Report - single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm

Report Overview

Submitted URL
single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285
IP
52.29.139.155
ASN
#16509 AMAZON-02
Submitted
2022-09-03 21:51:48
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdn3reference.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	147 kB	54.230.111.104
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	15 kB	142.250.74.10
retarget2core.com	86164	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	925 B	13 kB	3.124.45.185
single-hearts.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	39 kB	52.29.139.155
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.38.146.2
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	49 kB	142.250.74.72
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.7 kB	54.230.245.118
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	736 B	93.184.220.29
cdn.insigit.com	255288	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	52 kB	54.230.111.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-03	medium	single-hearts.com/c_js/main.js	Phishing
2022-09-03	medium	single-hearts.com/bridge/ao.js	Phishing
2022-09-03	medium	single-hearts.com/tds/interlayer	Phishing
2022-09-03	medium	single-hearts.com/integration.js	Phishing
2022-09-03	medium	single-hearts.com/bridge/frodi_data.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8	8.9 kB	2023-03-07	2023-05-14
Pretty URL cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8 IP 54.230.111.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen2 Hash c0fafab6f2cbb33a818ba23d30f68842 c016126575618881427fdc86eed31717844f0573 85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07	2024-04-26
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-04-26 10:27:18 Times Seen45979 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	single-hearts.com/bridge/ao.js	699 B	2023-03-07	2023-05-14
Pretty URL single-hearts.com/bridge/ao.js IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen2 Hash 6cebf45feb7e4563c5cc6295f32962e9 05b6e9f7db40c500fbf5e6751d763ee1ee9357a0 ff8435de19ba549afe5ad4813fc597bb52fdd6c5b2283d39d5211a94d5068967 Loading...

	single-hearts.com/bridge/frodi_data.js	6.6 kB	2023-03-07	2023-12-25
Pretty URL single-hearts.com/bridge/frodi_data.js IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-12-25 02:16:58 Times Seen154 Hash acba46edbe151b3ac5b3a3ad6adb6852 967fc6c8942a27986534f16a8a5ae2f71b0481bf 544d040fe3985f2f3f2f519c6db58110b24d23c8b13e794a988ec90a05b48658 Loading...

	www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js	41 kB	2023-03-07	2024-03-15
Pretty URL www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-03-15 04:59:29 Times Seen198 Hash 52b93c8b7bb7aef40485730815c2740e 255cf5423f46a8ab94f42afa2df47db7ebac8e5c fe26228f1a864cab3d5ec46c99bed380a8194c2c3ec19ad0f82b2910e901ca54 Loading...

	single-hearts.com/bridge/intg.js?v=8	332 B	2023-03-07	2023-03-17
Pretty URL single-hearts.com/bridge/intg.js?v=8 IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-03-17 12:46:20 Times Seen1 Hash 0f6fbbd07a1685324878c88a0df767f5 7adeeb456eb8b962e14b375440b1b045c347ccf4 f4a2a2209b303ea619087222998e4d4c5bc08621a10a0b0232caa9c866a0ef5c Loading...

	cdn3reference.com/landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js	97 kB	2023-03-07	2023-10-15
Pretty URL cdn3reference.com/landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js IP 54.230.111.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-10-15 21:04:11 Times Seen9 Hash 444dc26c4fe211bc58ceb10e951da098 90db3b1a8e8752babc2ad55f408fb3ab8365c03e a7e4162346c0c0ba8826e7ad8e23cc04a06a9edca1d1f7d3fc97e1ddeddaca0c Loading...

	single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94	470 B	2023-03-07	2023-11-18
Pretty URL single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94 IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-11-18 13:50:50 Times Seen6 Hash 2259418e6941913d6869b707207cc51e 55d3159b59b69e831a2397b1500279a37c34f405 01043919046d6a8430a283e4acb3f821f3d52545aef7e7128a9084ee337e7305 Loading...

	single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94	355 B	2023-03-07	2023-05-09
Pretty URL single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94 IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-05-09 06:50:28 Times Seen3 Hash 2023da0ae491dbcc888af0b755ec3518 4df8421248cf478e839711d3000fdee51b78c0e9 003a35da0b6dab4a52bc2fbaad5358a7b1848114840b7911252034a5b6e8b57b Loading...

