firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 21:43:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mcr5PwtKnGs6m5eo095d-nGomjvjfzWbZsEe-GIiLh9JGiVZSRsu4Q==
Age: 500
single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285
52.29.139.155302 Found 0 B URL HTTP/1.1 single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285
IP 52.29.139.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sat, 03 Sep 2022 21:51:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=8d995bc04adf509caffad6627766fd10291cb637; Max-Age=31536000; Domain=.single-hearts.com; Path=/; Expires=Sun, 03 Sep 2023 21:51:37 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Thu, 08 Sep 2022 21:51:37 GMT
Location: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4585
Expires: Sat, 03 Sep 2022 23:08:02 GMT
Date: Sat, 03 Sep 2022 21:51:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X3C_N23B7PLTzLvYFjRfmbjigonxvtW8x4ZC_UKGhXHWPYW-3RQwnw==
age: 74180
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 21:51:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 94e084795d2eeaa63fa12c16ea49e37e
0a8d54ce04fdf2e1707684936d3c99418dfd76a8
a0c49f155938fcbbd675cd1645257eacfb1b12d8fb1d5ff74ca26bc5a4298fad
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 21:51:37 GMT
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Dems0VdtjVs0OIRjf1Oz9Em9CebaEASoSxnIxwNhXmnOOxN6VAZjHQ==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 21:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 21:45:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z7C1pZNvGClu95I3D7rPPG8uRJA1wiPIEoi-eBU-ZAVyMgbzALaWtA==
Age: 802
single-hearts.com/bridge/intg.js?v=8
52.29.139.155200 OK 332 B URL HTTP/2 single-hearts.com/bridge/intg.js?v=8
IP 52.29.139.155:0
File type ASCII text, with very long lines (331)
Hash 0f6fbbd07a1685324878c88a0df767f5
7adeeb456eb8b962e14b375440b1b045c347ccf4
f4a2a2209b303ea619087222998e4d4c5bc08621a10a0b0232caa9c866a0ef5c
GET /bridge/intg.js?v=8 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
content-length: 332
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"14c-182f916cfb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 352
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Last-Modified: Sat, 03 Sep 2022 21:45:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
cdn3reference.com/landings/19149/images/girl_img.png
54.230.111.104200 OK 133 kB URL HTTP/2 cdn3reference.com/landings/19149/images/girl_img.png
IP 54.230.111.104:0
File type PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 133 kB (132972 bytes)
Hash c624c79141edd34a8d5c9eb8a9dcf720
40ad5bccb7e1a4c3d608302521c60dc802a16bc8
012e869b31731a90996a0edc71208e30a2bd5e3f815f3b49b54d172e490cf3b9
GET /landings/19149/images/girl_img.png HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 132972
server: nginx
last-modified: Fri, 26 Feb 2016 15:36:51 GMT
accept-ranges: bytes
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: public, max-age=604800
etag: "2076c-52cae11602ac0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GHuLzAlsxQN67WXA3WSpid41pCoiYALytCO7hKaPur6P6JP6TnLzdg==
X-Firefox-Spdy: h2
cdn3reference.com/landings/19149/images/secure.jpg
54.230.111.104200 OK 4.3 kB URL HTTP/2 cdn3reference.com/landings/19149/images/secure.jpg
IP 54.230.111.104:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x46, components 3\012- data
Hash 72b9ecfd9fcb0a76c3eb45704b598729
bc85fc251492120e446e16fbd014a7e9196d76e2
a6a81c715b4ede35ec10faf30514bcebe49bb00120f8ff6802340419783dc642
GET /landings/19149/images/secure.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 4325
server: nginx
last-modified: Fri, 26 Feb 2016 15:36:51 GMT
accept-ranges: bytes
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: public, max-age=604800
etag: "10e5-52cae11602ac0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8FeubtxD2uBuiQlKzHJpR5nEsIvoHslIrs-5pP3Lpbw3_iy8svaj9w==
X-Firefox-Spdy: h2
cdn3reference.com/landings/19149/images/badge_en.png
54.230.111.104200 OK 5.7 kB URL HTTP/2 cdn3reference.com/landings/19149/images/badge_en.png
IP 54.230.111.104:0
File type PNG image data, 181 x 181, 8-bit colormap, non-interlaced\012- data
Hash 0cb698f971887902e7e703dfeb001dde
f82834fe43efe7e0deebfa2cc2c7bc2225b30683
81e72bc00e98421c1c6f42843a6813314b27711c0ba1f430de7baaae55e6ca09
GET /landings/19149/images/badge_en.png HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5699
server: nginx
