmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-27db2e3c6de7216e3c17caea;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ba2tqr7qzoTbVkNM_hFETgyCLbCLvAEQjFA2jSU83qYRz6j-uIpk6Q==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:14:58 GMT
age: 54583
etag: "77cf1dd30e86f5568a8e64cb42f536cf2af9301c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c408efaa98ac2ce63bb1618368d10c15
a51bbb49ebd862d04eaee465d0a35b22dcd21391
077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:13:24 GMT
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
age: 54677
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EeYw3qxRNMEhtLkUrHQe5b1H_f2k-5BWSZV4LEZ9U64rqm7Addv_Dw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 06:56:32 GMT
age: 23289
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
2.lopaset.com/l/PA/12/?resubscription=59&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 25 kB URL HTTP/2 2.lopaset.com/l/PA/12/?resubscription=59&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 9c11479cb9a4e30215963692f8460fd3
ca16939a244e65afd93bd460c6406953e0926f46
6a4fd61a6742d42525f62f49056378c546877a7cab19e9f4386b04b96d16798e
GET /l/PA/12/?resubscription=59&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 2.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d29e68839902-ARN
age: 23911
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d89b69ba37bf23c5d576aff4063caf
3d46a21b4da571d7e4962e335c18a28ca5f81ecf
09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wFqXeAYHSBcj85PiuqhV790clAMWg_NHMCO5Q5WARXDaohFWZdeCig==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:19:17 GMT
age: 50724
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://38.lopaset.com/
Origin: https://38.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://38.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39.lopaset.com/
Origin: https://39.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://39.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://38.lopaset.com/
Origin: https://38.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://38.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
3.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 255 B URL HTTP/2 3.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
File type ASCII text, with very long lines (554)
Hash 204ea1f2951cf57443b11c04310f2a35
478cdbc5f50ad7ba8362cb18ca3c132902c39341
91f9fd8bffbd71495ff1285c66af1965064fd0fac17ca2cf4045eb561f1d87ca
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 3.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2a02b1d9902-ARN
age: 23910
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.lopaset.com/
Origin: https://1.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://1.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
4.lopaset.com/l/PA/12/?resubscription=57&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 12 kB URL HTTP/2 4.lopaset.com/l/PA/12/?resubscription=57&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash ed7b64ec356bbd1d08fa76470dbaee74
24edbc6604aeb58821cfba6050da550c43fdc4c9
b6ba4c8f20a750f5777e6fef9657e68917cda47c5c610424f6a03d1124c12022
GET /l/PA/12/?resubscription=57&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 4.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d2a06b799902-ARN
age: 23910
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 7a91de9e50a65e5cf18aa2d0ad7b25c3
b5e7bb090de8b15fede9438002a7098dcefb7f91
759b6ac36f3ab76f5ac22c47e5e466069c37778102acb62cf1119ae1cb120a88
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://39.lopaset.com/
Content-Type: application/json
Origin: https://39.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: f729ce5f69fcdbc8c3d1b6f578d0a703
access-control-allow-origin: https://39.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://1.lopaset.com/
Origin: https://1.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://1.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash ea984118beb7a36559188747307c04d4
bd644de08668c46f1afca7a3a358049b66bc0e46
8c483c220276fc800e80010e2711c02eff8696354c37befaa9c883c355f15b46
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1.lopaset.com/
Content-Type: application/json
Origin: https://1.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 64d59c64fec074b5e46a2824d973f62e
access-control-allow-origin: https://1.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash e1235cfb0e5f44c627adfe0fb48eb903
c021c18f2775147c81a6f36a97e0d79dde02577c
f8310c1302cd71b63713414e997c9964048caca8640b5fb6823cd1c8f08cd894
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash e1235cfb0e5f44c627adfe0fb48eb903
c021c18f2775147c81a6f36a97e0d79dde02577c
f8310c1302cd71b63713414e997c9964048caca8640b5fb6823cd1c8f08cd894
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://2.lopaset.com/
Origin: https://2.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://2.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 31c394e63e89b20b61495167440a8175
e0fba8b2b2d9bcf89cca9e56eca2e237fa90928e
e3eb960ed509c0db7c89f3f579ac4ad11235a5597491c4db94cb91204fb562ba
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2.lopaset.com/
Content-Type: application/json
Origin: https://2.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 70028a69a6b378dab248d901910fd42f
access-control-allow-origin: https://2.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
3.lopaset.com/l/PA/12/?resubscription=58&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 62 kB URL HTTP/2 3.lopaset.com/l/PA/12/?resubscription=58&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 948dd1def2088d97195c46997f02a653
1b3490420dc33315c8b763855e16458f9c592264
06610bbdbe25f1567f7963b40359d054d1b2b06aaddee51a718b871d949ddf44
GET /l/PA/12/?resubscription=58&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 3.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d29f69cf9902-ARN
age: 23911
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash d5c1520760c3f1e15e88f4655561dc92
29d86f3906e628fad4607aad70e49ad274334ed7
7585b08e3be11d4771807a05ae0dae6ea93e0d1e50b2595e9ef0318f43e93d03
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://3.lopaset.com/
