Overview

URL4.us.silverwinds.xyz/feed/?link=true&tid=4&subid=4.us.android.chrome&ref=t3.hightid.com&s1=6386708f9979e95a72389068
IP 23.235.251.114 (United States)
ASN#19437 SS-ASH
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 20:50:50 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (19)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
pdxx-7fmavzpxk2xlm-4-2.lowsea.fun (1) 0 2022-08-21 08:58:43 UTC 2022-11-29 12:46:17 UTC 5.161.78.177 Unknown ranking
ron.trffclb.com (1) 0 2022-09-30 13:04:48 UTC 2022-11-29 09:00:19 UTC 51.83.143.92 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
popcash.net (1) 11104 2017-07-19 16:41:38 UTC 2022-11-29 19:19:44 UTC 104.21.52.38
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-29 06:48:06 UTC 142.250.74.168
www.affectionwave.com (44) 0 2019-07-06 13:07:41 UTC 2022-11-27 14:46:48 UTC 178.62.22.16 Unknown ranking
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
leche.labtrffc.com (1) 0 2021-02-18 14:08:36 UTC 2022-11-26 14:33:22 UTC 51.83.143.92 Domain (labtrffc.com) ranked at: 87846
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.62.5
4.us.silverwinds.xyz (1) 0 2022-03-31 16:01:00 UTC 2022-11-29 12:46:35 UTC 23.235.251.114 Unknown ranking
redir.tealwinds.xyz (1) 0 2022-07-28 05:22:11 UTC 2022-11-29 12:46:01 UTC 198.211.113.186 Domain (tealwinds.xyz) ranked at: 178693
samba.trffclb.com (3) 0 2022-09-30 11:20:25 UTC 2022-11-29 12:46:00 UTC 51.83.143.92 Unknown ranking
ps.popcash.net (2) 67692 No data No data 54.205.43.136
dipaka-ead.com (1) 0 2022-10-31 13:23:43 UTC 2022-11-29 06:12:52 UTC 3.208.247.235 Unknown ranking
ocsp.pki.goog (1) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 216.58.211.3
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
r3.o.lencr.org (12) 344 No data No data 23.36.76.226

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 ps.popcash.net/go/134600/317194 Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-29 2 trffclb.com Sinkholed
2022-11-29 2 trffclb.com Sinkholed
2022-11-29 2 trffclb.com Sinkholed
2022-11-29 2 trffclb.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 23.235.251.114
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114
2023-01-25 06:47:03 +0000 0 - 0 - 1 21.us.tealwinds.xyz/feed/?link=true&tid=21&su (...) 23.235.251.114
2023-01-19 15:47:03 +0000 0 - 0 - 2 60.us.tealwinds.xyz/feed/?link=true&tid=60&su (...) 23.235.251.114


Last 5 reports on ASN: SS-ASH
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-02-03 20:22:48 +0000 0 - 0 - 2 8.us.tealwinds.xyz/feed/?link=true&tid=8&subi (...) 23.235.251.114
2023-02-01 20:53:46 +0000 0 - 0 - 22 www.montereycountyclinicservices.org/ 131.153.100.222
2023-01-31 07:05:58 +0000 0 - 0 - 4 www.afamag.com/ 131.153.100.9
2023-01-29 16:07:50 +0000 0 - 2 - 2 66.us.tealwinds.xyz/feed/?link=true&tid=66&su (...) 23.235.251.114


Last 5 reports on domain: silverwinds.xyz
Date UQ / IDS / BL URL IP
2023-02-05 11:22:44 +0000 0 - 0 - 2 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-01-07 13:28:13 +0000 0 - 1 - 0 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2023-01-07 00:59:48 +0000 0 - 1 - 0 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2022-12-25 03:49:03 +0000 0 - 1 - 0 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114
2022-12-23 00:58:03 +0000 0 - 2 - 5 4.us.silverwinds.xyz/feed/?link=true&tid=4&su (...) 23.235.251.114


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-11 04:03:42 +0000 0 - 0 - 3 pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?s (...) 5.161.78.177
2023-01-08 09:11:42 +0000 0 - 0 - 5 t3.blowingwnd.com/p.php?p=c:8pnojh5wwryg9ycmq (...) 51.161.115.163
2023-01-07 01:20:01 +0000 0 - 0 - 1 pollo.trffcsource.com/l.php?p=c:j1z0vtg8710ah (...) 51.83.143.92
2023-01-04 15:30:29 +0000 0 - 0 - 1 samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv (...) 51.83.143.92
2022-12-30 22:47:55 +0000 0 - 0 - 4 track.gositego.live/sl?id=6372315a14cb732daa6 (...) 34.141.179.97

JavaScript

Executed Scripts (31)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (84)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2772
Expires: Tue, 29 Nov 2022 21:36:50 GMT
Date: Tue, 29 Nov 2022 20:50:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14526
Expires: Wed, 30 Nov 2022 00:52:44 GMT
Date: Tue, 29 Nov 2022 20:50:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5285
Cache-Control: max-age=140918
Date: Tue, 29 Nov 2022 20:50:38 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:59:16 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 8TXYb4Z3qklBBjL8XNEcDfp/FkHlWGvmSqbfiM2PgRkp6XJhcveWvafIWCbRhpqJrVvdVxhaR7o=
x-amz-request-id: MQZKZDSA2215YPQ8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 20:44:57 GMT
age: 341
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 20:19:38 GMT
cache-control: public,max-age=3600
age: 1861
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:39 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 20:08:56 GMT
cache-control: public,max-age=3600
age: 2503
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4544
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 20:50:39 GMT
Last-Modified: Tue, 29 Nov 2022 19:34:55 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uA7qtRRyxOsWjbcdS3A/tQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.62.5
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PVAe8WxGMx0n7ep7depofA599FA=

                                        
                                            GET /feed/?link=true&tid=4&subid=4.us.android.chrome&ref=t3.hightid.com&s1=6386708f9979e95a72389068 HTTP/1.1 
Host: 4.us.silverwinds.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         23.235.251.114
HTTP/1.1 301 Moved Permanently
                                        
Cache-Control: no-cache
Location: https://redir.tealwinds.xyz/click/invalid/?tid=4&subid=4.us.android.chrome
Date: Tue, 29 Nov 2022 20:50:39 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Transfer-Encoding: chunked

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "32F53F4B97392A485906BEF67EF9B482F2032D0C22928D229AF508119583B961"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4062
Expires: Tue, 29 Nov 2022 21:58:22 GMT
Date: Tue, 29 Nov 2022 20:50:40 GMT
Connection: keep-alive

                                        
                                            GET /click/invalid/?tid=4&subid=4.us.android.chrome HTTP/1.1 
Host: redir.tealwinds.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         198.211.113.186
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: 0
Location: https://leche.labtrffc.com/p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs_4
Vary: Accept
Content-Length: 230
Date: Tue, 29 Nov 2022 20:50:40 GMT
Connection: keep-alive
Keep-Alive: timeout=5


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   230
Md5:    bf1ea261d68c3cae104a4434b2ed8723
Sha1:   5c2720cc951f801f2f7091867636e73490adcc78
Sha256: 67be18803779206c2595f60be36782945e42e8ba6ce70f8595a405c6861670d0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "729D7C2013164D474D00F20CDA869D86DA1C9DE6E31832308FEC1EDA4FE940BA"
Last-Modified: Tue, 29 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4723
Expires: Tue, 29 Nov 2022 22:09:23 GMT
Date: Tue, 29 Nov 2022 20:50:40 GMT
Connection: keep-alive

