firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 16:10:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mtJqtX7mcKavHnhjDsrchhJm8_b7Jihh8DdGWzg8IO6-EXd7QxxrBQ==
Age: 640
single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=102234898422b17e922722b6b57a5b&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285
3.127.62.74302 Found 0 B URL HTTP/1.1 single-hearts.com/tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=102234898422b17e922722b6b57a5b&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285
IP 3.127.62.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tds?tdsId=s7016shm_r&tds_campaign=s7016shm&utm_campaign=a78ddb94&p1=1285&p5={p5}&data2=102234898422b17e922722b6b57a5b&utm_content=2254&data3={data3}&utm_source=ddm&email={email}&s1=dd&s3=1285 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Fri, 16 Sep 2022 16:21:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=7bb2d8d556159543a029fefcad54384a558d44b0; Max-Age=31536000; Domain=.single-hearts.com; Path=/; Expires=Sat, 16 Sep 2023 16:21:32 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Wed, 21 Sep 2022 16:21:32 GMT
Location: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11684
Expires: Fri, 16 Sep 2022 19:36:16 GMT
Date: Fri, 16 Sep 2022 16:21:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4PbHl0Z9RXAQdNxetl2QjGBA3EwKsx0mqDta39esSZhD5c2vFjOyCA==
age: 42377
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 16:21:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9d12e3867c2dd82cc18e3739c0953d05
6b761bf7c1d698771cb0bf49a577d672406714c5
eb503b7ddf310f47353acd09df285208427741387a38023d20fcbc8bdea9b077
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 16:21:32 GMT
Server: ECS (dcb/7EA3)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Zn2hh2mf9CYhvfb4KYMy49jHFel2uvIF4CYaqY8k7bVnWiuVD4ySig==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 16:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 16:51:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: b7OWytp-r-mr5D0-tpIm3QY7JkoiQYfj6rnazjbACFpz-2NXd-ecBw==
Age: 1091
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Last-Modified: Fri, 16 Sep 2022 14:36:35 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
single-hearts.com/bridge/intg.js?v=8
18.158.237.173200 OK 332 B URL HTTP/2 single-hearts.com/bridge/intg.js?v=8
IP 18.158.237.173:0
File type ASCII text, with very long lines (331)
Hash 0f6fbbd07a1685324878c88a0df767f5
7adeeb456eb8b962e14b375440b1b045c347ccf4
f4a2a2209b303ea619087222998e4d4c5bc08621a10a0b0232caa9c866a0ef5c
GET /bridge/intg.js?v=8 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:33 GMT
content-type: application/javascript; charset=UTF-8
content-length: 332
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 14 Sep 2022 13:44:41 GMT
etag: W/"14c-1833c3ea128"
vary: Accept-Encoding
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4ovjlIuqlT/j/wpUYFEpxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iJkIkLca2knN+m4MW80f0CVbb7Q=
cdn3reference.com/landings/21675/images/1.jpg
54.230.111.104200 OK 16 kB URL HTTP/2 cdn3reference.com/landings/21675/images/1.jpg
IP 54.230.111.104:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, progressive, precision 8, 300x420, components 3\012- data
Hash 30148eaceeae2f5aa676ee3412af4c9d
b6516b7ed92b28b6e222e9700cea101ef7b9b293
bc2b8c9f2c76f060f08d32802f2d2fa47d2596945683d0d82d3e596c636de5d7
GET /landings/21675/images/1.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 15809
server: nginx
last-modified: Mon, 25 Dec 2017 12:27:15 GMT
accept-ranges: bytes
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: public, max-age=604800
etag: "3dc1-56129494eaec0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QGdJDe_2_tqQ66_iOt9pvXvo65Rl3tQvblpYlmOOnAcq_ERow8NB8g==
X-Firefox-Spdy: h2
cdn3reference.com/landings/21675/images/2.jpg
54.230.111.104200 OK 15 kB URL HTTP/2 cdn3reference.com/landings/21675/images/2.jpg
IP 54.230.111.104:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, progressive, precision 8, 300x420, components 3\012- data
Hash a2ef60ce250057897a0693bf9b276133
7886febd14ea0790bcc3f9408837f1eaeae66faa
d41308d1b18a8d2541d15518f48ed8af896e995971b1c5795599e45ab2a68e06
GET /landings/21675/images/2.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 14838
server: nginx
last-modified: Mon, 25 Dec 2017 12:27:15 GMT
accept-ranges: bytes
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: public, max-age=604800
etag: "39f6-56129494eaec0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9z76o3e1z9SMYO9jfu-1HImppQNhzL5m4WNBJWG8PpwLHGMYPvJmoQ==
X-Firefox-Spdy: h2
cdn3reference.com/landings/21675/images/3.jpg
54.230.111.104200 OK 20 kB URL HTTP/2 cdn3reference.com/landings/21675/images/3.jpg
IP 54.230.111.104:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, progressive, precision 8, 300x420, components 3\012- data
Hash 2da7f7d28c3bed0625144a4318994f0a
2d371bdd16739e153c46c365ed72f13ca4a55561
239294fc9b4dc29e0ffc4974b72199c9d0371020c0454cb43d2a9f448306f2b5
GET /landings/21675/images/3.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 19955
server: nginx
last-modified: Mon, 25 Dec 2017 12:27:15 GMT
accept-ranges: bytes
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: public, max-age=604800
etag: "4df3-56129494eaec0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OUfs3cb0jUu18bxfK6RONARY1-lK24PKMudWGjMfIdfw1Y22G1KQKQ==
X-Firefox-Spdy: h2
cdn3reference.com/landings/21675/images/main3.gif
54.230.111.104200 OK 147 kB URL HTTP/2 cdn3reference.com/landings/21675/images/main3.gif
IP 54.230.111.104:0
File type GIF image data, version 89a, 240 x 290\012- data
Size 147 kB (147426 bytes)
Hash 9e5e660b8bdf07c96e47364d38857e6d
33d81225b1fa9e3b084622532032a7d27d5df7c0
dae71e06735d95bfbceff3247d3d6d151fceb5ce8db1b25ba03ea3c57359295f
GET /landings/21675/images/main3.gif HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 147426
server: nginx
last-modified: Mon, 25 Dec 2017 12:29:45 GMT
accept-ranges: bytes
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: public, max-age=604800
etag: "23fe2-56129523f8040"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2dQgS-nqEarebJiXgWUhOYU6AJH7GBUtyZdpSePteG_jfdReB3Cuqw==
X-Firefox-Spdy: h2
cdn3reference.com/landings/21675/images/4.jpg
54.230.111.104200 OK 19 kB URL HTTP/2 cdn3reference.com/landings/21675/images/4.jpg
IP 54.230.111.104:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 350x350, segment length 16, progressive, precision 8, 300x420, components 3\012- data
Hash 7f2be7f0d8450604303c52fb272f389d
0e177d9b1d6828934a45f999eb43eab325f6cb9c
ddf20d9b0fc58e85ff69739523c1d50d4fa54cb6bf2efc28cb00f6678bd02f2a
GET /landings/21675/images/4.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 19205
server: nginx
last-modified: Mon, 25 Dec 2017 12:27:15 GMT
accept-ranges: bytes
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: public, max-age=604800
etag: "4b05-56129494eaec0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OeS0rMi-d-LuBMMedkPTfXTEhgwOXcQ4q-6qjQrXrIV5vHsjF121SQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Assistant
142.250.74.10200 OK 14 kB URL HTTP/2 fonts.googleapis.com/css?family=Assistant
IP 142.250.74.10:0
Hash a5c8600b687a04c9a41617a281c90605
a989d9ae8b1f93c40a927c71f19585fa6bbbf5a5
49f6694c08a991e6ea408ca02633884c14df2abc1e5d4e4a00b55c6d333e1c12
GET /css?family=Assistant HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 16:21:33 GMT
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
single-hearts.com/bridge/ao.js
18.158.237.173200 OK 699 B URL HTTP/2 single-hearts.com/bridge/ao.js
IP 18.158.237.173:0
File type ASCII text, with very long lines (698)
Hash 6cebf45feb7e4563c5cc6295f32962e9
05b6e9f7db40c500fbf5e6751d763ee1ee9357a0
ff8435de19ba549afe5ad4813fc597bb52fdd6c5b2283d39d5211a94d5068967
Analyzer Verdict Alert fortinet Phishing
GET /bridge/ao.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:33 GMT
content-type: application/javascript; charset=UTF-8
content-length: 699
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 14 Sep 2022 13:44:41 GMT
etag: W/"2bb-1833c3ea128"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/c_js/main.js
18.158.237.173500 Internal Server Error 49 B URL HTTP/2 single-hearts.com/c_js/main.js
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b1dcd73c3f92cbfae5af8d6605a2648
1330b05bf866d3df1b4a972cfa8ea78baea071d3
04098a42cc43ab3c0bef45ae51b3c7adcbf39342e3b6f38b7878f950a993e687
Analyzer Verdict Alert fortinet Phishing
GET /c_js/main.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Fri, 16 Sep 2022 16:21:33 GMT
content-type: application/json; charset=utf-8
content-length: 49
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
etag: W/"31-EzCwW/hm098bSpcs+o6ni66gcdM"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:300,400,700
142.250.74.10200 OK 48 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,700
IP 142.250.74.10:0
Hash f0d42bbd5640449ba4f3820390702373
c95e4e14706c4231229292673d3136901dcd355b
afee5b88e8f531583879f095aa7ded1c7268ca7095093e252751722a6d701ea3
GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 16:21:33 GMT
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.72200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.72:0
File type ASCII text, with very long lines (4073)
Hash dc080da60f6648bd4a02b68cdeed39bb
95be8cc684832881e6346ab589ebf05b4853b8ff
346a4f70b052161a8dea3fe15d8801f6d1473a1efac62a84beb31f28a038c0bf
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 16:21:33 GMT
expires: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Sep 2022 15:43:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn3reference.com/landings/21675/images/bg.jpg
54.230.111.104200 OK 17 kB URL HTTP/2 cdn3reference.com/landings/21675/images/bg.jpg
IP 54.230.111.104:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1230, components 3\012- data
Hash 5573aae7ef741968e28b04c3e6e3195a
d61e1508f71b654a28066375b4c5261b0dd9e916
f5ef8c411f8560635732f057762419843141db29774d0d93efb0f15a418c7092
GET /landings/21675/images/bg.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn3reference.com/landings/21675/css/b2e70a4a61b77a7b0b5481932f8779e2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 17062
server: nginx
last-modified: Mon, 25 Dec 2017 12:27:15 GMT
accept-ranges: bytes
date: Fri, 16 Sep 2022 16:21:33 GMT
cache-control: public, max-age=604800
etag: "42a6-56129494eaec0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6NfszSwcdyoGicnUTtv6cUNg2_s-Bi8YKX7J-6btMrwQbqkA6b-ByQ==
X-Firefox-Spdy: h2
single-hearts.com/tds/interlayer
18.158.237.173200 OK 558 B URL HTTP/2 single-hearts.com/tds/interlayer
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with very long lines (558), with no line terminators
Hash 8dde1260d8fa0641c1cacd04cb3385ef
c71205a850b4af228ed8090364c3451528b74a35
a14567dadb49aa1da96708dc0fa412c044c8609e00a1e47ad30bcc0c8ff95891
Analyzer Verdict Alert fortinet Phishing
POST /tds/interlayer HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 660
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:33 GMT
content-type: application/json; charset=utf-8
content-length: 558
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
etag: W/"22e-xxIFqFC0ryKO2AkDZMNFFSi3SjU"
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 16:21:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 95de2bbe13f789e51adf4c0977e78b7c
7477f35d3a7bda1ae356b1a0200e0cbc509241fa
3a92b544883ec27da5231e1239c0461cb039463908a4ac48d6e2a1f06fdb0ae9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=101645
Date: Fri, 16 Sep 2022 16:21:33 GMT
Etag: "63237ec4-1d7"
Expires: Sat, 17 Sep 2022 20:35:38 GMT
Last-Modified: Thu, 15 Sep 2022 19:36:36 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AQ_rOsKJvZjiH05NdJ4RRdPyBV2Fmacir0zImk8bLbljsLaV_83WGw==
Age: 3542
single-hearts.com/ufis/rtr?referer=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D21675%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%253D%253D%26data2%3D102234898422b17e922722b6b57a5b%26utm_source%3Dddm%26tds_ac_id%3Ds7016shm%26s3%3D1285%26tds_oid%3D21675%26tds_rt%3D%26dci%3D7bb2d8d556159543a029fefcad54384a558d44b0%26tds_id%3Db1023rie_jump_b_1662987303305%26tds_campaign%3Db1023rie%26tds_cid%3D435c695b39d5ca5c1187b9b05dac618a6168db8b%26tds_host%3Dsingle-hearts.com%26utm_content%3D2254%26s1%3Ddd%26tds_ao%3D3%26utm_campaign%3Da78ddb94
18.158.237.173200 OK 10 B URL HTTP/2 single-hearts.com/ufis/rtr?referer=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D21675%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%253D%253D%26data2%3D102234898422b17e922722b6b57a5b%26utm_source%3Dddm%26tds_ac_id%3Ds7016shm%26s3%3D1285%26tds_oid%3D21675%26tds_rt%3D%26dci%3D7bb2d8d556159543a029fefcad54384a558d44b0%26tds_id%3Db1023rie_jump_b_1662987303305%26tds_campaign%3Db1023rie%26tds_cid%3D435c695b39d5ca5c1187b9b05dac618a6168db8b%26tds_host%3Dsingle-hearts.com%26utm_content%3D2254%26s1%3Ddd%26tds_ao%3D3%26utm_campaign%3Da78ddb94
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c2db64f99c6ebc0162f2ff0a32704299
d483e5dbd40c7600c97357394ebe7c7e747aee9f
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
GET /ufis/rtr?referer=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D21675%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%253D%253D%26data2%3D102234898422b17e922722b6b57a5b%26utm_source%3Dddm%26tds_ac_id%3Ds7016shm%26s3%3D1285%26tds_oid%3D21675%26tds_rt%3D%26dci%3D7bb2d8d556159543a029fefcad54384a558d44b0%26tds_id%3Db1023rie_jump_b_1662987303305%26tds_campaign%3Db1023rie%26tds_cid%3D435c695b39d5ca5c1187b9b05dac618a6168db8b%26tds_host%3Dsingle-hearts.com%26utm_content%3D2254%26s1%3Ddd%26tds_ao%3D3%26utm_campaign%3Da78ddb94 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: application/json; charset=utf-8
content-length: 10
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D21675%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%253D%253D%26data2%3D102234898422b17e922722b6b57a5b%26utm_source%3Dddm%26tds_ac_id%3Ds7016shm%26s3%3D1285%26tds_oid%3D21675%26tds_rt%3D%26dci%3D7bb2d8d556159543a029fefcad54384a558d44b0%26tds_id%3Db1023rie_jump_b_1662987303305%26tds_campaign%3Db1023rie%26tds_cid%3D435c695b39d5ca5c1187b9b05dac618a6168db8b%26tds_host%3Dsingle-hearts.com%26utm_content%3D2254%26s1%3Ddd%26tds_ao%3D3%26utm_campaign%3Da78ddb94
18.158.237.173200 OK 27 B URL HTTP/2 single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D21675%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%253D%253D%26data2%3D102234898422b17e922722b6b57a5b%26utm_source%3Dddm%26tds_ac_id%3Ds7016shm%26s3%3D1285%26tds_oid%3D21675%26tds_rt%3D%26dci%3D7bb2d8d556159543a029fefcad54384a558d44b0%26tds_id%3Db1023rie_jump_b_1662987303305%26tds_campaign%3Db1023rie%26tds_cid%3D435c695b39d5ca5c1187b9b05dac618a6168db8b%26tds_host%3Dsingle-hearts.com%26utm_content%3D2254%26s1%3Ddd%26tds_ao%3D3%26utm_campaign%3Da78ddb94
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af
GET /ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=https%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D21675%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%253D%253D%26data2%3D102234898422b17e922722b6b57a5b%26utm_source%3Dddm%26tds_ac_id%3Ds7016shm%26s3%3D1285%26tds_oid%3D21675%26tds_rt%3D%26dci%3D7bb2d8d556159543a029fefcad54384a558d44b0%26tds_id%3Db1023rie_jump_b_1662987303305%26tds_campaign%3Db1023rie%26tds_cid%3D435c695b39d5ca5c1187b9b05dac618a6168db8b%26tds_host%3Dsingle-hearts.com%26utm_content%3D2254%26s1%3Ddd%26tds_ao%3D3%26utm_campaign%3Da78ddb94 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: application/json; charset=utf-8
content-length: 27
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
18.158.237.173200 OK 30 B URL HTTP/2 single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1158
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
18.158.237.173200 OK 30 B URL HTTP/2 single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1219
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
18.158.237.173200 OK 30 B URL HTTP/2 single-hearts.com/ufis/webpush/track?uaDataValues=%7B%7D&networkGroup=
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues=%7B%7D&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
content-type: application/json; charset=UTF-8
Origin: https://single-hearts.com
Content-Length: 1175
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: application/json; charset=utf-8
content-length: 30
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14414
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 16:21:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14414
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 16:21:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14414
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 16:21:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14414
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 16:21:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14414
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 16:21:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: 2beedee9-cf7e-47d6-ac4d-3ca9251aa565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfSWEFAZoAMFd6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322ca8d-37688e4a23c3234a25becf57;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 06:47:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: H2ySDtSQZtsrCA99y1a2_fLQcRI8hvN_nvA9U_V_iCm6c3cq3DigXQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:11:59 GMT
age: 65375
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d4ee58e0f26ec6817dbab72aa7db6d
b6e634ef27eba9da38c6472565e0fdca6898e4f0
07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rgjwYJ-ZzVF3bv7pl1l8TN8EAoENIcaSAXJU_YhFOSNRCzrCuPuKbQ==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:10 GMT
age: 67044
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 512280055633fcce9abc7d11a9816a24
de5c3e010fca76659455a144875a52c25fa72bdd
435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JAzbRqinDuqQuQoESEsL26c1Y1UTQ5tO1thL3ugE6LPQtNTWGaGTLg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:48:32 GMT
age: 66782
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da1bd18c37b83b0ef4641036dc208eec
abb5c719ec9341c6d4146297a2a1eca171df9c81
0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1Y5uBMPJvxTDKGnc5Q0lzKZXDv4lwTByGDO8eRIwgauut0yfJz-8Lg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
age: 66659
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6d17788c7d2a1a91e68eff48df14bd1
8e1090346d90bc69e7a95384e6a7a01154e31567
1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RbKcO0CPRsex8VWdIVqctamGyJ7D1PHD04ry2wbrcDPDYL0Yy5vPPQ==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
content-type: image/jpeg
age: 66659
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XGVoNQZeoG0AQ6LabPW2Zg7pAQqdl-bGTFAhbNpLlgTWNWx55-wEUQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:14 GMT
age: 66980
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
18.158.237.173200 OK 20 B URL HTTP/2 single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Content-Type: application/json
Origin: https://single-hearts.com
Content-Length: 429
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:35 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
18.158.237.173200 OK 20 B URL HTTP/2 single-hearts.com/ufis/ipp/track?uaDataValues={}&networkGroup=
IP 18.158.237.173:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/ipp/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Content-Type: application/json
Origin: https://single-hearts.com
Content-Length: 439
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:35 GMT
content-type: application/json; charset=utf-8
content-length: 20
server: nginx
x-powered-by: Express
access-control-allow-origin: *
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 161247
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 161247
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash fa59d2b560ca9231d5bec8ba2eb11863
c199813ade515020d1d5a34a600e758b0ee17c1e
2c3ebf106d844601bb8335d8264f5140a8295db2acbbc68a68df0fcb3776cd32
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 16:21:35 GMT
Last-Modified: Fri, 16 Sep 2022 14:54:38 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PHx9jdcesaTdF7BhdFVz8QQDwy-kI9nLCLG7c19-vB4k0FSgiL7Agw==
Age: 5218
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash fa59d2b560ca9231d5bec8ba2eb11863
c199813ade515020d1d5a34a600e758b0ee17c1e
2c3ebf106d844601bb8335d8264f5140a8295db2acbbc68a68df0fcb3776cd32
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 16:21:35 GMT
Last-Modified: Fri, 16 Sep 2022 14:54:38 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -rpB6gRoNC-oZA-eT41lOZEcbYwSRE4C9cwkDhejbHBGEKkTgvN-0w==
Age: 5218
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash fa59d2b560ca9231d5bec8ba2eb11863
c199813ade515020d1d5a34a600e758b0ee17c1e
2c3ebf106d844601bb8335d8264f5140a8295db2acbbc68a68df0fcb3776cd32
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 16:21:35 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z5UvCcyHvt33K9MDGxwRvYtZEN7WP1KijLsp6rgmd8Hzw3I2VT2wdA==
cdn.gen-ref.com/image/enbdc6no.png
54.230.111.34200 OK 88 kB URL HTTP/2 cdn.gen-ref.com/image/enbdc6no.png
IP 54.230.111.34:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash b41f2edb9e455efb1319b0169b87103e
4e902f54598b934bc080cb0dea3862a335b65225
667a4aaa455013b527cb5f43f0a32f7854f7f29e6ebede6e140fe5f733a93f11
GET /image/enbdc6no.png HTTP/1.1
Host: cdn.gen-ref.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 88202
last-modified: Sun, 23 May 2021 20:40:47 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 16:21:36 GMT
etag: "b41f2edb9e455efb1319b0169b87103e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bXlz7Q9bOzMO_5ehbYawjPva3jFSJbLwA8ma33fmYdC52CWndLER1Q==
X-Firefox-Spdy: h2
cdn.gen-ref.com/image/encs5qwq.png
54.230.111.34200 OK 89 kB URL HTTP/2 cdn.gen-ref.com/image/encs5qwq.png
IP 54.230.111.34:0
File type PNG image data, 192 x 190, 8-bit/color RGBA, non-interlaced\012- data
Hash a97f05b3cbdef21c1faced08d7be8557
773719618d36b9954f86895f34181b4786a5090c
2d623752f9c767a8fb8f92a1dc73f3a9d38722518b3a0214f5d3864dd2ac1a2a
GET /image/encs5qwq.png HTTP/1.1
Host: cdn.gen-ref.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 88663
last-modified: Sun, 23 May 2021 20:40:04 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 16:21:36 GMT
etag: "a97f05b3cbdef21c1faced08d7be8557"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wWK9Eqkx7AKgDiFwFAXsdsnLEfUoY9ju1HTEyK9yoVRbHUEob9ho_w==
X-Firefox-Spdy: h2
cdn.gen-ref.com/image/enfp782j.png
54.230.111.34200 OK 52 kB URL HTTP/2 cdn.gen-ref.com/image/enfp782j.png
IP 54.230.111.34:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 1504bac6ed88d874b959555e795a2aa8
772ba9222c7b64890915869704dded84483d0445
5f36bd06c1dbd76b2a54d0c57547747782f15602b72fc85aae73a569bfb54e74
GET /image/enfp782j.png HTTP/1.1
Host: cdn.gen-ref.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 52031
last-modified: Tue, 25 May 2021 12:37:38 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 16:21:36 GMT
etag: "1504bac6ed88d874b959555e795a2aa8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LYjwDDRKIrtllTfX0k6JMItULYS6MPymweePBJhJfi6vFHVw0YsTHQ==
X-Firefox-Spdy: h2
single-hearts.com/integration.js
18.158.237.173200 OK 0 B URL HTTP/2 single-hearts.com/integration.js
IP 18.158.237.173:0
Analyzer Verdict Alert fortinet Phishing
GET /integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:33 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"716-ojM5iCH88iIxJOJMLArtlL+5nAA"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&dci=7bb2d8d556159543a029fefcad54384a558d44b0&j_type=open&jump=21675&jump_name=
52.57.160.247200 OK 0 B URL HTTP/2 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&dci=7bb2d8d556159543a029fefcad54384a558d44b0&j_type=open&jump=21675&jump_name=
IP 52.57.160.247:0
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&dci=7bb2d8d556159543a029fefcad54384a558d44b0&j_type=open&jump=21675&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: image/gif
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
set-cookie: dci=f67a340d9a1f3b0eecc8c4a1578b6e1d51c98a7c; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Sat, 16 Sep 2023 16:21:34 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
18.158.237.173200 OK 0 B URL HTTP/2 single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
IP 18.158.237.173:0
GET /jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:33 GMT
content-type: text/html; charset=UTF-8
server: nginx
content-encoding: br
X-Firefox-Spdy: h2
cdn3reference.com/landings/21675/js/54271ef6572be77fca412391ce3f3002.js
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/landings/21675/js/54271ef6572be77fca412391ce3f3002.js
IP 54.230.111.104:0
GET /landings/21675/js/54271ef6572be77fca412391ce3f3002.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 16 Sep 2022 16:21:33 GMT
last-modified: Tue, 29 Mar 2022 13:42:04 GMT
content-encoding: gzip
etag: W/"17bb2-5db5b981b8300"
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Lwd5w7kjCTARCZ2Dz4hLC5ReFN7QL8rxVw1xEUevdzGgncHKSSuL7w==
X-Firefox-Spdy: h2
single-hearts.com/tds/interlayer?handler=FrodiData
18.158.237.173200 OK 0 B URL HTTP/2 single-hearts.com/tds/interlayer?handler=FrodiData
IP 18.158.237.173:0
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 1614
Origin: https://single-hearts.com
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:33 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: UA, Platform, Model, Mobile, Arch
X-Firefox-Spdy: h2
retarget2core.com/fp/fp_ec.js
52.57.160.247200 OK 0 B URL HTTP/2 retarget2core.com/fp/fp_ec.js
IP 52.57.160.247:0
GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 14 Sep 2022 13:44:41 GMT
etag: W/"4bd-1833c3ea128"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
IP 54.230.111.104:0
GET /css/webPushMotivationPopupSmall.css?v=2 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 16 Sep 2022 16:21:33 GMT
last-modified: Wed, 31 Oct 2018 08:29:51 GMT
content-encoding: gzip
etag: W/"1340-579821b240313"
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ln0Lqm08_0fZm92uYLWV-LSAYBnuPOXhgA7xKgLOuJi3lzg3uKaZtA==
X-Firefox-Spdy: h2
cdn3reference.com/landings/21675/css/b2e70a4a61b77a7b0b5481932f8779e2.css
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/landings/21675/css/b2e70a4a61b77a7b0b5481932f8779e2.css
IP 54.230.111.104:0
GET /landings/21675/css/b2e70a4a61b77a7b0b5481932f8779e2.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 16 Sep 2022 16:21:33 GMT
last-modified: Tue, 29 Mar 2022 13:42:04 GMT
content-encoding: gzip
etag: W/"7c8-5db5b981b8300"
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XifmAnSyJlADaQVIWP5ZZEpm6sVD7JOr8Byx5g7rh_SnNfkgYeaadQ==
X-Firefox-Spdy: h2
cdn3reference.com/js/dc_img.js?v=8
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/js/dc_img.js?v=8
IP 54.230.111.104:0
GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 16 Sep 2022 16:21:33 GMT
last-modified: Thu, 29 Oct 2020 09:22:15 GMT
etag: W/"1e8-5b2cbd0d9620d"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f2WraLs8lWFg150P-2I9QxkPfxH2yo61cnRukM712ocyJGKtDN_RaQ==
X-Firefox-Spdy: h2
cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
54.230.111.104200 OK 0 B URL HTTP/2 cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
IP 54.230.111.104:0
GET /js/webPushMotivationPopupSmall.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 16 Sep 2022 16:21:33 GMT
last-modified: Wed, 31 Oct 2018 08:31:29 GMT
content-encoding: gzip
etag: W/"22c1-5798220f7ced0"
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hpDqacVPOXhtelQlcPljnpTM6JAE-DiCzFAWN0rCucuMAL8lAp-70A==
X-Firefox-Spdy: h2
single-hearts.com/mtu-integration.js
18.158.237.173200 OK 0 B URL HTTP/2 single-hearts.com/mtu-integration.js
IP 18.158.237.173:0
Analyzer Verdict Alert fortinet Phishing
GET /mtu-integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://single-hearts.com/jump?id=21675&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy8wOTZkMjhhYzg5NDMzMDE1N2JiMjllNTllYjU0OWVlNj9fX3Q9MTY2MzM0NTI5MjQ4MCZfX2w9MzYwMA%3D%3D&data2=102234898422b17e922722b6b57a5b&utm_source=ddm&tds_ac_id=s7016shm&s3=1285&tds_oid=21675&tds_rt=&dci=7bb2d8d556159543a029fefcad54384a558d44b0&tds_id=b1023rie_jump_b_1662987303305&tds_campaign=b1023rie&tds_cid=435c695b39d5ca5c1187b9b05dac618a6168db8b&tds_host=single-hearts.com&utm_content=2254&s1=dd&tds_ao=3&utm_campaign=a78ddb94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:33 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 14 Sep 2022 13:44:41 GMT
etag: W/"1273-1833c3ea128"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
18.158.237.173200 OK 0 B URL HTTP/2 single-hearts.com/ufis/webpush/sw.js?uaDataValues={}&networkGroup=
IP 18.158.237.173:0
GET /ufis/webpush/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"35e5-ggvNzPbrS4iAvrqVuh7HqGhzYqo"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
single-hearts.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
18.158.237.173200 OK 0 B URL HTTP/2 single-hearts.com/ufis/pwa/sw.js?uaDataValues={}&networkGroup=
IP 18.158.237.173:0
GET /ufis/pwa/sw.js?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 16:21:34 GMT
content-type: text/javascript; charset=utf-8
server: nginx
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
etag: W/"8a5-jxVx3HNgm8c2Bvxd6GQ6e3r2rSU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2