	single-hearts.com/mtu-integration.js	4.7 kB	2023-03-07	2023-03-17
Pretty URL single-hearts.com/mtu-integration.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-03-17 10:39:58 Times Seen1 Hash 1b1ebfc98b999319cca3176722829696 0f8d87f49d35ab521d0cbc13d1730263e200c610 d8fd65c1f3e787cba9520a2e0cd2841c7240f0af926d0336a483da26b19a2c24 Loading...

	retarget2core.com/fp/fp_ec.js	1.2 kB	2023-03-07	2023-03-29
Pretty URL retarget2core.com/fp/fp_ec.js IP 3.124.45.185 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-03-29 23:19:33 Times Seen17 Hash 6faaf5b255433abc88fbe4a547ac7784 c60ab4a050864bbd815922e5abade6d5af4333a6 7eda108904da9c98eeeeab666426197e6738b78dfd103a653897d14366e2cd20 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer	128 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-03-07 12:29:09 Times Seen1 Hash a2057bc735b1e406b67c19c8bb55fb38 0c7d6256afb53d926a71f0026e7e7ca780857452 8f8452b35fc480a6c8945cead36cca9b9e4e0d6f28d8b26618c2072760f825f6 Loading...

	single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={}	133 kB	2023-03-07	2023-03-07
Pretty URL single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={} IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-03-07 12:29:09 Times Seen1 Hash 1d5350a03aa5e980be24af7947ffd523 30656b62c01aa09970bc6c7185fff9c161212c08 dee1f12a68196bff29499b9939247fb8e7bddfc3038802967d24149d4f8bf783 Loading...

	single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94	446 B	2023-03-07	2023-03-07
Pretty URL single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94 IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-03-07 12:29:09 Times Seen1 Hash 61816df5639cc6d71857701f94fe8850 cfbcd25adcb8b7fac70b262d3b7b1ed6f1333bf4 67f9ceb1a079254dfe1660c8c19b1a0876cad4796778b8a154d8501fbae45384 Loading...

	cdn3reference.com/js/dc_img.js?v=8	488 B	2023-03-07	2023-05-14
Pretty URL cdn3reference.com/js/dc_img.js?v=8 IP 54.230.111.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen18 Hash 866e1e7da88eb0918114ea04e4379f40 cb9ed6b52f93bead89eb5da6d618c9b58b34a2b5 ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53 Loading...

	single-hearts.com/integration.js	1.8 kB	2023-03-07	2023-03-17
Pretty URL single-hearts.com/integration.js IP 52.29.139.155 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:09 Last Seen2023-03-17 12:45:17 Times Seen1 Hash abf4216db807c0a3199390b96db1ad08 a233398821fcf2223124e24c2c0aed94bfb99c00 f67f2e720585c431d68cce9301934f6fa5e39de6c043b3e44f11935951ee8b1c Loading...

		Size	First Seen	Last Seen
	#1 Eval - ca45c42226c1d974d33ba66f5fbec226	273 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:31:53 Last Seen2024-04-24 09:26:55 Times Seen299 Hash ca45c42226c1d974d33ba66f5fbec226 acdf858cb51509213a6b58ea26c99788ffa9ba51 8f61ee4a89b9d76a579f5ed446960dc9aba5dad5f67f5676bc5aab5f8fe726b3 Loading...

HTTP Transactions (56)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 21:43:17 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mcr5PwtKnGs6m5eo095d-nGomjvjfzWbZsEe-GIiLh9JGiVZSRsu4Q==
Age: 500

single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285

52.29.139.155

302 Found

0 B

URL HTTP/1.1
single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=1023dbf9bb2dedfdb2828b99b287ea&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Sat, 03 Sep 2022 21:51:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=8d995bc04adf509caffad6627766fd10291cb637; Max-Age=31536000; Domain=.single-hearts.com; Path=/; Expires=Sun, 03 Sep 2023 21:51:37 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Thu, 08 Sep 2022 21:51:37 GMT
Location: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4585
Expires: Sat, 03 Sep 2022 23:08:02 GMT
Date: Sat, 03 Sep 2022 21:51:37 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: X3C_N23B7PLTzLvYFjRfmbjigonxvtW8x4ZC_UKGhXHWPYW-3RQwnw==
age: 74180
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 21:51:37 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
94e084795d2eeaa63fa12c16ea49e37e
0a8d54ce04fdf2e1707684936d3c99418dfd76a8
a0c49f155938fcbbd675cd1645257eacfb1b12d8fb1d5ff74ca26bc5a4298fad