                                        
                                            GET /p.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240?s=nxs_4 HTTP/1.1 
Host: leche.labtrffc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 20:50:40 GMT
Content-Length: 0
Connection: keep-alive
Round:
Raund:
Location: https://pdxx-7fmavzpxk2xlm-4-2.lowsea.fun/emw/v1/dt?sid=888b&k=bfb&url=&xrw=&lid=638670a0eafe7d0097270c74&fid=888fb

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3A97C2923C7C21A74A6B36A9E23045FEA5A6CA4FD3B42B699972CF4A1FFE56BA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7780
Expires: Tue, 29 Nov 2022 23:00:20 GMT
Date: Tue, 29 Nov 2022 20:50:40 GMT
Connection: keep-alive

                                        
                                            GET /emw/v1/dt?sid=888b&k=bfb&url=&xrw=&lid=638670a0eafe7d0097270c74&fid=888fb HTTP/1.1 
Host: pdxx-7fmavzpxk2xlm-4-2.lowsea.fun
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         5.161.78.177
HTTP/2 307 Temporary Redirect
content-type: text/html
                                        
date: Tue, 29 Nov 2022 20:50:40 GMT
content-length: 164
location: https://ron.trffclb.com/a.php?p=c:7omnig4vw718godha&d=6213b4b0ff85982fd6331e4b&s=888b
set-cookie: emwxcid_4_1=b6nFQFwtyjyogGbeZFALlu1bdKKi61Aa1xpdXAw0TdRq9WPS0B; expires=Wed, Nov 29 2023 20:50:40 GMT; Max-Age=31536000; path=/; domain=lowsea.fun; SameSite=Lax
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   164
Md5:    813f9846b49c0ada805648edf1b2fdbd
Sha1:   caa24890460f73e6a72bb49426351e67e83b053d
Sha256: 8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "729D7C2013164D474D00F20CDA869D86DA1C9DE6E31832308FEC1EDA4FE940BA"
Last-Modified: Tue, 29 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4722
Expires: Tue, 29 Nov 2022 22:09:23 GMT
Date: Tue, 29 Nov 2022 20:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:50:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 20:50:41 GMT
Connection: keep-alive

                                        
                                            GET /a.php?p=c:7omnig4vw718godha&d=6213b4b0ff85982fd6331e4b&s=888b HTTP/1.1 
Host: ron.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 20:50:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Round: 11hx4alk7e
Raund: 1zd
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   158
Md5:    c87457594ef907d482eb114aaab14561
Sha1:   a528b0dfb11add9a369a0ad1f1dd462ea345f86e
Sha256: 83c06d15d0da3d5a81c885e5c71ba39c406d464738a421bb732a69f1c7dabf72

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 57651
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 83027
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 63150
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4916
Md5:    83c1fedec73299637cc7dc47c48af758
Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F955ba04e-80cb-43a1-bc6a-3e502a79144e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9546
x-amzn-requestid: 60e352b5-ab38-4975-bf26-500f0a639a2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFfulExwIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637edff6-1364912f7fd292da6453a83e;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 03:07:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qtRAIXoswvTgNWZzaQE1WHZQXoJRtK9nKpusFtXH3pDRHH_DZtsLFw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 07:16:35 GMT
age: 48846
etag: "373c96c2e0006d70954d4b4ebd850f62f558e92c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9546
Md5:    9a6e5f60b87d3879606a6707feb37a73
Sha1:   373c96c2e0006d70954d4b4ebd850f62f558e92c
Sha256: 1ae48f692f44d357e21eec708b46f22c36a3de21be8d0f1c2035d197e0aa89de
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:49:48 GMT
age: 61253
etag: "433061bbb226048765a711deca3026ee3e52372f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9203
Md5:    5d574c4db20a68295dbd06cb08f5990b
Sha1:   433061bbb226048765a711deca3026ee3e52372f
Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 82126
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888b HTTP/1.1 
Host: samba.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 20:50:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=638670a1e7cb7f3e706f9554; expires=Fri, 02-Dec-2022 20:50:41 GMT; Max-Age=259200; path=/; domain=samba.trffclb.com; HttpOnly
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (541)
Size:   494
Md5:    ddcd1c0555ffc7a9a956a9b92d2ba892
Sha1:   b80262fb4c813aea5661fa8aee0fe02cf60fa0f0
Sha256: 000551961e61a86c5e82322ee7863095c9ade632f96288463ab3cab23b5712fe

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888b&bv=1 HTTP/1.1 
Host: samba.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888b
Cookie: bt-603611c5b7eaf46891533240=638670a1e7cb7f3e706f9554
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 20:50:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: bt-603611c5b7eaf46891533240=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=samba.trffclb.com; HttpOnly
Round: 119cdtswvl
Raund: 2si
Location: https://popcash.net/world/go/134600/317194


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 2848
Cache-Control: max-age=111088
Date: Tue, 29 Nov 2022 20:50:41 GMT
Etag: "63857471-117"
Expires: Thu, 01 Dec 2022 03:42:09 GMT
Last-Modified: Tue, 29 Nov 2022 02:54:41 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: samba.trffclb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://samba.trffclb.com/l.php?p=c:9qopki6xwqp07eckv&d=603611c5b7eaf46891533240&s=int_888b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         51.83.143.92
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 20:50:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   20
Md5:    a4745abc5e7fdb89cc6df3069f3c6e69
Sha1:   74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
Sha256: d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /world/go/134600/317194 HTTP/1.1 
Host: popcash.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://samba.trffclb.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.52.38
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
date: Tue, 29 Nov 2022 20:50:41 GMT
content-length: 162
location: http://ps.popcash.net/go/134600/317194
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7GNybOOcfYv8vYYzcYooPSLRYUiqHDxfgN%2F6vsoEWMpS8t%2FyuHEAoFu4kBc2fSDAPprznMwFwZM4%2F3MpQ%2BeTD9Xd7YNr821P8euqx4HDGKDV8ecRVpKfsGd0QMJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771e37917bf3fab4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
                                        
                                            GET /go/134600/317194 HTTP/1.1 
Host: ps.popcash.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         54.205.43.136
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Date: Tue, 29 Nov 2022 20:50:41 GMT
Server: nginx
Vary: Accept-Encoding
transfer-encoding: chunked
Connection: keep-alive


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   271
Md5:    ade7befa0b0d9800cb2f32904390d024
Sha1:   652cd67194995e1102164e2c30e6c2a52d848140
Sha256: f2c81b25bc958bd7e9f7483a73212c3f7a65447c5835d02b6f1540522af05532

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /ad/ad?p=134600&w=317194&t=f6ce80c972ffddb2&r=&vw=1280&vh=0 HTTP/1.1 
Host: ps.popcash.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ps.popcash.net/go/134600/317194
Upgrade-Insecure-Requests: 1

search
                                         54.205.43.136
HTTP/1.1 303 See Other
                                        
Date: Tue, 29 Nov 2022 20:50:42 GMT
Location: http://dipaka-ead.com/zcvisitor/7cea9fe2-7027-11ed-a770-0a6114454827/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=206ac2c0-7581-11ea-b16e-12e5dcaa70ed#pc151445
Server: nginx
Content-Length: 0
Connection: keep-alive

                                        
                                            GET /zcvisitor/7cea9fe2-7027-11ed-a770-0a6114454827/7fcf9220-c93c-11e7-9820-0e06c6fba698?campaignid=206ac2c0-7581-11ea-b16e-12e5dcaa70ed HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.208.247.235
HTTP/1.1 302
                                        
Date: Tue, 29 Nov 2022 20:50:42 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://www.affectionwave.com/
Server: UiEHnVSW

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF24BF4EB33706D4322A8315AD8F2FCDA08E2032BF0B6391F6EEA6D046EC2654"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21474
Expires: Wed, 30 Nov 2022 02:48:36 GMT
Date: Tue, 29 Nov 2022 20:50:42 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 20:50:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-154588724-16 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.affectionwave.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 20:50:44 GMT
expires: Tue, 29 Nov 2022 20:50:44 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43614
Md5:    6cbe9528d37b6ff275e10d1ebea750b4
Sha1:   0a8191c5da4b1598e90e6424aa20d1a0d8723b27
Sha256: 9c30a283e00c7e1534a1f04a880717c438de00a39909753be6b09eff3ca03cec
                                        
                                            GET /static/assets/c4185f6a.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 28 Nov 2022 15:11:24 GMT
etag: W/"6384cf9c-24bd9"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   48600
Md5:    3b39a2ea3e6c30fdbc3cd484a013854d
Sha1:   de3762b9e0e638f656ffb225db01568ab837e81d
Sha256: 535d0741ac6e5774fe7c014f1080ded1a3df87504444f240b21526511e67fc4b
                                        
                                            GET /js/messages/no/messages_jquery_jab.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=2592000, private
last-modified: Thu, 01 Jan 1970 01:32:41 GMT
expires: Thu, 29 Dec 2022 20:50:44 GMT
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   20619
Md5:    931d100c0e6b832cf69bb1bc0305607b
Sha1:   57d18ef496bac4902b44c192c54226e5dc22e061
Sha256: 40df1b3374fcdee7d7e87beff57eb8f3c586d9cd7ba0f20d1142c7d91518bddf
                                        
                                            GET /resources/get/4/1a1def99fcc6d5942a5dd7639de1533d HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x400, components 3\012- data
Size:   62180
Md5:    68c28f68f403e6a4e5ab902d3f4aefb5
Sha1:   d7b1225d9894e462a9c45f96451da7b71d8a5608
Sha256: 926370a83a5fcb8b14b9a7f5288d506f15112605f8dc7c75ee6432a637d50ef9
                                        
                                            GET /static/_dating/_default/s/payment-logos.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Thu, 14 Jul 2022 10:16:05 GMT
etag: W/"62cfece5-c79"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   26575
Md5:    f789a58ef10d63c4990976c909e23d47
Sha1:   50856fa6dde10bc7615429d0fc32abb55abb52a6
Sha256: 4e806bbac25f4be7a2b77b5def72bb0369f676f1774d2a58a974c366ac81bd0e
                                        
                                            GET /site/captcha HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 150x40, components 3\012- data
Size:   47435
Md5:    00a979ab34d570819959ad35a2c18252
Sha1:   6829ea97d87d3169f2578bc8dcc4ea900be28cd5
Sha256: 9437afbd275ecdcc9e7fb8d1690cd42733d899f0b1e30e0ac87277771e8f0b31
                                        
                                            GET /static/_wl_traditional/_wl_skin_compliance_/js/3.bundle.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Thu, 10 Nov 2022 09:28:59 GMT
etag: W/"636cc45b-ba7c"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (47740), with no line terminators
Size:   29873
Md5:    fc40c5a9c49a2a3262c2ab6521995807
Sha1:   e23e04566358b3e1de68a28f64cb7e46c6dad348
Sha256: 4135d018dde97d5279f59c8bf8158d972f05db8a257ba0bed5fbd946ea05232e
                                        
                                            GET /static/assets/949c3926.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-248"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (558)
Size:   2014
Md5:    8469a9271f4d106816c8577275a806ac
Sha1:   a7c1a9d9a7c37820ca05fd334bfbfd3ca849a044
Sha256: 3eff04bd0d06dbf7fc04b5c3ea6adb5f23d509d9fca7577faf9da453cc7174bf
                                        
                                            GET /root.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css;charset=UTF-8
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/get/4/39100eb00726207674808593babbf9e2 HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/211b41b8.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-892"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /site/captcha? HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/f67027d8.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-c7"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/9ca75e15.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-549"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/770ad0e4.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-8b6"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/_dating/_default/i/payment_logos/cup.svg HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.affectionwave.com/static/_dating/_default/s/payment-logos.css
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Tue, 12 Jul 2022 07:36:01 GMT
etag: W/"62cd2461-3031"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/db4d2f29.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 28 Nov 2022 15:11:24 GMT
etag: W/"6384cf9c-baf"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/5497bff0.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:47 GMT
etag: W/"62f10a2b-cb1"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/logo HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/get/4/4b1cf29a1d9833888ce9a3fa87ebff68 HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/_dating/_default/i/payment_logos/mastercard.svg HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.affectionwave.com/static/_dating/_default/s/payment-logos.css
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Tue, 12 Jul 2022 07:36:01 GMT
etag: W/"62cd2461-720"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/c247a8e1.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:47 GMT
etag: W/"62f10a2b-947"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/2409f906.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-2325"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/37e7367d.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-37b"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/fa6902f0.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:47 GMT
etag: W/"62f10a2b-402"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/fad0beb3.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 12 Sep 2022 06:40:07 GMT
etag: W/"631ed447-13c3"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/fbf73bde.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-1ba5"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/1d9702dc.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Wed, 19 Oct 2022 14:02:14 GMT
etag: W/"63500366-581"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /js/messages/no/messages_notifications.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=2592000, private
last-modified: Thu, 01 Jan 1970 01:32:41 GMT
expires: Thu, 29 Dec 2022 20:50:44 GMT
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/js/jquery.autocomplete.js?v=5561 HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Thu, 15 Sep 2022 08:55:25 GMT
etag: W/"6322e87d-43b2"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/e13eeaf7.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Thu, 17 Nov 2022 09:23:46 GMT
etag: W/"6375fda2-1fc6"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/get/4/8d7168c75f888f4e8f6d2cfebaa7029f HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/21968212.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Thu, 10 Nov 2022 09:29:02 GMT
etag: W/"636cc45e-c8a5"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/f56f0d59.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-f80"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/get/4/cc9166cd2f801d8aeac627092b2c813f HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/95d6c938.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-312"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/_dating/_default/i/payment_logos/jcb.svg HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.affectionwave.com/static/_dating/_default/s/payment-logos.css
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Tue, 12 Jul 2022 07:36:01 GMT
etag: W/"62cd2461-10ab"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/63f0b6bf.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-ae0"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/f608025f.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-8539"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/5b0b6082.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Mon, 08 Aug 2022 13:05:53 GMT
etag: W/"62f10a31-666"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/b7752064.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Thu, 10 Nov 2022 09:29:02 GMT
etag: W/"636cc45e-20f30"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /resources/get/4/c1321eb5f027095b5c50f520a56fed23 HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=86400, private
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ps.popcash.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         178.62.22.16
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:43 GMT
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
set-cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; path=/; secure; HttpOnly userReferrerUrl=ps.popcash.net; expires=Thu, 01-Dec-2022 20:50:43 GMT; Max-Age=172800; path=/; secure; HttpOnly
cache-control: max-age=0, private, must-revalidate, no-cache, private
location: /join
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/be5b1fa8.css HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Wed, 19 Oct 2022 14:02:14 GMT
etag: W/"63500366-10df"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /static/assets/24e5e0b3.js HTTP/1.1 
Host: www.affectionwave.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.affectionwave.com/join
Connection: keep-alive
Cookie: PHPSESSID=a2un3448kdmh9h2091f04js49nv0hh3ucvahib65; userReferrerUrl=ps.popcash.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         178.62.22.16
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 29 Nov 2022 20:50:44 GMT
last-modified: Wed, 19 Oct 2022 14:02:14 GMT
etag: W/"63500366-a76d"
access-control-allow-origin: *
expires: Thu, 29 Dec 2022 20:50:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---