r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4369
Expires: Sat, 25 Mar 2023 21:45:29 GMT
Date: Sat, 25 Mar 2023 20:32:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4499
Expires: Sat, 25 Mar 2023 21:47:39 GMT
Date: Sat, 25 Mar 2023 20:32:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 20:15:29 GMT
content-type: application/json
age: 1031
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11353
Expires: Sat, 25 Mar 2023 23:41:53 GMT
Date: Sat, 25 Mar 2023 20:32:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yysAV6HR6XEh9N+UsxId698aKxbCttxgwUg4slsCkWT99naDXwSmRjxqoqU/Rj4HTs1M4mkfVUCvzuIu4/1ddQ==
x-amz-request-id: 7K2E1EF3J592V9QW
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 20:00:55 GMT
age: 1905
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 20:32:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 20:14:33 GMT
age: 1088
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7629
Expires: Sat, 25 Mar 2023 22:39:50 GMT
Date: Sat, 25 Mar 2023 20:32:41 GMT
Connection: keep-alive
pim.crypit.net/
67.227.226.240200 OK 2.3 kB IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (632)
Hash ed8a6afb81256a3429e77aa1a9934ce7
e7c891d785e373e15abacd2eeeff292335455fa8
829b68e55179bfa41284cac6eaec9c8bde2febc9dc701fc72ac881f4172ad95b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: pim.crypit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 20:32:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Cache-Control: no-cache
Pragma: no-cache
Content-Length: 2272
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
34.213.54.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.54.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I5YoxZpcRtNotVxzqt4x+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KfUhS0cZYJdUwXz0UQUm7/wPoWE=
pim.crypit.net/page/bouncy.php?&bpae=GbhGtK3mvEx7N5vv%2ByqQKBItKXflA9V2INE2Bp0Mpon1oiknC4iLMowBeLUGr4hyckZrYJIXWrn0b6F8hFdxw%2FxBdj%2FdP%2FqHKLDJFcdk%2FQ%2FpbFAfaDVwCRwKJ%2BEirkezXA6p2%2FfUoV6LsMrr4eS61l7AqM5Bw4WytYXwIBn0dRPs3I8%2FM0iXi5Fv1VYj4AMj5tIaL2lKTCNxmGeeUr6ei9xkOduptqvdAYdBvD%2FElP2npwCwrGUX2gN7iZ%2BOorNyelp7KrEcCCIE4kauyXMcvajmL5SItcKXGmhSdnzdWgP3iL32d3JXb7%2For9GYi38BeVvpzXClMTZiwaxLMvjwaH%2FSOJRMGObdbpqMbCiQfVz8cHk5u1O3bOe5AlJHLAcSOAY4oYG8D%2BXIpndvdcu9QaXIk3zacOi2SfdqN%2B31ba9%2Bq44HcZLk4bb9huKRAVXYVXZ07SYB9lrr2rnmW92I10SojkyLoqpKHJx8ES%2BGXNg8dh8YfNiq89SkqNaz&redirectType=js&inIframe=false&inPopUp=false
67.227.226.240200 OK 985 B URL HTTP/1.1 pim.crypit.net/page/bouncy.php?&bpae=GbhGtK3mvEx7N5vv%2ByqQKBItKXflA9V2INE2Bp0Mpon1oiknC4iLMowBeLUGr4hyckZrYJIXWrn0b6F8hFdxw%2FxBdj%2FdP%2FqHKLDJFcdk%2FQ%2FpbFAfaDVwCRwKJ%2BEirkezXA6p2%2FfUoV6LsMrr4eS61l7AqM5Bw4WytYXwIBn0dRPs3I8%2FM0iXi5Fv1VYj4AMj5tIaL2lKTCNxmGeeUr6ei9xkOduptqvdAYdBvD%2FElP2npwCwrGUX2gN7iZ%2BOorNyelp7KrEcCCIE4kauyXMcvajmL5SItcKXGmhSdnzdWgP3iL32d3JXb7%2For9GYi38BeVvpzXClMTZiwaxLMvjwaH%2FSOJRMGObdbpqMbCiQfVz8cHk5u1O3bOe5AlJHLAcSOAY4oYG8D%2BXIpndvdcu9QaXIk3zacOi2SfdqN%2B31ba9%2Bq44HcZLk4bb9huKRAVXYVXZ07SYB9lrr2rnmW92I10SojkyLoqpKHJx8ES%2BGXNg8dh8YfNiq89SkqNaz&redirectType=js&inIframe=false&inPopUp=false
IP 67.227.226.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash bd120bccaf68391cd5b77780effda9af
fe65c397c27771542f57c1db664aba5c79b2d378
068782d4bd67ab0a612c5c2b302ed2b897c04e122efc24ec28ea688b6c6844f4
GET /page/bouncy.php?&bpae=GbhGtK3mvEx7N5vv%2ByqQKBItKXflA9V2INE2Bp0Mpon1oiknC4iLMowBeLUGr4hyckZrYJIXWrn0b6F8hFdxw%2FxBdj%2FdP%2FqHKLDJFcdk%2FQ%2FpbFAfaDVwCRwKJ%2BEirkezXA6p2%2FfUoV6LsMrr4eS61l7AqM5Bw4WytYXwIBn0dRPs3I8%2FM0iXi5Fv1VYj4AMj5tIaL2lKTCNxmGeeUr6ei9xkOduptqvdAYdBvD%2FElP2npwCwrGUX2gN7iZ%2BOorNyelp7KrEcCCIE4kauyXMcvajmL5SItcKXGmhSdnzdWgP3iL32d3JXb7%2For9GYi38BeVvpzXClMTZiwaxLMvjwaH%2FSOJRMGObdbpqMbCiQfVz8cHk5u1O3bOe5AlJHLAcSOAY4oYG8D%2BXIpndvdcu9QaXIk3zacOi2SfdqN%2B31ba9%2Bq44HcZLk4bb9huKRAVXYVXZ07SYB9lrr2rnmW92I10SojkyLoqpKHJx8ES%2BGXNg8dh8YfNiq89SkqNaz&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: pim.crypit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://pim.crypit.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Cache-Control: no-cache
Content-Type: text/html; charset=UTF-8
Date: Sat, 25 Mar 2023 20:32:41 GMT
Pragma: no-cache
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 985
ocsp.r2m01.amazontrust.com/
108.157.228.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 108.157.228.227:0
Hash 6d4e03f5eff748e9a2dfc5af7f82d257
5ea3094c5ae312fba9aca84b79586a7b146b619a
c544d69a2cbfbbb0d6d37ade0ae3fde70f10bea9f2fa001ed42407db3dd907a4
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114048
Date: Sat, 25 Mar 2023 20:32:42 GMT
Etag: "641e6c7f-1d7"
Expires: Mon, 27 Mar 2023 04:13:30 GMT
Last-Modified: Sat, 25 Mar 2023 03:37:35 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 4a97b39292c0cc77b857d41135aea32a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: bIplQL3e0Grcrxgb-EMQOUyljutNTj5xvrnsbXIWhYsLr9Fjv73ZAw==
Age: 2155
wiela-kig.com/favicon.ico
54.237.193.255404 Not Found 653 B URL HTTP/2 wiela-kig.com/favicon.ico
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: wiela-kig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wiela-kig.com/zcredirect?visitid=304ae0c0-cb4c-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sat, 25 Mar 2023 20:32:42 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: VZxopCWl
X-Firefox-Spdy: h2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D41335%26s2%3Dwn8epsa5amm8gshnioof56ls%26s3%3D719fbd40-273d-47b8-882f-683d1074b172wn8epsa5amm8gshnioof56ls&caid=375b2a1c-057b-4966-ad10-11b6163841b6&zpid=304ae0c0-cb4c-11ed-848d-127f134720fb&cid=wn8epsa5amm8gshnioof56ls&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D41335%26s2%3Dwn8epsa5amm8gshnioof56ls%26s3%3D719fbd40-273d-47b8-882f-683d1074b172wn8epsa5amm8gshnioof56ls&caid=375b2a1c-057b-4966-ad10-11b6163841b6&zpid=304ae0c0-cb4c-11ed-848d-127f134720fb&cid=wn8epsa5amm8gshnioof56ls&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Finspxtrc.com%2F%3Fa%3D12209%26c%3D41335%26s2%3Dwn8epsa5amm8gshnioof56ls%26s3%3D719fbd40-273d-47b8-882f-683d1074b172wn8epsa5amm8gshnioof56ls&caid=375b2a1c-057b-4966-ad10-11b6163841b6&zpid=304ae0c0-cb4c-11ed-848d-127f134720fb&cid=wn8epsa5amm8gshnioof56ls&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wiela-kig.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 25 Mar 2023 20:32:42 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://inspxtrc.com/?a=12209&c=41335&s2=wn8epsa5amm8gshnioof56ls&s3=719fbd40-273d-47b8-882f-683d1074b172wn8epsa5amm8gshnioof56ls
pragma: no-cache
set-cookie: cc-v4=9iE%2FJ6ZnnED0EujObc8CyaHRcKvlJP5dHwIUNxage72O0UzQWJAF1Nz%2F8eSClTl2QsVSzg%2FZJhXRPNMZ1F%2BHz7EMvMziKomNvvNMDCrKT638nIu5oIBAKa6Of1419aENWXzqXAyGE5b5BKFARHjGRg%3D%3D; Max-Age=31536000; Expires=Sun, 24-Mar-2024 20:32:42 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3779
Expires: Sat, 25 Mar 2023 21:35:41 GMT
Date: Sat, 25 Mar 2023 20:32:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3779
Expires: Sat, 25 Mar 2023 21:35:41 GMT
Date: Sat, 25 Mar 2023 20:32:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3779
Expires: Sat, 25 Mar 2023 21:35:41 GMT
Date: Sat, 25 Mar 2023 20:32:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i6dsVaC_gPijsRqh_EL5tZYZpjNEbQJvKIpPq501TIJZzcLUWeRz9w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:45:56 GMT
age: 82006
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wiela-kig.com/zcvisitor/304ae0c0-cb4c-11ed-848d-127f134720fb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=77438ed0-0f06-11ed-9465-12beee04f19b
54.237.193.255200 OK 6.4 kB URL HTTP/2 wiela-kig.com/zcvisitor/304ae0c0-cb4c-11ed-848d-127f134720fb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=77438ed0-0f06-11ed-9465-12beee04f19b
IP 54.237.193.255:0
Hash cc3dcff2ccc28c0050811929d373e9e1
f20626991af3359057ab085d51315a24b84dd2ac
99411ed91e46f7c6039c58d546d1ebda07c7e7a14af1cb239e39e945810dab8b
GET /zcvisitor/304ae0c0-cb4c-11ed-848d-127f134720fb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=77438ed0-0f06-11ed-9465-12beee04f19b HTTP/1.1
Host: wiela-kig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://pim.crypit.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:42 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: FOEiExiL
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ye0ADORg1hFVLxcNVj-qS60tlfguOEtyTx_XFU4ooJOcDHqNsqV3kw==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:14 GMT
age: 81328
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70169fbc493bf12f91f072aa3a30ddde
4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d
8b5fc3c8421d5696522231c3490a0853709897f5c9b645bd5e84398cf84089aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12071
x-amzn-requestid: 02bb2a93-c0aa-4d43-aa99-759a0418bc20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfGHYoAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-2258162e1901b5cd6e7144d3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: n7Xm67vDO9_X3Xoe2HXJs4Y9dLE6cZgx16lmW7c3KHv-sOg7rZo9wg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:47:23 GMT
age: 81919
etag: "4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:35:57 GMT
age: 53805
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 82129
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 4695966d2b82ce1f41e0a816e0b9bc50
7f1cedbb49cdc872b72c672602e4f2d35f834c29
0541fdebfc1f2d63f439cda69dce414ea132ca53482cb8429152f258504edda7
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 20:32:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 29 Mar 2023 18:13:41 GMT
ETag: "7f1cedbb49cdc872b72c672602e4f2d35f834c29"
Last-Modified: Sat, 25 Mar 2023 18:13:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad9ecbc183d0afa-OSL
inspxtrc.com/?a=12209&c=41335&s2=wn8epsa5amm8gshnioof56ls&s3=719fbd40-273d-47b8-882f-683d1074b172wn8epsa5amm8gshnioof56ls
52.209.162.59302 Found 329 B URL HTTP/1.1 inspxtrc.com/?a=12209&c=41335&s2=wn8epsa5amm8gshnioof56ls&s3=719fbd40-273d-47b8-882f-683d1074b172wn8epsa5amm8gshnioof56ls
IP 52.209.162.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4e066fd6f78c0cda74a8205b7146953a
c46384d8e81df30759d38214145fa7814d527bea
55910c03cd3e2cb90c4b67982d1dbd6bccc0ac4346209391a3b8de5fb39abf52
GET /?a=12209&c=41335&s2=wn8epsa5amm8gshnioof56ls&s3=719fbd40-273d-47b8-882f-683d1074b172wn8epsa5amm8gshnioof56ls HTTP/1.1
Host: inspxtrc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wiela-kig.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 329
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Mar 2023 20:32:42 GMT
Location: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=7P8sJ7aA6lCIhOXILYI3ZFRQTTfg5vVDCCHp1J4yZIYJF7OcZuj8zQ==; domain=.inspxtrc.com; path=/; SameSite=None; secure; HttpOnly
trk=/j7CRFmYl8+rIK2hJh9ty1RQTTfg5vVDCCHp1J4yZIYJF7OcZuj8zQ==; domain=.inspxtrc.com; expires=Tue, 25-Mar-2025 20:32:43 GMT; path=/; SameSite=None; secure; HttpOnly
c15253=7P8sJ7aA6lAl+6eCgKIMQWejyiPYFH/v7WgZv64gCZAju18+aFrywQ==; domain=.inspxtrc.com; expires=Mon, 24-Apr-2023 20:32:43 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
www.30-dating.no/oms/storage/assets/components/luxembourg-overlay/images/background.png
104.17.167.216200 OK 34 kB URL HTTP/2 www.30-dating.no/oms/storage/assets/components/luxembourg-overlay/images/background.png
IP 104.17.167.216:0
File type PNG image data, 580 x 100, 8-bit gray+alpha, non-interlaced\012- data
Hash 908d3735254cf9981af6076358241e01
471ccdf7892052f91c6c0884c216abe20091e685
b7bd850eeb029f3fe34c9b5d9730f76cf63a828ee28b7f004dca8f4dc79a36cd
GET /oms/storage/assets/components/luxembourg-overlay/images/background.png HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/png
content-length: 34375
cf-bgj: imgq:100,h2pri
cf-polished: origSize=47620
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc02e160b61-OSL
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/assets/components/luxembourg-overlay/images/flag-lu.jpg
104.17.167.216200 OK 1.4 kB URL HTTP/2 www.30-dating.no/oms/storage/assets/components/luxembourg-overlay/images/flag-lu.jpg
IP 104.17.167.216:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 278x167, components 3\012- data
Hash 2cdee573e13d0bcf7ebfa831a4a0103c
45cac7385334587b2c2cd2413e1989ecaf7f9dba
6e114d9d6bfb883fa77c7022ee7778108c1c2cde5941aac60007102968c31fd2
GET /oms/storage/assets/components/luxembourg-overlay/images/flag-lu.jpg HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/jpeg
content-length: 1354
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2842
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc02e180b61-OSL
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/assets/d30/tpl-ghp/images/bg-image-dsktp.jpg
104.17.167.216200 OK 122 kB URL HTTP/2 www.30-dating.no/oms/storage/assets/d30/tpl-ghp/images/bg-image-dsktp.jpg
IP 104.17.167.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1100, components 3\012- data
Size 122 kB (121951 bytes)
Hash 70e688097fde3dbd4e0caa8089f1a3ef
6399b7bcf28f20efd9f81b2db20c224bb2a1be04
de863e398992967756d4a7b9970d08dfb3bc42bafb90f0e55b243cd0af95bbd2
GET /oms/storage/assets/d30/tpl-ghp/images/bg-image-dsktp.jpg HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/jpeg
content-length: 121951
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc02e130b61-OSL
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/badges/d30/norton-digicert.png
104.17.167.216200 OK 17 kB URL HTTP/2 www.30-dating.no/oms/storage/badges/d30/norton-digicert.png
IP 104.17.167.216:0
File type PNG image data, 354 x 196, 8-bit colormap, non-interlaced\012- data
Hash c37227ed4a2a222b4a96797e60dd1636
4356e5c7cfc3c461630834cf7f30fd558b02fed9
552b740f9b84f702eb7e4afa9c2d48d19d7896546e60b0dbdfa27a1b726fdaf3
GET /oms/storage/badges/d30/norton-digicert.png HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/png
content-length: 16930
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc14f710b61-OSL
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
104.17.167.216200 OK 56 kB URL HTTP/2 www.30-dating.no/oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
IP 104.17.167.216:0
File type Web Open Font Format (Version 2), TrueType, length 56348, version 1.0\012- data
Hash 441a81103fda7f9c3b41cffd77d8c65c
3a2d883b3fc09a347376088e206f5e0fd17aab72
52a27a6a1c1821efdf20d91ece59d5f29ba3ba28cc8480e2f73f3007216e7729
GET /oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: font/woff2
content-length: 56348
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 6188
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc14f770b61-OSL
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/badges/d30/letsencrypt.png
104.17.167.216200 OK 3.7 kB URL HTTP/2 www.30-dating.no/oms/storage/badges/d30/letsencrypt.png
IP 104.17.167.216:0
File type PNG image data, 260 x 152, 8-bit colormap, non-interlaced\012- data
Hash 7f75317b47a42382193251b0f455f4df
4f3cae120b1f339beb0759b5d705cd9fc0103b69
f869f3c99de7e7122b9b929bff69dba55984b3cc39b80bad7d130715bc793565
GET /oms/storage/badges/d30/letsencrypt.png HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/png
content-length: 3741
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc14f700b61-OSL
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
104.17.167.216200 OK 55 kB URL HTTP/2 www.30-dating.no/oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
IP 104.17.167.216:0
File type Web Open Font Format (Version 2), TrueType, length 54576, version 1.0\012- data
Hash 85cb2c73cbeffb7cb359827c68b20e91
a89fb47d4a581c6e2e3cc622f3410d0d9fe9d6a4
bba8d203d019c6f11367d6279cdeb0efbc5895b75dfa68a008686d22194e8d67
GET /oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2 HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: font/woff2
content-length: 54576
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc14f730b61-OSL
X-Firefox-Spdy: h2
www.30-dating.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679774400
104.17.167.216200 OK 72 kB URL HTTP/2 www.30-dating.no/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679774400
IP 104.17.167.216:0
File type ASCII text, with very long lines (30848), with no line terminators
Hash 66aafdc38388c65de432f1d4311664af
9479dcdeedc5dce22fa07e629d6e5d70a7822e27
16b58040e424154e547662266eb4cc67e2929b3b2c933bab5b9dec6d0a3d1da2
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679774400 HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
x-control-type-options: nosniff
cache-control: max-age=14400, public
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7ad9ecc0eeed0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.30sdating.com/api/v1/events/pre-registration
104.17.168.216200 OK 0 B URL HTTP/2 app.30sdating.com/api/v1/events/pre-registration
IP 104.17.168.216:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/events/pre-registration HTTP/1.1
Host: app.30sdating.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.30-dating.no/
Origin: https://www.30-dating.no
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-length: 0
cf-ray: 7ad9ecc1ab860b31-OSL
access-control-allow-origin: https://www.30-dating.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: irouted=.biz25; path=/; Secure; HttpOnly
__cf_bm=EQbd01Kv2hodLVxsXpt2DzFUj7CesTWI59fMB8r8OWQ-1679776363-0-Adu9rkCOQm7i8D5pV+qZ9OEkpchwaBGNqaJ3ujyCPswpB43ERn3Bo55q7E0Yry8JHfDOxHW3w/v5WxYQeqsXjhwnInE4vuvpbbqR9t08nO9M; path=/; expires=Sat, 25-Mar-23 21:02:43 GMT; domain=.app.30sdating.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/3ca234e71a53b3f73087c07aeb792984.js
104.17.167.216200 OK 64 kB URL HTTP/2 www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/3ca234e71a53b3f73087c07aeb792984.js
IP 104.17.167.216:0
File type Unicode text, UTF-8 text, with very long lines (22623), with no line terminators
Hash 7c0c49b0c21def3b9680f7a13012b14d
6e03a5a0dbde5de584762d471a5498e586da88cb
1ff4ee365bd03b45d7dd4ed4f9ca25cee5b6706309536206005fa0bac1b59ed5
GET /oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/3ca234e71a53b3f73087c07aeb792984.js HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: application/javascript
cf-bgj: minify
last-modified: Tue, 21 Mar 2023 09:18:23 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6959
server: cloudflare
cf-ray: 7ad9ecc00de90b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-600.woff2
104.17.167.216200 OK 56 kB URL HTTP/2 www.30-dating.no/oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-600.woff2
IP 104.17.167.216:0
File type Web Open Font Format (Version 2), TrueType, length 56336, version 1.0\012- data
Hash ef3ace47eb239b775be05de1de1af268
988135ecaacc456e803d9609b28e5e68c4d694d9
0240d31750dece0d5a709e6eb5cbfded2f15b37b5a4d752c3c636cdd03bd12f8
GET /oms/storage/fonts/open-sans/open-sans-v34-vietnamese_latin-ext_latin_hebrew_greek-ext_greek_cyrillic-ext_cyrillic-600.woff2 HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: font/woff2
content-length: 56336
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc14f860b61-OSL
X-Firefox-Spdy: h2
app.30sdating.com/api/v1/events/pre-registration
104.17.168.216200 OK 14 kB URL HTTP/2 app.30sdating.com/api/v1/events/pre-registration
IP 104.17.168.216:0
Hash 3867c1aefb467b5fb214b094ad84d78b
0188b09958dfcd9dab11dd15b0adf8e47c6a3fa0
31dcb855f6f7eb6f3ad9c34f94ddb61a34497546dda68942e9a9f266ad7cd1d7
POST /api/v1/events/pre-registration HTTP/1.1
Host: app.30sdating.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/
Content-Type: application/json
Origin: https://www.30-dating.no
Content-Length: 323
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: application/json;charset=UTF-8
cf-ray: 7ad9ecc1fd9db512-OSL
access-control-allow-origin: https://www.30-dating.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
content-encoding: gzip
expires: 0
strict-transport-security: max-age=15552000; includeSubDomains
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: irouted=.biz25; path=/; Secure; HttpOnly
__cf_bm=z7xxJf4ut33e4QMKOUAdzmOE_yliHroWT3TVWwAQubk-1679776363-0-AZEYrDYOMWH2v4EXFOLXU3YeBVGI3L60ZxhWJOLUuh8/eKaPhUzwg9zFb6XDXFGeYz0xTbTVI6Z8e0v73kfNlq75zZ+wiscWkYLLlIo4jxD/; path=/; expires=Sat, 25-Mar-23 21:02:43 GMT; domain=.app.30sdating.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/assets/d30/tpl-ghp/images/img-video-chat-desktop.svg
104.17.167.216200 OK 8.9 kB URL HTTP/2 www.30-dating.no/oms/storage/assets/d30/tpl-ghp/images/img-video-chat-desktop.svg
IP 104.17.167.216:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (22637), with no line terminators
Hash 4be567944c7d3ab56c944bcadc175bb9
6891e567502d660aa29efd6efa25656db0a15aa5
d91d3b7ffd82840b0d7afc7b04e87640a074ed2993070d60731bac4af073e9c6
GET /oms/storage/assets/d30/tpl-ghp/images/img-video-chat-desktop.svg HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/svg+xml
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc13f6c0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.30-dating.no/cdn-cgi/challenge-platform/h/b/cv/result/7ad9ecbefc970b61
104.17.167.216200 OK 0 B URL HTTP/2 www.30-dating.no/cdn-cgi/challenge-platform/h/b/cv/result/7ad9ecbefc970b61
IP 104.17.167.216:0
POST /cdn-cgi/challenge-platform/h/b/cv/result/7ad9ecbefc970b61 HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12741
Origin: https://www.30-dating.no
Connection: keep-alive
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:44 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=0VE0u_XNYY7_.kv2sWYrTnvTlBlpNemzgI1Rp9RMMb0-1679776364-0-AePXKI8VsnZQJl2fWwtxUMoOk05uqF/TiCpYbFPzrqPEePTmxzinNZvm4OIpFA0a2rk+m0lOi45HqgrdOmDnPE8AX8TyZL4AQX1F64c1OxUf5u6l1n9SYcBrY/Et1z3nZOsGGy8xt43I5XQsEapGj+/TOy3AngADRr1jImjMKC8XC+oqyG+7JHGz0W2Rygww+g==; path=/; expires=Sat, 25-Mar-23 21:02:44 GMT; domain=.www.30-dating.no; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7ad9ecc4fc050b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
104.17.167.216200 OK 0 B URL HTTP/2 www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
IP 104.17.167.216:0
GET /dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470 HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wiela-kig.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
content-security-policy-report-only: default-src 'self' https://app.30sdating.com *.30-dating.no https://www.google.com *.google-analytics.com https://stats.g.doubleclick.net; child-src *; script-src 'self' https://app.30sdating.com *.30-dating.no 'nonce-73415dffe372832f91f43dc66241354d9784b6c87b5b671320d5d8826da140d3' 'unsafe-eval' https://www.google.com *.google-analytics.com https://stats.g.doubleclick.net https://www.googletagmanager.com https://www.googleadservices.com https://connect.facebook.net; style-src 'self' https://app.30sdating.com *.30-dating.no 'unsafe-inline'; img-src 'self' data: https://app.30sdating.com *.30-dating.no https:; media-src 'self' data: https://app.30sdating.com *.30-dating.no; report-uri https://www.30-dating.no/oms/api/v1/ack/csp;
reporting-endpoints: epcsp='https://www.30-dating.no/oms/api/v1/ack/csp'
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; path=/; expires=Sat, 25-Mar-23 21:02:43 GMT; domain=.www.30-dating.no; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7ad9ecbefc970b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/66aca12e3305ce535b10b9152fee3ed3.js
104.17.167.216200 OK 0 B URL HTTP/2 www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/66aca12e3305ce535b10b9152fee3ed3.js
IP 104.17.167.216:0
GET /oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/66aca12e3305ce535b10b9152fee3ed3.js HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: application/javascript
cf-bgj: minify
last-modified: Tue, 21 Mar 2023 09:18:23 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6959
server: cloudflare
cf-ray: 7ad9ecc01df90b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
104.17.167.216200 OK 0 B URL HTTP/2 www.30-dating.no/oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css
IP 104.17.167.216:0
GET /oms/storage/nodes/ZDMwX19uYl9fMjIzMjA1/12f3813c41efb690802fd1ebc8947982.css HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=27741
last-modified: Tue, 21 Mar 2023 09:18:23 GMT
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6959
server: cloudflare
cf-ray: 7ad9ecc0ced10b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/assets/d30/tpl-ghp/images/btn_secure.svg
104.17.167.216200 OK 0 B URL HTTP/2 www.30-dating.no/oms/storage/assets/d30/tpl-ghp/images/btn_secure.svg
IP 104.17.167.216:0
GET /oms/storage/assets/d30/tpl-ghp/images/btn_secure.svg HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/svg+xml
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 6959
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc00df50b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.30-dating.no/oms/api/v1/lux
104.17.167.216200 OK 0 B URL HTTP/2 www.30-dating.no/oms/api/v1/lux
IP 104.17.167.216:0
POST /oms/api/v1/lux HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Content-Type: application/json
Origin: https://www.30-dating.no
Content-Length: 9
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/; ipx_cookie_overlay={"created":1679776377487,"clientId":"","displayedOverlay":"v4","acceptedValues":{"show":true,"acceptedURL":""},"googleAnalyticsCategory":2,"trackingCategories":[{"id":1,"enabled":true},{"id":2,"enabled":false},{"id":3,"enabled":false},{"id":4,"enabled":false},{"id":5,"enabled":false}]}
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.30-dating.no
access-control-max-age: 1000
cache-control: no-cache, private
vary: Origin,Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ad9ecc10f2a0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
wiela-kig.com/zcredirect?visitid=304ae0c0-cb4c-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
54.237.193.255200 OK 0 B URL HTTP/2 wiela-kig.com/zcredirect?visitid=304ae0c0-cb4c-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 54.237.193.255:0
GET /zcredirect?visitid=304ae0c0-cb4c-11ed-848d-127f134720fb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: wiela-kig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wiela-kig.com/zcvisitor/304ae0c0-cb4c-11ed-848d-127f134720fb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=77438ed0-0f06-11ed-9465-12beee04f19b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:42 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: ILRfqLKP
X-Firefox-Spdy: h2
app.30sdating.com/api/v1/events/pre-registration
104.17.168.216200 OK 0 B URL HTTP/2 app.30sdating.com/api/v1/events/pre-registration
IP 104.17.168.216:0
POST /api/v1/events/pre-registration HTTP/1.1
Host: app.30sdating.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/
Content-Type: application/json
Origin: https://www.30-dating.no
Content-Length: 376
Connection: keep-alive
Cookie: __cf_bm=z7xxJf4ut33e4QMKOUAdzmOE_yliHroWT3TVWwAQubk-1679776363-0-AZEYrDYOMWH2v4EXFOLXU3YeBVGI3L60ZxhWJOLUuh8/eKaPhUzwg9zFb6XDXFGeYz0xTbTVI6Z8e0v73kfNlq75zZ+wiscWkYLLlIo4jxD/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:44 GMT
content-type: application/json;charset=UTF-8
cf-ray: 7ad9ecc5bb27b512-OSL
access-control-allow-origin: https://www.30-dating.no
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform, max-age=0, private
content-encoding: gzip
expires: 0
set-cookie: irouted=.biz26; path=/; Secure; HttpOnly
strict-transport-security: max-age=15552000; includeSubDomains
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
content-security-policy:
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
server: cloudflare
X-Firefox-Spdy: h2
www.30-dating.no/oms/storage/logos/d30/D30_Logo_neg_RGB-no.svg
104.17.167.216200 OK 0 B URL HTTP/2 www.30-dating.no/oms/storage/logos/d30/D30_Logo_neg_RGB-no.svg
IP 104.17.167.216:0
GET /oms/storage/logos/d30/D30_Logo_neg_RGB-no.svg HTTP/1.1
Host: www.30-dating.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.30-dating.no/dlpm/aff-d30-no-1122-ghp-couple.html?CID=09NOb_284_229165_1&linkid=12209__wn8epsa5amm8gshnioof56ls&accid=12209&subid1=&subid2=wn8epsa5amm8gshnioof56ls&visid=1770856470
Connection: keep-alive
Cookie: __cf_bm=ZJMe2B_do3uA7t5OjkW6mTJ5SD8Gs8MsmmOt9NcJ3Io-1679776363-0-ATfgG3afLug+M+2K3uXqr4IbCgYsiBEh30bKzP1NijVwlD+ZPL1gyYu86fXJoG0sWR8hNGKHKuV0QJ8ee73PDSBlAYAoT01a5nJb2JimKzZ/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 20:32:43 GMT
content-type: image/svg+xml
last-modified: Fri, 17 Mar 2023 14:41:58 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: HIT
age: 6959
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad9ecc00df40b61-OSL
content-encoding: br
X-Firefox-Spdy: h2