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 21:51:37 GMT
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Dems0VdtjVs0OIRjf1Oz9Em9CebaEASoSxnIxwNhXmnOOxN6VAZjHQ==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 03 Sep 2022 21:38:16 GMT
Cache-Control: max-age=3600
Expires: Sat, 03 Sep 2022 21:45:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z7C1pZNvGClu95I3D7rPPG8uRJA1wiPIEoi-eBU-ZAVyMgbzALaWtA==
Age: 802

single-hearts.com/bridge/intg.js?v=8

52.29.139.155

200 OK

332 B

URL HTTP/2
single-hearts.com/bridge/intg.js?v=8
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (331)
Size
332 B (332 bytes)
Hash
0f6fbbd07a1685324878c88a0df767f5
7adeeb456eb8b962e14b375440b1b045c347ccf4
f4a2a2209b303ea619087222998e4d4c5bc08621a10a0b0232caa9c866a0ef5c

HTTP Headers

GET /bridge/intg.js?v=8 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
content-length: 332
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"14c-182f916cfb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4fc12f0a98aa28ccb56e0b56d7e40ded
f7efcfb8b4f4aa40268bada3fec380820a70ee35
a34aa9b7db949a583c3f1b4d87fed415a11d119c9615b5e710c3125173f8a277

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 352
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Last-Modified: Sat, 03 Sep 2022 21:45:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

cdn3reference.com/landings/19149/images/girl_img.png

54.230.111.104

200 OK

133 kB

URL HTTP/2
cdn3reference.com/landings/19149/images/girl_img.png
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
PNG image data, 300 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
133 kB (132972 bytes)
Hash
c624c79141edd34a8d5c9eb8a9dcf720
40ad5bccb7e1a4c3d608302521c60dc802a16bc8
012e869b31731a90996a0edc71208e30a2bd5e3f815f3b49b54d172e490cf3b9

HTTP Headers

GET /landings/19149/images/girl_img.png HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 132972
server: nginx
last-modified: Fri, 26 Feb 2016 15:36:51 GMT
accept-ranges: bytes
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: public, max-age=604800
etag: "2076c-52cae11602ac0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GHuLzAlsxQN67WXA3WSpid41pCoiYALytCO7hKaPur6P6JP6TnLzdg==
X-Firefox-Spdy: h2

cdn3reference.com/landings/19149/images/secure.jpg

54.230.111.104

200 OK

4.3 kB

URL HTTP/2
cdn3reference.com/landings/19149/images/secure.jpg
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 92x46, components 3\012- data
Size
4.3 kB (4325 bytes)
Hash
72b9ecfd9fcb0a76c3eb45704b598729
bc85fc251492120e446e16fbd014a7e9196d76e2
a6a81c715b4ede35ec10faf30514bcebe49bb00120f8ff6802340419783dc642

HTTP Headers

GET /landings/19149/images/secure.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 4325
server: nginx
last-modified: Fri, 26 Feb 2016 15:36:51 GMT
accept-ranges: bytes
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: public, max-age=604800
etag: "10e5-52cae11602ac0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8FeubtxD2uBuiQlKzHJpR5nEsIvoHslIrs-5pP3Lpbw3_iy8svaj9w==
X-Firefox-Spdy: h2

cdn3reference.com/landings/19149/images/badge_en.png

54.230.111.104

200 OK

5.7 kB

URL HTTP/2
cdn3reference.com/landings/19149/images/badge_en.png
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
PNG image data, 181 x 181, 8-bit colormap, non-interlaced\012- data
Size
5.7 kB (5699 bytes)
Hash
0cb698f971887902e7e703dfeb001dde
f82834fe43efe7e0deebfa2cc2c7bc2225b30683
81e72bc00e98421c1c6f42843a6813314b27711c0ba1f430de7baaae55e6ca09