Content-Type: application/json
Origin: https://3.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 9c7bcd404b61def717e4ec3f9a1903f9
access-control-allow-origin: https://3.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4.lopaset.com/
Origin: https://4.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://4.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://4.lopaset.com/
Origin: https://4.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://4.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 23d0e0a620e658913ae9a1fd98cae793
268b32482db04df521c42209d6b27288d700c0c5
4a1c66fa2ce390145a5b35e65dd8b0dd4d0cd45f07825b89e172d778aa658a8e
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://4.lopaset.com/
Content-Type: application/json
Origin: https://4.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 9c9d1206bca5c67eab148d8e47b98baa
access-control-allow-origin: https://4.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
5.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 5.3 kB URL HTTP/2 5.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
File type ASCII text, with very long lines (554)
Hash 746894df41298791f32fad8373924ba3
db9ba5456c82e66216979bc4b57d209e9df4105c
3f31628215a4e1dd9c83d87f73129a06ff8b45d006235d0e772bc7cd8f912643
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 5.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2a21daa9902-ARN
age: 23908
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://5.lopaset.com/
Origin: https://5.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://5.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 50 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash 484f796fbe5ab124fe2112429e33e223
c80413f52b6e6967aac6455bc72b606317c6d1de
38bed7df67e87560ee78ddd18e6ed618d530468428a45e1aed92b585120fa621
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
8.lopaset.com/l/PA/12/?resubscription=53&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 17 kB URL HTTP/2 8.lopaset.com/l/PA/12/?resubscription=53&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 8aeb8471099d03ae017d276d7a3d73d4
82a24fa744363c82da6af473111a85d96616641f
a90b44b0982542da4e3918e5072dea28a42203f0ac6c1421960aa073075aad18
GET /l/PA/12/?resubscription=53&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 8.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d2a438899902-ARN
age: 23907
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
9.lopaset.com/l/PA/12/rnd.jpg
104.22.65.175200 OK 61 kB URL HTTP/2 9.lopaset.com/l/PA/12/rnd.jpg
IP 104.22.65.175:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 297x668, components 3\012- data
Hash 267ebadd2b686bdc1f52a5f502e8c093
ca9892a0b64fb44d9d779c9d34244b7641e89473
891dab1fc5b524854de645a1084f37dc8156cb59516808bd18559b4865dada65
GET /l/PA/12/rnd.jpg HTTP/1.1
Host: 9.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.lopaset.com/l/PA/12/?resubscription=52&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: image/jpeg
content-length: 60612
cf-ray: 7765d2a64ba49902-ARN
accept-ranges: bytes
age: 23906
etag: "l/PA/12/rnd.913476f985.jpg"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 38 kB URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
Hash b25a895a55628c91c9971b0fedbcc341
bf329835dfd092fdf6b0baccb4e6803adfbebf70
d71d9af6615172abb50c96624f7bfa41d10ff6542b72a14ae51860106f478c6c
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.lopaset.com/
Origin: https://6.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://6.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
37.lopaset.com/l/PA/12/?resubscription=63&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 12 kB URL HTTP/2 37.lopaset.com/l/PA/12/?resubscription=63&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28864), with no line terminators
Hash 172f2bb6ac7eac05cb2a143812cfb1ba
cb66cbdb388f88e7a2c89e8e4cba7473cb86a135
a2c15a392c8f2e8b70c504ae6d315b80c03c78bfd1484d603d0b43172530d8a2
GET /l/PA/12/?resubscription=63&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 37.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://36.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d29a9bb29902-ARN
age: 23143
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7.lopaset.com/
Origin: https://7.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://7.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=true&ymid=1670505781489jq2okp5a0&var=165_MY
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=true&ymid=1670505781489jq2okp5a0&var=165_MY
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=true&ymid=1670505781489jq2okp5a0&var=165_MY HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.lopaset.com/
Origin: https://9.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://9.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash f0a97431ee20a34a40c98e959cee87a7
e54fb1a9b8aa6d03ff35ef4f651065edd93e4d4c
90f92d1f6d70f5d380f26a27e6396c295b86fc7fac1b4c0744360b7a92bae5ad
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6.lopaset.com/
Content-Type: application/json
Origin: https://6.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 0a166a830e045cf0b7e1951a75191ea6
access-control-allow-origin: https://6.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e710700acea82a308b15fb8aa2daa406
d9304e03274659e5dc9d02201b656691ace3f1d1
54a619b23c849dca38b0a537bcfb69dfcf34ad9b14ccbd07d692089ce38bcc52
GET /gid.js?pub=0&userId=&zoneId=4789810&checkDuplicate=false&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8.lopaset.com/
Origin: https://8.lopaset.com
Connection: keep-alive
Cookie: ID=b8062e7ca8ee42578a308ebe071fc26f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://8.lopaset.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b8062e7ca8ee42578a308ebe071fc26f; expires=Fri, 08 Dec 2023 13:24:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 18885d544c818a01d379ce04c1c48d0a
f6354865cfa63f4a91dd73ebe87259dd1d638db2
6fdf8282f7f9b67b54ce4a864ad66417d45e9ea1b0cf9e2e3944ac47f91be2dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6FDF8282F7F9B67B54CE4A864AD66417D45E9EA1B0CF9E2E3944AC47F91BE2DD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12478