last-modified: Fri, 26 Feb 2016 15:36:51 GMT
accept-ranges: bytes
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: public, max-age=604800
etag: "1643-52cae11602ac0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O3H4zDaObefUmV9j1_6o81iX-hll9K_k0W6faPqqbDRLIvProvfbDw==
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rm/NICX1ZCNTumtOEKXjfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rvJeufAFzkreYlqIYMbdPgg2DCQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Assistant
142.250.74.10200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Assistant
IP 142.250.74.10:0
Hash a5c8600b687a04c9a41617a281c90605
a989d9ae8b1f93c40a927c71f19585fa6bbbf5a5
49f6694c08a991e6ea408ca02633884c14df2abc1e5d4e4a00b55c6d333e1c12
GET /css?family=Assistant HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Sep 2022 21:51:38 GMT
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
single-hearts.com/c_js/main.js
52.29.139.155500 Internal Server Error 49 B URL HTTP/2 single-hearts.com/c_js/main.js
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b1dcd73c3f92cbfae5af8d6605a2648
1330b05bf866d3df1b4a972cfa8ea78baea071d3
04098a42cc43ab3c0bef45ae51b3c7adcbf39342e3b6f38b7878f950a993e687
Analyzer Verdict Alert fortinet Phishing
GET /c_js/main.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/json; charset=utf-8
content-length: 49
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
etag: W/"31-EzCwW/hm098bSpcs+o6ni66gcdM"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/bridge/ao.js
52.29.139.155200 OK 699 B URL HTTP/2 single-hearts.com/bridge/ao.js
IP 52.29.139.155:0
File type ASCII text, with very long lines (698)
Hash 6cebf45feb7e4563c5cc6295f32962e9
05b6e9f7db40c500fbf5e6751d763ee1ee9357a0
ff8435de19ba549afe5ad4813fc597bb52fdd6c5b2283d39d5211a94d5068967
Analyzer Verdict Alert fortinet Phishing
GET /bridge/ao.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
content-length: 699
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"2bb-182f916cfb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.72200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.72:0
File type ASCII text, with very long lines (4073)
Hash 220ba972fe7698c150a3c2e593b35ef0
9a646c2ac79b7b5a6eaa3ef323775864365f86dc
947cfb064d40e9364d86abc8ee21cf14d55d5fca8ef14431d5edeb4cec41de45
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 21:51:38 GMT
expires: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 688639ac92abefde0f20780a8c3cee4b
ecceb9d54bbba0bc7b3c6efa1a00c92991a1ecda
3a7fad7208578d3a2060749089672576c36c913431c8f5d05414e19d001b8093
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 21:51:38 GMT
Last-Modified: Sat, 03 Sep 2022 20:28:52 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Sha56-IhEUBlCUDgc0eBYIulPba2qPWuIlMmu03vJTzy3I2qD8JHlw==
Age: 4966
single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={}
52.29.139.155200 OK 30 kB URL HTTP/2 single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={}
IP 52.29.139.155:0
Hash ddd7d698ad60ed4ba47d0329e919d247
21b3998be285a0f7ac19cb404a55f8592232f632
71b81eb81f339784a28c6f0e116e5e7b190dc11db8362262f967b5af4271c01c
GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={} HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"20743-MGVrYsAaoJlwvGxxhf/5wWEhLAg"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94
52.29.139.155200 OK 27 B URL HTTP/2 single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af
GET /ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/json; charset=utf-8
content-length: 27
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/tds/interlayer
52.29.139.155200 OK 558 B URL HTTP/2 single-hearts.com/tds/interlayer
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash c9949444808692a352a910b9aeb67ef8
e09f26d397e7adb24e19a9e1b338bfb80377e0e7
0b4900a38879b40601d3cf484fcb674db196aa77836053de46ba27228906f19b
Analyzer Verdict Alert fortinet Phishing
POST /tds/interlayer HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 660
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/json; charset=utf-8
content-length: 558
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
etag: W/"22e-4J8m05fnrbJOGanhszi/uAN34Oc"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
retarget2core.com/fp/fp_ec.js
3.124.45.185200 OK 12 kB URL HTTP/2 retarget2core.com/fp/fp_ec.js
IP 3.124.45.185:0
File type ASCII text, with very long lines (40876)