HTTP Headers

GET /landings/19149/images/badge_en.png HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 5699
server: nginx
last-modified: Fri, 26 Feb 2016 15:36:51 GMT
accept-ranges: bytes
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: public, max-age=604800
etag: "1643-52cae11602ac0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O3H4zDaObefUmV9j1_6o81iX-hll9K_k0W6faPqqbDRLIvProvfbDw==
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.38.146.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rm/NICX1ZCNTumtOEKXjfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rvJeufAFzkreYlqIYMbdPgg2DCQ=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Assistant

142.250.74.10

200 OK

14 kB

URL HTTP/2
fonts.googleapis.com/css?family=Assistant
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
14 kB (14367 bytes)
Hash
a5c8600b687a04c9a41617a281c90605
a989d9ae8b1f93c40a927c71f19585fa6bbbf5a5
49f6694c08a991e6ea408ca02633884c14df2abc1e5d4e4a00b55c6d333e1c12

HTTP Headers

GET /css?family=Assistant HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Sep 2022 21:51:38 GMT
date: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9439a7cde73fea464c1463febdda0556
6a0030d4f26b2e9658700708c82e7ce6120ce93c
c3a5a489f4ef8c8cce54dbd819c5cf573740317ea3718ccd6804a03374739199

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

single-hearts.com/c_js/main.js

52.29.139.155

500 Internal Server Error

49 B

URL HTTP/2
single-hearts.com/c_js/main.js
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
3b1dcd73c3f92cbfae5af8d6605a2648
1330b05bf866d3df1b4a972cfa8ea78baea071d3
04098a42cc43ab3c0bef45ae51b3c7adcbf39342e3b6f38b7878f950a993e687

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /c_js/main.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/json; charset=utf-8
content-length: 49
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
etag: W/"31-EzCwW/hm098bSpcs+o6ni66gcdM"
vary: Accept-Encoding
X-Firefox-Spdy: h2

single-hearts.com/bridge/ao.js

52.29.139.155

200 OK

699 B

URL HTTP/2
single-hearts.com/bridge/ao.js
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (698)
Size
699 B (699 bytes)
Hash
6cebf45feb7e4563c5cc6295f32962e9
05b6e9f7db40c500fbf5e6751d763ee1ee9357a0
ff8435de19ba549afe5ad4813fc597bb52fdd6c5b2283d39d5211a94d5068967

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/ao.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
content-length: 699
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"2bb-182f916cfb0"
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

142.250.74.72

200 OK

48 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4073)
Size
48 kB (48014 bytes)
Hash
220ba972fe7698c150a3c2e593b35ef0
9a646c2ac79b7b5a6eaa3ef323775864365f86dc
947cfb064d40e9364d86abc8ee21cf14d55d5fca8ef14431d5edeb4cec41de45

HTTP Headers

GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Sep 2022 21:51:38 GMT
expires: Sat, 03 Sep 2022 21:51:38 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48014
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cc6ea3e01d1d6b8c4b28ff64d3b795a7
017457c6f5a63157102485a956c667aad36d33ef
e6fe903f67363d3e92b929e274f0de7c2f6a15b6df1806198199440ed0fe221e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
688639ac92abefde0f20780a8c3cee4b
ecceb9d54bbba0bc7b3c6efa1a00c92991a1ecda
3a7fad7208578d3a2060749089672576c36c913431c8f5d05414e19d001b8093

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 21:51:38 GMT
Last-Modified: Sat, 03 Sep 2022 20:28:52 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Sha56-IhEUBlCUDgc0eBYIulPba2qPWuIlMmu03vJTzy3I2qD8JHlw==
Age: 4966

single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={}

52.29.139.155

200 OK

30 kB

URL HTTP/2
single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={}
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
data
Size
30 kB (29524 bytes)
Hash
ddd7d698ad60ed4ba47d0329e919d247
21b3998be285a0f7ac19cb404a55f8592232f632
71b81eb81f339784a28c6f0e116e5e7b190dc11db8362262f967b5af4271c01c

HTTP Headers

GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94&uaDataValues={} HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"20743-MGVrYsAaoJlwvGxxhf/5wWEhLAg"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94