Expires: Thu, 08 Dec 2022 16:52:41 GMT
Date: Thu, 08 Dec 2022 13:24:43 GMT
Connection: keep-alive
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://8.lopaset.com/
Origin: https://8.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://8.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789810&is_mobile=false&domain=9.lopaset.com&var=165_MY&ymid=1670505781489jq2okp5a0&var_3=&dsig=&nt=true&action=prerequest
139.45.197.251200 OK 0 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789810&is_mobile=false&domain=9.lopaset.com&var=165_MY&ymid=1670505781489jq2okp5a0&var_3=&dsig=&nt=true&action=prerequest
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zone?&pub=0&zone_id=4789810&is_mobile=false&domain=9.lopaset.com&var=165_MY&ymid=1670505781489jq2okp5a0&var_3=&dsig=&nt=true&action=prerequest HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.lopaset.com/
Origin: https://9.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-length: 0
x-trace-id: a38af6ce52dc15bb7f5af325dcbcff14
access-control-allow-origin: https://9.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://7.lopaset.com/
Origin: https://7.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://7.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://9.lopaset.com/
Origin: https://9.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://9.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash eb63acd8deecd6ffb19a97c3a7ceeebf
497200fd294d97594f60060eca2f6a53434a4463
cb1dacbabf490837d5cc9dc8a6dcade18b31fbbc255a0fa000adb588657f48b6
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://8.lopaset.com/
Content-Type: application/json
Origin: https://8.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 6a9dd20f855fc4fafd5371c3d8ff82d7
access-control-allow-origin: https://8.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash d9f2a611c2245962a0ef86e3c96f829f
9479262544a046f5e869021b540f36da9f496d2c
d185f933fb7e800f5f69bb0df39e6ae23a6776009f3ebaf74b43ee90feb71565
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://7.lopaset.com/
Content-Type: application/json
Origin: https://7.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: c47c0fe590d97d2675619a04b40b6a1a
access-control-allow-origin: https://7.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 2a8a1b494d4a7155e6a9667dd482c020
e520bf8da0bd474a19d07417211a696e8ae8c383
5327da2ae69c784ed2fb8c5533719d10076af3abbea62cce143e122c8ce38c0a
POST /event HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.lopaset.com/
Content-Type: application/json
Origin: https://9.lopaset.com
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: b0790a1984e734a5bb7b09f12cf4e959
access-control-allow-origin: https://9.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choupsee.com/event
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://9.lopaset.com/
Origin: https://9.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://9.lopaset.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
choupsee.com/zone?&pub=0&zone_id=4789810&is_mobile=false&domain=9.lopaset.com&var=165_MY&ymid=1670505781489jq2okp5a0&var_3=&dsig=&nt=true&action=settings
139.45.197.251200 OK 693 B URL HTTP/2 choupsee.com/zone?&pub=0&zone_id=4789810&is_mobile=false&domain=9.lopaset.com&var=165_MY&ymid=1670505781489jq2okp5a0&var_3=&dsig=&nt=true&action=settings
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (692)
Hash e10ea7c03d5a1c892158c893def4e8c1
8fe0dea9123e5dcda9f961a367048aa1aaa63662
78f42817317da0cd63e0e72f14487c60aa51aaddbf9693702a48e10033b3f712
GET /zone?&pub=0&zone_id=4789810&is_mobile=false&domain=9.lopaset.com&var=165_MY&ymid=1670505781489jq2okp5a0&var_3=&dsig=&nt=true&action=settings HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.lopaset.com/
Origin: https://9.lopaset.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 693
x-trace-id: fc7bebc9412ebda9b2222f19d37de34d
access-control-allow-origin: https://9.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
choupsee.com/event
139.45.197.251200 OK 94 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 2a8a1b494d4a7155e6a9667dd482c020
e520bf8da0bd474a19d07417211a696e8ae8c383
5327da2ae69c784ed2fb8c5533719d10076af3abbea62cce143e122c8ce38c0a
Analyzer Verdict Alert fortinet Malware
POST /event HTTP/1.1
Host: choupsee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9.lopaset.com/
Content-Type: application/json
Origin: https://9.lopaset.com
Content-Length: 491
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:43 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 881165742829c5b51bd48b1efd7cb66e
access-control-allow-origin: https://9.lopaset.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
35.lopaset.com/l/PA/12/?resubscription=65&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 35.lopaset.com/l/PA/12/?resubscription=65&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=65&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 35.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://34.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d29889009902-ARN
age: 23144
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
9.lopaset.com/favicon.ico
104.22.65.175200 OK 0 B URL HTTP/2 9.lopaset.com/favicon.ico
IP 104.22.65.175:0
GET /favicon.ico HTTP/1.1
Host: 9.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9.lopaset.com/l/PA/12/?resubscription=52&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: image/vnd.microsoft.icon
cf-ray: 7765d2a6bc8c9902-ARN
age: 21014
etag: W/"favicon.ff38969f14.ico"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
9.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 9.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 9.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2a64b949902-ARN
age: 23906
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
36.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 36.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 36.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d29a7b849902-ARN
age: 23143
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://6.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
32.lopaset.com/l/PA/12/?resubscription=68&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 32.lopaset.com/l/PA/12/?resubscription=68&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=68&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 32.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:39 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d2952be99902-ARN
age: 23162
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
36.lopaset.com/l/PA/12/?resubscription=64&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 36.lopaset.com/l/PA/12/?resubscription=64&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=64&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 36.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://35.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d299ba9b9902-ARN
age: 23144
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://35.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
34.lopaset.com/l/PA/12/?resubscription=66&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 34.lopaset.com/l/PA/12/?resubscription=66&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=66&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 34.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://33.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d2973ee79902-ARN
age: 23145
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
34.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 34.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 34.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d29838a39902-ARN
age: 23144
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
7.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 7.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 7.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2a4186a9902-ARN
age: 23907
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
8.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 8.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 8.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2a549fd9902-ARN
age: 23907
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://7.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
30.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 30.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 30.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:39 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d293ea339902-ARN
age: 23163
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
30.lopaset.com/l/PA/12/?resubscription=70&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 30.lopaset.com/l/PA/12/?resubscription=70&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=70&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 30.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:39 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d2922fff9902-ARN
age: 23163
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
31.lopaset.com/l/PA/12/?resubscription=69&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 31.lopaset.com/l/PA/12/?resubscription=69&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=69&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 31.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://30.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:39 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d2942a749902-ARN
age: 23163
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
4.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 4.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 4.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2a10c3d9902-ARN
age: 23909
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
33.lopaset.com/l/PA/12/?resubscription=67&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 33.lopaset.com/l/PA/12/?resubscription=67&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=67&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 33.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://32.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d295fd239902-ARN
age: 23162
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://36.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
foapsovi.net/pfe/current/service-worker.min.js?r=sw
139.45.197.251200 OK 0 B URL HTTP/2 foapsovi.net/pfe/current/service-worker.min.js?r=sw
IP 139.45.197.251:0
GET /pfe/current/service-worker.min.js?r=sw HTTP/1.1
Host: foapsovi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8.lopaset.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 13:24:42 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:47 GMT
etag: W/"6388cb77-1c7a1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
35.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
104.22.65.175200 OK 0 B URL HTTP/2 35.lopaset.com/sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0
IP 104.22.65.175:0
GET /sw-check-permissions-4789810.js?z=4789810&var=165_MY&ymid=1670505781489jq2okp5a0 HTTP/1.1
Host: 35.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:40 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 7765d2996a319902-ARN
age: 23143
etag: W/"sw-check-permissions-4789810.1e853e10c7.js"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
5.lopaset.com/l/PA/12/?resubscription=56&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
104.22.65.175200 OK 0 B URL HTTP/2 5.lopaset.com/l/PA/12/?resubscription=56&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}}
IP 104.22.65.175:0
GET /l/PA/12/?resubscription=56&clickid=1670505781489jq2okp5a0&source=165&unique_user=1&browser_name=Chrome&browser_version=94.0.0.0&country=MY&partner=PA&language=en-US&unixtime=1670505781&tb={https://youfindadate.top/dating-survey.html?z=5468477&offer_id=2061&ymid={clickid}&var={traffic_source}} HTTP/1.1
Host: 5.lopaset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4.lopaset.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 13:24:41 GMT
content-type: text/html; charset=utf-8
cf-ray: 7765d2a15cb79902-ARN
age: 23909
etag: W/"l/PA/12/index.e5e80efe6f.html"
vary: Accept-Encoding
cf-cache-status: HIT
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2