Hash 1302c7418fde8821b406cd62a4311854
eeb5a325635f2ea1caa53ddbab0e7ecbca110fc3
abd52665a4e430bf1fda0e1cf4519b871078826bed2f843d35a5fba10dcbe83a
GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"4bd-182f916cfb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
52.29.139.155200 OK 30 B URL HTTP/2 single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1128
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
52.29.139.155200 OK 30 B URL HTTP/2 single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://single-hearts.com
Content-Length: 1189
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
52.29.139.155200 OK 30 B URL HTTP/2 single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://single-hearts.com
Content-Length: 1145
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4670
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 21:51:39 GMT
Connection: keep-alive
single-hearts.com/tds/interlayer?handler=FrodiData
52.29.139.155200 OK 503 B URL HTTP/2 single-hearts.com/tds/interlayer?handler=FrodiData
IP 52.29.139.155:0
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1614
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4670
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 21:51:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1yjBt3dqEztIRHo4yR3ZzI67J4lWUMS8R44-PpkeDJ4KNdCTPkmh-w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 04:45:35 GMT
age: 61564
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SORUPJgJ_gKKs4hSa4EzCCQA6B1dmyO1EC-gCBvFKl2R2hV0mYTeA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:39:01 GMT
age: 83558
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oVfkruFcbhPNTkqfmxD_WTeDE8aTAT8Vg3fI3IFZm9umunJ8pCE1GQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 16:18:02 GMT
age: 20017
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ae-gmZh6_b-XqqYOFEMVOB846SBOnstDphKP1asA5SG6OnVSjSr6Q==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:37:30 GMT
age: 849
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4cb62c7c522b71c62a97630d8330ef5
950611314b81428b3d80ff8659272cc800cf48b6
3fd0bbf8a1fe8776136d611d6b99b909b71e6af3a13f8794338af2f0026b59ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7975
x-amzn-requestid: d4695cb0-76ed-495c-b548-d7819edd6d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwqDSGuDIAMF6kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631023ae-7ba42ae9407c626a02d10e7f;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 03:14:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paxjtCjggGuEMbpwW1HmCdQOemdktodVUl-grweVuYke_NynMIHMlg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:54:34 GMT
age: 64625
etag: "950611314b81428b3d80ff8659272cc800cf48b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:34 GMT
age: 85745
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
52.29.139.155200 OK 20 B URL HTTP/2 single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Content-Type: application/json
Origin: https://single-hearts.com
Content-Length: 397
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
52.29.139.155200 OK 20 B URL HTTP/2 single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
IP 52.29.139.155:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Content-Type: application/json
Origin: https://single-hearts.com
Content-Length: 407
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash ff6472bbf3f6fc5c566ec301ddca0e4e
9bf2015d4830392041cd800b83cfabad495076dc
fd3b781d20f1ef849711d8364b16399f389d775fdbf0920b0fbfba2cf4d6aafc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 21:51:40 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RkhKZluO8lup3iBBxt0eOjq_V2U4MI_-eo9ryDtJ-jIYkrIbfOZ5vg==
cdn.insigit.com/image/enfp782j.png
54.230.111.36200 OK 52 kB URL HTTP/2 cdn.insigit.com/image/enfp782j.png
IP 54.230.111.36:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1504bac6ed88d874b959555e795a2aa8
772ba9222c7b64890915869704dded84483d0445
5f36bd06c1dbd76b2a54d0c57547747782f15602b72fc85aae73a569bfb54e74
GET /image/enfp782j.png HTTP/1.1
Host: cdn.insigit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 52031
date: Sat, 03 Sep 2022 06:12:19 GMT
last-modified: Tue, 25 May 2021 12:37:38 GMT
etag: "1504bac6ed88d874b959555e795a2aa8"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WlgikG91N2CmI7blRDPh7JOSqG9qyVfUcLVjn463HkdRpxfyK9ZPuA==
age: 56362
X-Firefox-Spdy: h2
single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
52.29.139.155200 OK 0 B URL HTTP/2 single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
IP 52.29.139.155:0
GET /jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2
cdn3reference.com/landings/19149/css/8328899140ff5c68ea2e9357154b5d59.css
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/landings/19149/css/8328899140ff5c68ea2e9357154b5d59.css
IP 54.230.111.104:0
GET /landings/19149/css/8328899140ff5c68ea2e9357154b5d59.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Tue, 05 Apr 2022 07:36:17 GMT
content-encoding: gzip
etag: W/"c5b-5dbe34cda7e40"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sSIoq2AeWbiyj3Y25dLf6Hy9xUPi1pgX1ewMWwx-JTKmA4eYS7wQug==
X-Firefox-Spdy: h2
single-hearts.com/integration.js
52.29.139.155200 OK 0 B URL HTTP/2 single-hearts.com/integration.js
IP 52.29.139.155:0
Analyzer Verdict Alert fortinet Phishing
GET /integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"716-ojM5iCH88iIxJOJMLArtlL+5nAA"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&dci=8d995bc04adf509caffad6627766fd10291cb637&j_type=open&jump=19149&jump_name=
3.124.45.185200 OK 0 B URL HTTP/2 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&dci=8d995bc04adf509caffad6627766fd10291cb637&j_type=open&jump=19149&jump_name=
IP 3.124.45.185:0
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&dci=8d995bc04adf509caffad6627766fd10291cb637&j_type=open&jump=19149&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=1ffe092268366db0238c8b49da37b1dd17370917; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Sun, 03 Sep 2023 21:51:39 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn3reference.com/images/jump-favicon.ico
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/images/jump-favicon.ico
IP 54.230.111.104:0
GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
server: nginx
date: Sat, 03 Sep 2022 21:51:39 GMT
last-modified: Fri, 05 Dec 2014 08:28:50 GMT
etag: W/"47e-50973ddcdee10"
cache-control: public, max-age=604800
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XAgzmDJbSpefpu_Kn7wr635DTc2yHWsgWAq8wgWz9BQ69LPUwbNXNQ==
X-Firefox-Spdy: h2
single-hearts.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
52.29.139.155200 OK 0 B URL HTTP/2 single-hearts.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP 52.29.139.155:0
GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn3reference.com/js/dc_img.js?v=8
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/js/dc_img.js?v=8
IP 54.230.111.104:0
GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
content-encoding: gzip
etag: W/"1e8-5b2cbd0d9620d"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xFHhEARwKK0qpOwb5kql0DP_9S5NE8kdA0yrslDcpM9Bu4HZfgHa2A==
X-Firefox-Spdy: h2
cdn3reference.com/landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js
IP 54.230.111.104:0
GET /landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Tue, 05 Apr 2022 07:36:17 GMT
content-encoding: gzip
etag: W/"17964-5dbe34cda7e40"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L15jwpIvG7kwJp-lT3uiorPT9uvry7uJrYZ5rYHLxoogN7tQwPV5AQ==
X-Firefox-Spdy: h2
single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
52.29.139.155200 OK 0 B URL HTTP/2 single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP 52.29.139.155:0
GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"3618-9ed/OEy8vz7rjbdqFEtBQWDzwP8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
IP 54.230.111.104:0
GET /js/webPushMotivationPopupSmall.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Wed, 31 Oct 2018 08:29:51 GMT
content-encoding: gzip
etag: W/"22c1-579821b2406fb"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J09eL0kQlP_6QUEt8GX20dNAw2DAGVY5tJTo0RXrEH_sWVb4nIZSZQ==
X-Firefox-Spdy: h2
cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
IP 54.230.111.104:0
GET /css/webPushMotivationPopupSmall.css?v=2 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Wed, 31 Oct 2018 08:31:29 GMT
content-encoding: gzip
etag: W/"1340-5798220f78880"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xIwG84RpvswCVzaRSwC17Fj3rs5aIiV7fHaKuveeDLehuhi3j44-vQ==
X-Firefox-Spdy: h2
single-hearts.com/bridge/frodi_data.js
52.29.139.155200 OK 0 B URL HTTP/2 single-hearts.com/bridge/frodi_data.js
IP 52.29.139.155:0
Analyzer Verdict Alert fortinet Phishing
GET /bridge/frodi_data.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"19f8-182f916cfb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2