52.29.139.155

200 OK

27 B

URL HTTP/2
single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af

HTTP Headers

GET /ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Ftds_cid%3D9488aa473633fb19ba939f2a4ae73bae2f5700f1%26tds_ac_id%3Ds7016shm%26tds_host%3Dsingle-hearts.com%26s3%3D1285%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%253D%253D%26utm_source%3Dddm%26tds_oid%3D19149%26tds_rt%3D%26utm_content%3D2254%26data2%3D1023dbf9bb2dedfdb2828b99b287ea%26tds_id%3Db1023rie_jump_a_1587034661799%26tds_ao%3D3%26id%3D19149%26s1%3Ddd%26tds_campaign%3Db1023rie%26dci%3D8d995bc04adf509caffad6627766fd10291cb637%26utm_campaign%3Da78ddb94 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/json; charset=utf-8
content-length: 27
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
vary: Accept-Encoding
X-Firefox-Spdy: h2

single-hearts.com/tds/interlayer

52.29.139.155

200 OK

558 B

URL HTTP/2
single-hearts.com/tds/interlayer
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Size
558 B (558 bytes)
Hash
c9949444808692a352a910b9aeb67ef8
e09f26d397e7adb24e19a9e1b338bfb80377e0e7
0b4900a38879b40601d3cf484fcb674db196aa77836053de46ba27228906f19b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /tds/interlayer HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 660
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/json; charset=utf-8
content-length: 558
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
etag: W/"22e-4J8m05fnrbJOGanhszi/uAN34Oc"
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

retarget2core.com/fp/fp_ec.js

3.124.45.185

200 OK

12 kB

URL HTTP/2
retarget2core.com/fp/fp_ec.js
IP
3.124.45.185:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (40876)
Size
12 kB (11572 bytes)
Hash
1302c7418fde8821b406cd62a4311854
eeb5a325635f2ea1caa53ddbab0e7ecbca110fc3
abd52665a4e430bf1fda0e1cf4519b871078826bed2f843d35a5fba10dcbe83a

HTTP Headers

GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"4bd-182f916cfb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98125354dbaa891018a9429a7aae3ea1
a692cc9a073c9666971db41444342fc9d7dab2e2
771b96e4fb485d1ef041ee20fc060bb5b4b521043ec7a51ceaccefcbe837bd4f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 21:51:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=

52.29.139.155

200 OK

30 B

URL HTTP/2
single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

HTTP Headers

POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1128
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=

52.29.139.155

200 OK

30 B

URL HTTP/2
single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

HTTP Headers

POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://single-hearts.com
Content-Length: 1189
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=

52.29.139.155

200 OK

30 B

URL HTTP/2
single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64

HTTP Headers

POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://single-hearts.com
Content-Length: 1145
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4670
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 21:51:39 GMT
Connection: keep-alive

single-hearts.com/tds/interlayer?handler=FrodiData

52.29.139.155

200 OK

503 B

URL HTTP/2
single-hearts.com/tds/interlayer?handler=FrodiData
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1614
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4670
Expires: Sat, 03 Sep 2022 23:09:29 GMT
Date: Sat, 03 Sep 2022 21:51:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4994 bytes)
Hash
60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1yjBt3dqEztIRHo4yR3ZzI67J4lWUMS8R44-PpkeDJ4KNdCTPkmh-w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 04:45:35 GMT
age: 61564
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6976 bytes)
Hash
c199f7fc2a2857dec134bfdb2673e28c
af3989072b658e2de119d006ae4ca1703468913d
e57411ba0221f6ffa7baf7c374ec790959a66d6a683fad40883ef01cf67e35c3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc55d0c73-4085-42ac-acb4-1ae9b2ffb393.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: da379546-9525-4e13-b9f0-a6446839df66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eNeG7kIAMF4-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63127722-37399f67565b06e7111095cd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5SORUPJgJ_gKKs4hSa4EzCCQA6B1dmyO1EC-gCBvFKl2R2hV0mYTeA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:39:01 GMT
age: 83558
etag: "af3989072b658e2de119d006ae4ca1703468913d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9642 bytes)
Hash
d0c1e7f6c9e17585905fdbe9ae4da50b
67192f5be476ac4dada66dc9fbe26469d62e2d78
21ca880b36bbb7791f8df2bf9830f11a960692123dd6dde5be42bda004dc428b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8cc83cf-4aef-486b-b775-ed3cb57c8e2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9642
x-amzn-requestid: 52c698d7-6419-4614-9c53-68a265266337
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjbEvgoAMFkKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-547a72850cce71da013383f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oVfkruFcbhPNTkqfmxD_WTeDE8aTAT8Vg3fI3IFZm9umunJ8pCE1GQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 16:18:02 GMT
age: 20017
etag: "67192f5be476ac4dada66dc9fbe26469d62e2d78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ae-gmZh6_b-XqqYOFEMVOB846SBOnstDphKP1asA5SG6OnVSjSr6Q==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 21:37:30 GMT
age: 849
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7975 bytes)
Hash
f4cb62c7c522b71c62a97630d8330ef5
950611314b81428b3d80ff8659272cc800cf48b6
3fd0bbf8a1fe8776136d611d6b99b909b71e6af3a13f8794338af2f0026b59ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e13cf1-38c2-4f82-a50c-b409a24f3af6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7975
x-amzn-requestid: d4695cb0-76ed-495c-b548-d7819edd6d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XwqDSGuDIAMF6kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631023ae-7ba42ae9407c626a02d10e7f;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 03:14:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paxjtCjggGuEMbpwW1HmCdQOemdktodVUl-grweVuYke_NynMIHMlg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:54:34 GMT
age: 64625
etag: "950611314b81428b3d80ff8659272cc800cf48b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7501 bytes)
Hash
23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 22:02:34 GMT
age: 85745
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=

52.29.139.155

200 OK

20 B

URL HTTP/2
single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

HTTP Headers

POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Content-Type: application/json
Origin: https://single-hearts.com
Content-Length: 397
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=

52.29.139.155

200 OK

20 B

URL HTTP/2
single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

HTTP Headers

POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Content-Type: application/json
Origin: https://single-hearts.com
Content-Length: 407
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ff6472bbf3f6fc5c566ec301ddca0e4e
9bf2015d4830392041cd800b83cfabad495076dc
fd3b781d20f1ef849711d8364b16399f389d775fdbf0920b0fbfba2cf4d6aafc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sat, 03 Sep 2022 21:51:40 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RkhKZluO8lup3iBBxt0eOjq_V2U4MI_-eo9ryDtJ-jIYkrIbfOZ5vg==

cdn.insigit.com/image/enfp782j.png

54.230.111.36

200 OK

52 kB

URL HTTP/2
cdn.insigit.com/image/enfp782j.png
IP
54.230.111.36:0
ASN
#16509 AMAZON-02

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
52 kB (52031 bytes)
Hash
1504bac6ed88d874b959555e795a2aa8
772ba9222c7b64890915869704dded84483d0445
5f36bd06c1dbd76b2a54d0c57547747782f15602b72fc85aae73a569bfb54e74

HTTP Headers

GET /image/enfp782j.png HTTP/1.1
Host: cdn.insigit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 52031
date: Sat, 03 Sep 2022 06:12:19 GMT
last-modified: Tue, 25 May 2021 12:37:38 GMT
etag: "1504bac6ed88d874b959555e795a2aa8"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WlgikG91N2CmI7blRDPh7JOSqG9qyVfUcLVjn463HkdRpxfyK9ZPuA==
age: 56362
X-Firefox-Spdy: h2

single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94

52.29.139.155

200 OK

0 B

URL HTTP/2
single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2

cdn3reference.com/landings/19149/css/8328899140ff5c68ea2e9357154b5d59.css

54.230.111.104

200 OK

0 B

URL HTTP/2
cdn3reference.com/landings/19149/css/8328899140ff5c68ea2e9357154b5d59.css
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landings/19149/css/8328899140ff5c68ea2e9357154b5d59.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Tue, 05 Apr 2022 07:36:17 GMT
content-encoding: gzip
etag: W/"c5b-5dbe34cda7e40"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sSIoq2AeWbiyj3Y25dLf6Hy9xUPi1pgX1ewMWwx-JTKmA4eYS7wQug==
X-Firefox-Spdy: h2

single-hearts.com/integration.js

52.29.139.155

200 OK

0 B

URL HTTP/2
single-hearts.com/integration.js
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"716-ojM5iCH88iIxJOJMLArtlL+5nAA"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&dci=8d995bc04adf509caffad6627766fd10291cb637&j_type=open&jump=19149&jump_name=

3.124.45.185

200 OK

0 B

URL HTTP/2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&dci=8d995bc04adf509caffad6627766fd10291cb637&j_type=open&jump=19149&jump_name=
IP
3.124.45.185:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&dci=8d995bc04adf509caffad6627766fd10291cb637&j_type=open&jump=19149&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=1ffe092268366db0238c8b49da37b1dd17370917; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Sun, 03 Sep 2023 21:51:39 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2

cdn3reference.com/images/jump-favicon.ico

54.230.111.104

200 OK

0 B

URL HTTP/2
cdn3reference.com/images/jump-favicon.ico
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
server: nginx
date: Sat, 03 Sep 2022 21:51:39 GMT
last-modified: Fri, 05 Dec 2014 08:28:50 GMT
etag: W/"47e-50973ddcdee10"
cache-control: public, max-age=604800
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XAgzmDJbSpefpu_Kn7wr635DTc2yHWsgWAq8wgWz9BQ69LPUwbNXNQ==
X-Firefox-Spdy: h2

single-hearts.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=

52.29.139.155

200 OK

0 B

URL HTTP/2
single-hearts.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdn3reference.com/js/dc_img.js?v=8

54.230.111.104

200 OK

0 B

URL HTTP/2
cdn3reference.com/js/dc_img.js?v=8
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
content-encoding: gzip
etag: W/"1e8-5b2cbd0d9620d"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xFHhEARwKK0qpOwb5kql0DP_9S5NE8kdA0yrslDcpM9Bu4HZfgHa2A==
X-Firefox-Spdy: h2

cdn3reference.com/landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js

54.230.111.104

200 OK

0 B

URL HTTP/2
cdn3reference.com/landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /landings/19149/js/444dc26c4fe211bc58ceb10e951da098.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Tue, 05 Apr 2022 07:36:17 GMT
content-encoding: gzip
etag: W/"17964-5dbe34cda7e40"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L15jwpIvG7kwJp-lT3uiorPT9uvry7uJrYZ5rYHLxoogN7tQwPV5AQ==
X-Firefox-Spdy: h2

single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=

52.29.139.155

200 OK

0 B

URL HTTP/2
single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:39 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"3618-9ed/OEy8vz7rjbdqFEtBQWDzwP8"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8

54.230.111.104

200 OK

0 B

URL HTTP/2
cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/webPushMotivationPopupSmall.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Wed, 31 Oct 2018 08:29:51 GMT
content-encoding: gzip
etag: W/"22c1-579821b2406fb"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J09eL0kQlP_6QUEt8GX20dNAw2DAGVY5tJTo0RXrEH_sWVb4nIZSZQ==
X-Firefox-Spdy: h2

cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2

54.230.111.104

200 OK

0 B

URL HTTP/2
cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css/webPushMotivationPopupSmall.css?v=2 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 03 Sep 2022 21:51:38 GMT
last-modified: Wed, 31 Oct 2018 08:31:29 GMT
content-encoding: gzip
etag: W/"1340-5798220f78880"
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xIwG84RpvswCVzaRSwC17Fj3rs5aIiV7fHaKuveeDLehuhi3j44-vQ==
X-Firefox-Spdy: h2

single-hearts.com/bridge/frodi_data.js

52.29.139.155

200 OK

0 B

URL HTTP/2
single-hearts.com/bridge/frodi_data.js
IP
52.29.139.155:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/frodi_data.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?tds_cid=9488aa473633fb19ba939f2a4ae73bae2f5700f1&tds_ac_id=s7016shm&tds_host=single-hearts.com&s3=1285&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9lOTUxNzU3NDhjMWEwNmRlODViNWY2MThmOGIxMmIzYz9fX3Q9MTY2MjI0MTg5NzU1MSZfX2w9MzYwMA%3D%3D&utm_source=ddm&tds_oid=19149&tds_rt=&utm_content=2254&data2=1023dbf9bb2dedfdb2828b99b287ea&tds_id=b1023rie_jump_a_1587034661799&tds_ao=3&id=19149&s1=dd&tds_campaign=b1023rie&dci=8d995bc04adf509caffad6627766fd10291cb637&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Sep 2022 21:51:38 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Thu, 01 Sep 2022 12:46:38 GMT
etag: W/"19f8-182f916cfb0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations