r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Wed, 21 Sep 2022 09:12:27 GMT
Date: Wed, 21 Sep 2022 08:25:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 08:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ESMl2XzB-32boL342oeBd8MNnOKrR3WHv8ka2ybD_2THjSoRLlRzhQ==
Age: 705
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RUnp149IyrThtSqnUaMrupOC-Ft-DC22c2DWC_hYPCD0dBnmEy2e2Q==
age: 13804
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:25:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 08:03:22 GMT
Expires: Wed, 21 Sep 2022 08:40:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UbeNr1GZyEv7RaARXZRxAMS8fAKLPLtJnugLgobz37dYtIGM8TgvOA==
Age: 1315
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b0171dd398bd931bdee46f03db89868a
b807a6d4b8dc1e773f675b2d658af32b6141c0a3
803f25d8f1064f374bcffdad93e106338b5c8db876a7249738ee0f7d15ea365f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6278
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:17 GMT
Last-Modified: Wed, 21 Sep 2022 06:40:39 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b0171dd398bd931bdee46f03db89868a
b807a6d4b8dc1e773f675b2d658af32b6141c0a3
803f25d8f1064f374bcffdad93e106338b5c8db876a7249738ee0f7d15ea365f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 528
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:17 GMT
Last-Modified: Wed, 21 Sep 2022 08:16:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash b1a8ec551edff43952cb096d1187ca8f
54170502305446484fb91caf15265f4f26d36c0a
cfa1fd2576d045ed3cfcad5c9c8339103be72ee38603048a9d21c28169501f40
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 4f946a6bc6f5ba9e005ade49a282c2cd
ETag: "097d0900ff5f8d6f9d7bafa2922c9bfd"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Wed, 21 Sep 2022 08:34:01 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: sajsVR7f9DlSywltEYfKjw==
X-FB-Debug: LhlkKf0d/HLOAgS682AryQ58PaIb1oG4+PJGj+cG/uXmcpje0UH2v+EXRsc49i06uZL0DpnsB+NbJ0eLxMY/zw==
X-FB-TRIP-ID: 1679558926
Date: Wed, 21 Sep 2022 08:25:17 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686
js.appboycdn.com/web-sdk/1.6/appboy.min.js
104.17.218.31200 OK 38 kB URL HTTP/2 js.appboycdn.com/web-sdk/1.6/appboy.min.js
IP 104.17.218.31:0
Hash 915d4f4ad8065e9d4b5f9d2dca66bb3b
b4f4f0b7f147952e7c0f6a9d96656e4f1c664e56
44ee01e7d003e748fa565f4811e659fd680402e385cb2550bf5468d4903b576c
GET /web-sdk/1.6/appboy.min.js HTTP/1.1
Host: js.appboycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:25:17 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: rBuvKgQ/AJ4VKKVa4JPfGH0D9BYLN+9Tuba5TDUdtFCtVz03KgtpPlGQQpbbQMIOSgzGsmSJaRA=
x-amz-request-id: PFEFER0M5H56YP5K
last-modified: Fri, 06 Oct 2017 18:19:54 GMT
etag: W/"bd8c768fe5e4740920f57a1a01e14a3f"
cf-cache-status: HIT
age: 1945
expires: Wed, 21 Sep 2022 12:25:17 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e168cd4c680b06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5929
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:17 GMT
Last-Modified: Wed, 21 Sep 2022 06:46:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtm.js?id=GTM-T2GJ57P
142.250.74.72200 OK 57 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T2GJ57P
IP 142.250.74.72:0
File type ASCII text, with very long lines (35661)
Hash e48bf90464376cb81464a8efb0f3c610
9546fab808857681ac31ccba7f95602fba2a9450
4edd983ca5f0c580a240ab356d5fa2e731673dc8493d493df8520f3471bc1fcc
GET /gtm.js?id=GTM-T2GJ57P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 08:25:17 GMT
expires: Wed, 21 Sep 2022 08:25:17 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 56599
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.10.207200 OK 6.0 kB URL HTTP/1.1 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (23577)
Hash 79b25bba7faf617a700078021baf261d
afe865347d7edd54588209e2c192160aa4fdba2b
0d532abf8b1c2cc786dda91d183f02a318c82e03e6fd920addf82d0f4ef818bd
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:17 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
CDN-EdgeStorageId: 632, 617, 617
Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
CDN-CachedAt: 2021-06-08 21:08:57
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
Cache-Control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
CDN-RequestId: e6a55b08fe5091f45c9e99ce9e9f98c2
Content-Encoding: gzip
CDN-Status: 200
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 9190316
Server: cloudflare
CF-RAY: 74e168ceff99b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LKX2ewiRE6KCK63uLL8gMg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 73jn0WwuQ1w1HwaeoQq32xlzSBQ=
www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
172.98.65.24200 OK 781 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
IP 172.98.65.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33214)
Size 781 kB (780786 bytes)
Hash a17026e5303d403f36fc9260a2942aa5
01faa73a10891df0fa03a81fc430acda621a731a
eb1190f073acb847895452eb8939e2a6a8d554d76a817db1792511ac1eebf5da
GET /update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:17 GMT
Server: Apache
X-Powered-By: PHP/7.4.11
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 2f4f4dfe86fb9602ff302718d4d191b3
0e78f1833257b82b870ade9816fa2e363ef70648
405be4f3d23739053a02e29a0f4f564228ed5eb87229ed5abd38dad747803cda
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 21 Sep 2022 08:25:18 GMT
Last-Modified: Wed, 21 Sep 2022 06:44:09 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZcsmBjN7vi_YwDyuYuSQ4Gd-mgvRlDJVQFVTJApp3w_Op_DAVBcD3w==
Age: 6070
www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/1.js?q=f74697b8b880f9be665d
104.18.41.117404 Not Found 861 B URL HTTP/2 www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/1.js?q=f74697b8b880f9be665d
IP 104.18.41.117:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379), with CRLF, LF line terminators
Hash 06088ef70860fec9b418a81fee0b7ac0
150cbf0cfa330650c407638011bb26072a4c5d0f
3b22e85ea8b2f30d69b99e634761dd70f43e8dfe5f0257da11332a60369d5d86
GET /245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/1.js?q=f74697b8b880f9be665d HTTP/1.1
Host: www.christianmingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: text/html
strict-transport-security: max-age=63072000; includeSubdomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=lmtHiyoaaEkfvywiot_Olz1Kykaji8TPj13wDJ.cxeQ-1663748718-0-AXy2xwl3eYxSv+XTaZ0UVKBFDyPo2Gk789VVoc1Afy9BSMNKblX27HSB2kOf1r3IM69maNgQOeUnR3jGk1CQYKo=; path=/; expires=Wed, 21-Sep-22 08:55:18 GMT; domain=.christianmingle.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e168cfc945b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps-api-v3/api/js/32/2/common.js
142.250.74.42200 OK 33 kB URL HTTP/2 maps.googleapis.com/maps-api-v3/api/js/32/2/common.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (974)
Hash 9ac3a79256967c814e7d160a96bbe40e
cdba4037a42361fe81a4e5182789d9a90c4f0bbd
00a8ddc090487ce9f0954b2595c0cd062ef6caf9190eef321615a1887c8c0095
GET /maps-api-v3/api/js/32/2/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 33005
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 15:39:46 GMT
expires: Sat, 16 Sep 2023 15:39:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Feb 2018 06:05:46 GMT
content-type: text/javascript
age: 405932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps-api-v3/api/js/32/2/util.js
142.250.74.42200 OK 52 kB URL HTTP/2 maps.googleapis.com/maps-api-v3/api/js/32/2/util.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (2193)
Hash cb4892d0e6cfcc58b8e23f88e6e07260
f4bdc3c54593506399ac2b3babadfe6ca52cba59
f7371ea1643d3e827558be9d67abb0788853db74d3154c59735daa45f6594bc8
GET /maps-api-v3/api/js/32/2/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 51988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 15:39:46 GMT
expires: Sat, 16 Sep 2023 15:39:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Feb 2018 06:05:46 GMT
content-type: text/javascript
age: 405932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.christianmingle.com%2Fen-us%2Flogin&4sAIzaSyBYsbJZsSSb0DsWbDeqqKgQ2rOnRJQKhN8&callback=_xdc_._5b0gtv&token=127391
142.250.74.42200 OK 199 B URL HTTP/2 maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.christianmingle.com%2Fen-us%2Flogin&4sAIzaSyBYsbJZsSSb0DsWbDeqqKgQ2rOnRJQKhN8&callback=_xdc_._5b0gtv&token=127391
IP 142.250.74.42:0
File type ASCII text, with no line terminators
Hash d753ddf308007bf2963889db280fca6d
b52cd7f36a769e92b893c3cfc59478ae2792bc00
97d8c57d5a2a66974ff48805365f709c2acc88b3eb5b23d7ddc91ae5efe28a85
GET /maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.christianmingle.com%2Fen-us%2Flogin&4sAIzaSyBYsbJZsSSb0DsWbDeqqKgQ2rOnRJQKhN8&callback=_xdc_._5b0gtv&token=127391 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Wed, 21 Sep 2022 08:25:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-disposition: attachment
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: mafe
content-length: 199
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bangextreme.cedges.com/update/music/christianmingle/css/ATRK_52A44AA2_min.js
172.98.65.24200 OK 20 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/ATRK_52A44AA2_min.js
IP 172.98.65.24:0
File type C source, ASCII text, with very long lines (533)
Hash 0373b7787b60a2dfe54326de8b1f4b85
87b9015d8ac4b025c15470988a63fd54aded2996
bec11db4f9e8415d4718c34d7ff9a2968f0e64a9e9e1e91279f79c9fe8135b7b
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/ATRK_52A44AA2_min.js HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:18 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 19905
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
api.segment.io/v1/p
52.24.165.135200 OK 21 B IP 52.24.165.135:0
File type JSON data\012- , ASCII text
Hash 90749a50019a27e1f32cebdbaa7a1bc1
8329e3339f928f8591024bb0f938dab99c0ad4b8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
POST /v1/p HTTP/1.1
Host: api.segment.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1299
Origin: http://www.bangextreme.cedges.com
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: http://www.bangextreme.cedges.com
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2
www.bangextreme.cedges.com/update/music/christianmingle/css/js
172.98.65.24200 OK 82 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/js
IP 172.98.65.24:0
File type ASCII text, with very long lines (4027)
Hash b34a055aea7c0e7dfeb23312a9fc0760
c3d4489c667d2fcb6e52347d951c47d50b5a902a
766af0dc386594786e3c59282bc86384db697f50a48a5c0bfd5898f20b5aa1be
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/js HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:18 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 81829
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
www.bangextreme.cedges.com/update/music/christianmingle/css/1fc2f4c7a120346c0dbfdc72c1a925b5.svg
172.98.65.24200 OK 3.6 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/1fc2f4c7a120346c0dbfdc72c1a925b5.svg
IP 172.98.65.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3605), with no line terminators
Hash 1fc2f4c7a120346c0dbfdc72c1a925b5
e593fa0daad30c0c4fda97489d1dbc548450a667
1a310e172227e76183c8859859410900f5f78dc859854c59fba1f79a76cf04e5
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/1fc2f4c7a120346c0dbfdc72c1a925b5.svg HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:18 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 3605
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
www.bangextreme.cedges.com/update/music/christianmingle/css/s.js
172.98.65.24200 OK 58 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/s.js
IP 172.98.65.24:0
File type ASCII text, with very long lines (881)
Hash 9038bfff3bfe3fc0bcefa895fea7ccb7
f8e55264a1876d8b59d25b630c646d52526faabf
242770dc1a3f6e097f9b5213c8562974501b681cf155e49b64a2f75cf8abe47d
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/s.js HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:18 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 57588
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.bangextreme.cedges.com/update/music/christianmingle/css/b1fe73573691e00e8abc9724bdf18a64.svg
172.98.65.24200 OK 5.0 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/b1fe73573691e00e8abc9724bdf18a64.svg
IP 172.98.65.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5038), with no line terminators
Hash b1fe73573691e00e8abc9724bdf18a64
96ed1473608b28543349e05d9b8d703f8e7f3ae3
75458168a5a076536706ee20473c29a07eeeb4b3793446c3595d069dadb8345d
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/b1fe73573691e00e8abc9724bdf18a64.svg HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:18 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 5038
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
www.bangextreme.cedges.com/update/music/christianmingle/css/tp.png
172.98.65.24200 OK 0 B URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/tp.png
IP 172.98.65.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /update/music/christianmingle/css/tp.png HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:18 GMT
Server: Apache
X-Powered-By: PHP/7.4.11
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.bangextreme.cedges.com/update/music/christianmingle/css/0.txt
172.98.65.24200 OK 0 B URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/0.txt
IP 172.98.65.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/0.txt HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:18 GMT
Server: Apache
X-Powered-By: PHP/7.4.11
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17295
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:25:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17295
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:25:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17295
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 08:25:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5f4438521bfdc6871ae384abcb7da547
a17fc7a7c30999b8789011c2064f5a8704b00eee
2e40ac154724af625c4858b09b90fa3f6a600b70c9e5e959598f0cdb05a78847
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32d94aa1-e164-4f98-8fe2-beb3868db074.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5402
x-amzn-requestid: 56e3a080-a8df-4385-ab3e-20e1f822083f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvaLH1-IAMFbgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c40-28f492196d5699066cb53d39;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KBsiDc6LmziklLtN8BUFv9QDsj7s9zEFhmtXtlIfBp_RKoBPpqOgfA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 18:17:10 GMT
age: 50889
etag: "a17fc7a7c30999b8789011c2064f5a8704b00eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10ad73e887b57566c4ba3ae763552a2e
63252bd8cc72452c4c6be84593d704ae9bf97d1f
7d58d096045066af053eb1a1fc3878d3e2080aa50b71aa30fa5b7929693ab004
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24bb3042-6621-4dd2-99f1-4b50cc7da808.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9399
x-amzn-requestid: 44705828-c137-4ab5-8538-5d4595a2b058
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvkJGjxoAMF6-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c80-3cb542a303a59002480c82b2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:08:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PIZx2S4HyPokzOhbut6yFxH_-32I3SvT1jbeo2rSxQtkgYZGcqjBJA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 37762
etag: "63252bd8cc72452c4c6be84593d704ae9bf97d1f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7b780d39877eea116277625aaa01f1b
d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db
ca9d59056e0a3f512d36db11f4a4bd3109c2ce1e13b29b5f40dce84df079e71f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf057f43-44fd-440b-bd96-67b16eb4eb13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12654
x-amzn-requestid: efc99152-2b51-462d-b48b-67ba8263b1cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJOGVYoAMFcvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-00eeb6913e06ac151f293263;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wK03Lqow6u4lrQ3QI21klXXHGZqbKYathhCO87k0rZWBbF8o5YYjXw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 07:05:16 GMT
age: 4803
etag: "d8ac8a7e19b06e38070a0319cde24b5bf0eaa7db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hI3FlJJRAUfr0EAcSvvuJajmyQDwBpTxuQIhYfA0Mtp9JyQgKnoDvA==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:43:18 GMT
age: 38521
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7FaZfI_iYUANPdxGBld5NfneWwKJeX2nYA_gmvF9NjML5YOVhZIIoA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 14:38:21 GMT
age: 64018
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eff7103898a5102e685ce6741cdf19f8
3371965b4417ee0b74a3a5094adfc1632d4849b1
c326683c06d56a02d8c1a36dd34c1eff1b9d242b8b5280a1824b0602ccd28020
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F689f6ab4-a759-42b3-82a8-f66964d5ece4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9574
x-amzn-requestid: 3dfa0e8c-77e6-4fc5-9f64-00ac854abbfa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mEj2IAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-745819ba4b5c16ee6e649ad7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _3w3cbABzhrIn3y9Spo6-NCZDzf4gHAfU30Zpvk3WTp8_kgWT7NAMw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:41:04 GMT
age: 38655
etag: "3371965b4417ee0b74a3a5094adfc1632d4849b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
js.acq.io/ATRK_52A44AA2_min.js
143.204.55.37200 OK 6.6 kB URL HTTP/1.1 js.acq.io/ATRK_52A44AA2_min.js
IP 143.204.55.37:0
File type C source, ASCII text, with very long lines (575)
Hash 9ac9eb491fb2a77173c82770571505c6
2a10a0027f79d11c3246a0e85651cea4abc038a3
7c57668f4de65bd82a138b4d59ed1b685cc5fde0eae241f1fb6ab5d63ac7057f
GET /ATRK_52A44AA2_min.js HTTP/1.1
Host: js.acq.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Feb 2021 18:47:48 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 20 Sep 2022 09:45:21 GMT
ETag: W/"33b83171c1044dc6bdc7ae7a647443a1"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6KabCJ0xRE73RtFq19A3hncAIBpSIQpG8M4POR8HM-zNuhU6dSCb-w==
Age: 81599
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
104.18.10.207200 OK 57 kB URL HTTP/1.1 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
GET /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bangextreme.cedges.com
Connection: keep-alive
Referer: http://maxcdn.bootstrapcdn.com/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:19 GMT
Content-Type: font/woff2
Content-Length: 56780
Connection: keep-alive
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
ETag: "97493d3f11c0a3bd5cbd959f5d19b699"
Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT
CDN-CachedAt: 08/18/2022 19:50:49
CDN-ProxyVer: 1.02
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
CDN-EdgeStorageId: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-Status: 200
CDN-RequestId: 572b8516f250b746d240a5b31a57cb07
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 353298
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e168d9d8b2b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14d31c538ef2caf4422a82eae13752fb
64a60fba95891f5dcc3d098c78ca3705d679c073
9bf27ebead2d15f04d2874793cb043a7d650b50902092fe6ae3a5a9891c5cabe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6251
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:19 GMT
Last-Modified: Wed, 21 Sep 2022 06:41:08 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/0.js?q=10f3b5bd746e6b0a3e89
104.18.41.117404 Not Found 69 kB URL HTTP/2 www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/0.js?q=10f3b5bd746e6b0a3e89
IP 104.18.41.117:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379), with CRLF, LF line terminators
Hash 34079abedb1771b43e9715df8b14c464
2d6ad9b9192093265b6afceae38ec08fe1963165
a120a2ed4527aacaed3e555e46f374ed77ab1354d8979f89ba30b0bcb97705e3
GET /245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/0.js?q=10f3b5bd746e6b0a3e89 HTTP/1.1
Host: www.christianmingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: text/html
strict-transport-security: max-age=63072000; includeSubdomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=zCtXbRH77A1FzhS1x4zq_aHHzybqLU7qUs8kkWIXWyo-1663748718-0-AWD4Ydf+NKgEZVb/+WLxGfC0wuImH7eadwTHfcL+mhEytIIT31L9TWk13Vko964Zp7gGrdoh+VEC+o1JCxZwWek=; path=/; expires=Wed, 21-Sep-22 08:55:18 GMT; domain=.christianmingle.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e168cfc95eb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.bangextreme.cedges.com/update/music/christianmingle/css/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
172.98.65.24200 OK 1.8 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html
IP 172.98.65.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (517), with CRLF line terminators
Hash 9f371c2150a8decf9afafd1307790421
abcf3d1c8c901229fb3897f8b4f07e0caf33c380
747c93671bc7eaef5c90e54f2827c965a41d601640afed9666615a543d325553
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/rcj-99d43ead6bdf30da8ed5ffcb4f17100c.html HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:19 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 1795
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/html
staticxx.facebook.com/connect/xd_arbiter/r/Nh1oH0K63yz.js?version=42
157.240.200.14302 Found 0 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/Nh1oH0K63yz.js?version=42
IP 157.240.200.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/Nh1oH0K63yz.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.facebook.com/connect/xd_arbiter/r/Nh1oH0K63yz.js?version=42
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: LCREqX+cWp3cWUqGPMNDvaBR1Y+upBuyWUqH6+5qKg7wUxib3n6IOQHgdY1ixay6gdkmdTSwkfwVkygX5St+QA==
content-length: 0
priority: u=3,i
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 08:25:19 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bangextreme.cedges.com/update/music/christianmingle/css/tp.png
172.98.65.24200 OK 0 B URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/tp.png
IP 172.98.65.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /update/music/christianmingle/css/tp.png HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:19 GMT
Server: Apache
X-Powered-By: PHP/7.4.11
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7cf468e9a34433f5d9b6b9277b10298
2d51ddf35e331e621d1d7dba2a89377e96768f46
5a3ba2b7208b0db27010ba62b859bf7a449a50304055e5b5aaf328797b49e722
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2219
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:19 GMT
Last-Modified: Wed, 21 Sep 2022 07:48:20 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 14d31c538ef2caf4422a82eae13752fb
64a60fba95891f5dcc3d098c78ca3705d679c073
9bf27ebead2d15f04d2874793cb043a7d650b50902092fe6ae3a5a9891c5cabe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5828
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:19 GMT
Last-Modified: Wed, 21 Sep 2022 06:48:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.facebook.com/connect/xd_arbiter/r/Nh1oH0K63yz.js?version=42
157.240.200.35404 Not Found 72 B URL HTTP/2 www.facebook.com/connect/xd_arbiter/r/Nh1oH0K63yz.js?version=42
IP 157.240.200.35:0
File type HTML document, ASCII text, with no line terminators
Hash 2556c01148fc3cf811a190ae37345224
644567805749ab3ec4df4a00c82b0a4f8566f25d
f65e4cc023578b2bb3522d09231cd56eb84d209b18d501eeebf8a0b098f7635e
GET /connect/xd_arbiter/r/Nh1oH0K63yz.js?version=42 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bangextreme.cedges.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: dXrosOo36jGrEOw4NZ7bpO+NZ3wTyWMe8cmG9EdqVE+NIeSJrdQOMkkS4YBm3vWNgshA6BpGh4n/vn5fILhhLg==
content-length: 72
date: Wed, 21 Sep 2022 08:25:19 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.bangextreme.cedges.com/update/music/christianmingle/css/0.txt
172.98.65.24200 OK 0 B URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/css/0.txt
IP 172.98.65.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /update/music/christianmingle/css/0.txt HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D; ATRK_a=d08a80ebc9494b58a29da342d7d1e46b.1; ATRK_y=1; ATRK_t=1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:19 GMT
Server: Apache
X-Powered-By: PHP/7.4.11
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/1.1 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
Pragma: public
Cache-Control: public, max-age=1200
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
X-FB-Debug: bCYhPlv+nnKBwCWM986ZM3pepG2ozeifi+4n/GexAB/JjioKTKyMx7HpO9pdcXADm24wM824Oy7Gbz4MMyFVhA==
Priority: u=3,i
X-FB-TRIP-ID: 1679558926
Date: Wed, 21 Sep 2022 08:25:20 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 26839
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f7cf468e9a34433f5d9b6b9277b10298
2d51ddf35e331e621d1d7dba2a89377e96768f46
5a3ba2b7208b0db27010ba62b859bf7a449a50304055e5b5aaf328797b49e722
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2220
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:20 GMT
Last-Modified: Wed, 21 Sep 2022 07:48:20 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=223beb9f88693685eb314de084909eed
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=223beb9f88693685eb314de084909eed
IP 157.240.200.14:0
File type ASCII text, with very long lines (17845)
Hash bbcb042c3a0c0a7cc130352943f27f62
c62a100d5e357820c5ff5caaa46ad2d68f150c9a
b9e492bb84a1fd83b00ea3ddfd207f80efd774608cc728bdf6d0fceda754ef36
GET /en_US/sdk.js?hash=223beb9f88693685eb314de084909eed HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.bangextreme.cedges.com
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 2526ff5fd5da01d2aaa9957b376c63a4
etag: "d96082c7da4fd60528b7a15493cc0615"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 21 Sep 2023 06:32:37 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: u8sELDoMCnzBMDUpQ/J/Yg==
x-fb-debug: woxzYWuB8rjzuWDpFU6UXsA3oMAs1EM6Hiu+g+JX0COhTshYV7lJUv+VvcH88+8cKSQ/LVP+kgq1eArvKWuV5A==
priority: u=3,i
content-length: 88772
x-fb-trip-id: 1679558926
date: Wed, 21 Sep 2022 08:25:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.hotjar.com/modules-fa7b914657f32d32df01f26b19e8f066.js
143.204.55.46403 Forbidden 243 B URL HTTP/2 script.hotjar.com/modules-fa7b914657f32d32df01f26b19e8f066.js
IP 143.204.55.46:0
Hash a614783839ce128168ac510098676661
1dea96045a74d606f67d975b1e2174700af28f6e
b96569977fb0fc5d5c148155a05fc2993800b098eb15fbffadf09544b7651dc7
GET /modules-fa7b914657f32d32df01f26b19e8f066.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
content-length: 243
date: Wed, 21 Sep 2022 08:25:20 GMT
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IpxOSDNo6Rmg-aC1Z_O4eKwGBqVrLC08at_j4ygP7zxcefxQvasdPQ==
X-Firefox-Spdy: h2
www.bangextreme.cedges.com/update/music/christianmingle/images/73d62878f28d372f1361d5c93770683d.png
172.98.65.24200 OK 2.4 kB URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/images/73d62878f28d372f1361d5c93770683d.png
IP 172.98.65.24:0
File type PNG image data, 180 x 180, 8-bit colormap, non-interlaced\012- data
Hash 73d62878f28d372f1361d5c93770683d
91febc5c28d7d7f975d1f933727ab30b19e0842e
1e503d1de5566b7048b83491f5a7d3b9133122114009bb6c98fb07fc4ebdabb3
GET /update/music/christianmingle/images/73d62878f28d372f1361d5c93770683d.png HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D; ATRK_a=d08a80ebc9494b58a29da342d7d1e46b.1; ATRK_y=1; ATRK_t=1; __ssid=1f3b03cd-9f85-46b9-958b-b9839915b049
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:20 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 2386
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/png
bat.bing.com/action/0?ti=5525601&Ver=2&mid=0a548381-d0f5-456d-8918-bb279a88a273&sid=ee1d1750398611ed8baaab0d67e84c35&vid=ee1d36c0398611edab90d76a680c32b7&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Christian%20Mingle%20-%20Login&kw=Christian%20web%20site,%20ChristianMingle.com,%20Relationships,%20Online%20Personals,%20Christian%20dating,%20Christian%20singles,%20Christian%20personals,%20Christian%20chat,%20Christian%20matchmaking,%20Christian%20services,%20Christian,%20Christian%20singles%20site,%20free%20Christian%20dating,%20Christian%20dating%20service,%20Christian%20singles%20dating,%20Christian%20dating%20websites,%20online%20dating&p=http%3A%2F%2Fwww.bangextreme.cedges.com%2Fupdate%2Fmusic%2Fchristianmingle%2Flogin.php%3Fsessionid%3D4f11d834159d7cdec8d9c7d1da097b2b%26securessl%3Dtrue&r=<=2861&evt=pageLoad&sv=1&rn=518745
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5525601&Ver=2&mid=0a548381-d0f5-456d-8918-bb279a88a273&sid=ee1d1750398611ed8baaab0d67e84c35&vid=ee1d36c0398611edab90d76a680c32b7&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Christian%20Mingle%20-%20Login&kw=Christian%20web%20site,%20ChristianMingle.com,%20Relationships,%20Online%20Personals,%20Christian%20dating,%20Christian%20singles,%20Christian%20personals,%20Christian%20chat,%20Christian%20matchmaking,%20Christian%20services,%20Christian,%20Christian%20singles%20site,%20free%20Christian%20dating,%20Christian%20dating%20service,%20Christian%20singles%20dating,%20Christian%20dating%20websites,%20online%20dating&p=http%3A%2F%2Fwww.bangextreme.cedges.com%2Fupdate%2Fmusic%2Fchristianmingle%2Flogin.php%3Fsessionid%3D4f11d834159d7cdec8d9c7d1da097b2b%26securessl%3Dtrue&r=<=2861&evt=pageLoad&sv=1&rn=518745
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5525601&Ver=2&mid=0a548381-d0f5-456d-8918-bb279a88a273&sid=ee1d1750398611ed8baaab0d67e84c35&vid=ee1d36c0398611edab90d76a680c32b7&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Christian%20Mingle%20-%20Login&kw=Christian%20web%20site,%20ChristianMingle.com,%20Relationships,%20Online%20Personals,%20Christian%20dating,%20Christian%20singles,%20Christian%20personals,%20Christian%20chat,%20Christian%20matchmaking,%20Christian%20services,%20Christian,%20Christian%20singles%20site,%20free%20Christian%20dating,%20Christian%20dating%20service,%20Christian%20singles%20dating,%20Christian%20dating%20websites,%20online%20dating&p=http%3A%2F%2Fwww.bangextreme.cedges.com%2Fupdate%2Fmusic%2Fchristianmingle%2Flogin.php%3Fsessionid%3D4f11d834159d7cdec8d9c7d1da097b2b%26securessl%3Dtrue&r=<=2861&evt=pageLoad&sv=1&rn=518745 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=32E180D75318681D130F92F152ED6985; domain=.bing.com; expires=Mon, 16-Oct-2023 08:25:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 18EDE7E940474D2FBB433BF027A31C3D Ref B: OSL30EDGE0207 Ref C: 2022-09-21T08:25:20Z
date: Wed, 21 Sep 2022 08:25:19 GMT
X-Firefox-Spdy: h2
www.bangextreme.cedges.com/update/music/christianmingle/images/e4ca02d71aa91b2435ac24e2df787e39.png
172.98.65.24200 OK 457 B URL HTTP/1.1 www.bangextreme.cedges.com/update/music/christianmingle/images/e4ca02d71aa91b2435ac24e2df787e39.png
IP 172.98.65.24:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash c2ab4218f7d4cf593f4d6620f780f7f8
8050352dea4a1bc1021cc839fdfde2a80a1bd93b
a31af8633a6dc1857d3a5e9c231c03a49f80306580c3773ac4cddfe441c9bd8d
GET /update/music/christianmingle/images/e4ca02d71aa91b2435ac24e2df787e39.png HTTP/1.1
Host: www.bangextreme.cedges.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/update/music/christianmingle/login.php?sessionid=4f11d834159d7cdec8d9c7d1da097b2b&securessl=true
Cookie: ajs_anonymous_id=%223dff77a2-3209-47a0-a9ab-d152efda5f48%22; ab.storage.sessionId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%2235e0ce1d-d950-1287-a7f4-80f80e01e380%22%2C%22e%22%3A1663750517878%2C%22c%22%3A1663748717878%2C%22l%22%3A1663748717878%7D; ab.storage.deviceId.b91460fe-e465-4c32-a0a7-356aaf18afdd=%7B%22g%22%3A%22e648eb51-19b4-e7d7-3cfd-ae8c30212c4a%22%2C%22c%22%3A1663748717879%2C%22l%22%3A1663748717879%7D; ATRK_a=d08a80ebc9494b58a29da342d7d1e46b.1; ATRK_y=1; ATRK_t=1; __ssid=1f3b03cd-9f85-46b9-958b-b9839915b049
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 08:25:20 GMT
Server: Apache
Last-Modified: Thu, 08 Jul 2021 16:16:57 GMT
Accept-Ranges: bytes
Content-Length: 457
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/png
bat.bing.com/p/action/5525601.js
13.107.21.200200 OK 666 B URL HTTP/2 bat.bing.com/p/action/5525601.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 6035d901b1e248c3f3ffca691342d795
eec8681b6b015af22ee45ad909775ddf8c734d51
785e8939d96003b3775eac0e3d1cba195a96097027d5cdb69dffa3324f597881
GET /p/action/5525601.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private,max-age=60
content-length: 666
content-type: application/javascript; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
set-cookie: MUID=07F68286C4E4636A396F90A0C51162EA; domain=.bing.com; expires=Mon, 16-Oct-2023 08:25:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FD12E9E415C414098B77D691A56B944 Ref B: OSL30EDGE0207 Ref C: 2022-09-21T08:25:20Z
date: Wed, 21 Sep 2022 08:25:19 GMT
X-Firefox-Spdy: h2
www.clarity.ms/tag/uet/5525601
13.107.213.53200 OK 1.6 kB URL HTTP/2 www.clarity.ms/tag/uet/5525601
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1636), with no line terminators
Hash 45966999fdead459a0afda8a1da7f95d
22521b6fe3c08b6d2b66d8173483af374e0a46c0
b3b762416235dd142595d5d2379ebee16c5e072c29b5ac935e8903c3ce24a225
GET /tag/uet/5525601 HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-length: 1636
content-type: application/x-javascript
expires: -1
set-cookie: CLID=dddd8d001eea4187b4061908606a7edc.20220921.20230921; expires=Thu, 21 Sep 2023 08:25:20 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0cMoqYwAAAACCEuBnOb/ATIlp7i8Ti+9rTE9OMjFFREdFMTcwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 21 Sep 2022 08:25:20 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
csi.gstatic.com/csi?v=2&s=mapsapi3&v3v=32.2&action=apiboot2&libraries=places&e=10_1_0,10_2_0&rt=main.3
142.250.196.131204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=mapsapi3&v3v=32.2&action=apiboot2&libraries=places&e=10_1_0,10_2_0&rt=main.3
IP 142.250.196.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csi?v=2&s=mapsapi3&v3v=32.2&action=apiboot2&libraries=places&e=10_1_0,10_2_0&rt=main.3 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
date: Wed, 21 Sep 2022 08:25:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.clarity.ms/eus2/s/0.6.40/clarity.js
13.107.213.53200 OK 23 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.40/clarity.js
IP 13.107.213.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54745)
Hash 6a87d835543a151541da0ae963173dd7
80bac2abc74d2fa93a63ff82514fd64ee8caf9a0
c806647a143cb92f41ed1e60c6be245cd4e78b447c90adbed881ca54ecfa7337
GET /eus2/s/0.6.40/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8c7baa5622330"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0cMoqYwAAAACAgbnAQWwvRpFmC+M305J1TE9OMjFFREdFMTcwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Wed, 21 Sep 2022 08:25:20 GMT
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=055514C1195A64951A7D06E718AF6584; domain=.bing.com; expires=Mon, 16-Oct-2023 08:25:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F82857ED4501453FA197071E9DECFBE0 Ref B: OSL30EDGE0207 Ref C: 2022-09-21T08:25:20Z
date: Wed, 21 Sep 2022 08:25:24 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b7744328d1f3fc260f0c33a6dff64a2a
e4f2228f9285c20fd1398452720dd374facced64
2a6e4bcb643c01d7c46d981dc7fcb55c12809afbd06731f8e9cbc1758db21d5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5046
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:24 GMT
Last-Modified: Wed, 21 Sep 2022 07:01:18 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
cdn.siftscience.com/s.js
34.96.67.224200 OK 20 kB IP 34.96.67.224:0
File type ASCII text, with very long lines (881)
Hash 07cb8203158abb26b3c18318350e7b36
e6358e099b70081c2cbc9ded90be18da28386e90
cecc3d075f40d84bbb5f93d506117d31ae9f9dbaacda83a7078e2c7bc61283fb
GET /s.js HTTP/1.1
Host: cdn.siftscience.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduDDWvjxfMF5E022M_3VPw-JHLv4IPudqYUYWDf-nwBL0hr7bKmBZZnMFBjLeDpx5izCaubuw_TSqNrkUYQW9K6kVW562ZU
x-goog-generation: 1586469553682331
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 20452
content-encoding: gzip
x-goog-hash: crc32c=fIrBTA==, md5=B8uCAxWKuyazwYMYNQ57Ng==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 20452
server: UploadServer
date: Tue, 20 Sep 2022 15:29:08 GMT
expires: Wed, 21 Sep 2022 15:29:08 GMT
cache-control: public, max-age=86400
age: 60976
last-modified: Thu, 09 Apr 2020 21:59:13 GMT
etag: "07cb8203158abb26b3c18318350e7b36"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b7744328d1f3fc260f0c33a6dff64a2a
e4f2228f9285c20fd1398452720dd374facced64
2a6e4bcb643c01d7c46d981dc7fcb55c12809afbd06731f8e9cbc1758db21d5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 08:25:24 GMT
Last-Modified: Wed, 21 Sep 2022 07:48:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&RedC=c.clarity.ms&MXFR=33A443C930066587358A51EF34066B04
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=33A443C930066587358A51EF34066B04; domain=.clarity.ms; expires=Mon, 16-Oct-2023 08:25:25 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Wed, 21 Sep 2022 08:25:25 GMT
content-length: 0
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&RedC=c.clarity.ms&MXFR=33A443C930066587358A51EF34066B04
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&RedC=c.clarity.ms&MXFR=33A443C930066587358A51EF34066B04
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&RedC=c.clarity.ms&MXFR=33A443C930066587358A51EF34066B04 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bangextreme.cedges.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&MUID=0A0305E924D66AC515D917CF25236B89
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=0A0305E924D66AC515D917CF25236B89; domain=c.bing.com; expires=Mon, 16-Oct-2023 08:25:25 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC7C63B7F42B49BCA45B0B0C89B4469E Ref B: OSL30EDGE0207 Ref C: 2022-09-21T08:25:25Z
date: Wed, 21 Sep 2022 08:25:24 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&MUID=0A0305E924D66AC515D917CF25236B89
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&MUID=0A0305E924D66AC515D917CF25236B89
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=BEDC7A6BB01F44E4B680D9850A22E21B&MUID=0A0305E924D66AC515D917CF25236B89 HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.bangextreme.cedges.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Wed, 21-Sep-2022 08:35:25 GMT; path=/; SameSite=None; Secure;
date: Wed, 21 Sep 2022 08:25:25 GMT
content-length: 42
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 11292
Origin: http://www.bangextreme.cedges.com
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: http://www.bangextreme.cedges.com
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Wed, 21 Sep 2022 08:25:24 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4df06b3e4176e8f080c997bfae578142
0850ed5db509f8a75439eca5866c2bb6ca3195d3
43e8bfd931d778ac5ebf2d4a8c9915cb05394b6499f9a8575cfc8ce93edd7d92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c472fe6-fe9b-4742-98f4-b71f53839315.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4789
x-amzn-requestid: fd67c05a-0e9f-4b9d-9c26-512548f75b99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvYxG8TIAMFfbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c37-687c7aef7c45adce6f7ac52d;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tLkR_htJKic-P8EhJeRkLB5uZmGsjj9OV-qKakop9O8ySOMognSgjw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:08:20 GMT
age: 37026
etag: "0850ed5db509f8a75439eca5866c2bb6ca3195d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hexagon-analytics.com/images/523154.gif?bk=1f4e7326ba&tm=111&r=485102223&v=103&cs=UTF-8&h=www.bangextreme.cedges.com&l=en-US&S=62a8432e0674b97ccf30d343641f26ab&uu=1f3b03cd-9f85-46b9-958b-b9839915b049&t=Christian%20Mingle%20-%20Login&u=http%3A%2F%2Fwww.bangextreme.cedges.com%2Fupdate%2Fmusic%2Fchristianmingle%2Flogin.php%3Fsessionid%3D4f11d834159d7cdec8d9c7d1da097b2b%26securessl%3Dtrue&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1024&sw=1280&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&dt=unspecified&tp=0&ol=true&pr=Gecko&ps=20100101&vd=&vs=&hc=16&je=false&z=z
34.102.232.42200 OK 0 B URL HTTP/2 hexagon-analytics.com/images/523154.gif?bk=1f4e7326ba&tm=111&r=485102223&v=103&cs=UTF-8&h=www.bangextreme.cedges.com&l=en-US&S=62a8432e0674b97ccf30d343641f26ab&uu=1f3b03cd-9f85-46b9-958b-b9839915b049&t=Christian%20Mingle%20-%20Login&u=http%3A%2F%2Fwww.bangextreme.cedges.com%2Fupdate%2Fmusic%2Fchristianmingle%2Flogin.php%3Fsessionid%3D4f11d834159d7cdec8d9c7d1da097b2b%26securessl%3Dtrue&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1024&sw=1280&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&dt=unspecified&tp=0&ol=true&pr=Gecko&ps=20100101&vd=&vs=&hc=16&je=false&z=z
IP 34.102.232.42:0
GET /images/523154.gif?bk=1f4e7326ba&tm=111&r=485102223&v=103&cs=UTF-8&h=www.bangextreme.cedges.com&l=en-US&S=62a8432e0674b97ccf30d343641f26ab&uu=1f3b03cd-9f85-46b9-958b-b9839915b049&t=Christian%20Mingle%20-%20Login&u=http%3A%2F%2Fwww.bangextreme.cedges.com%2Fupdate%2Fmusic%2Fchristianmingle%2Flogin.php%3Fsessionid%3D4f11d834159d7cdec8d9c7d1da097b2b%26securessl%3Dtrue&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&nm=0&mh=d41d8cd98f00b204e9800998ecf8427e&np=0&ph=d41d8cd98f00b204e9800998ecf8427e&sh=1024&sw=1280&cd=24&p=Linux%20x86_64&to=0&d=0&ce=true&dt=unspecified&tp=0&ol=true&pr=Gecko&ps=20100101&vd=&vs=&hc=16&je=false&z=z HTTP/1.1
Host: hexagon-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 08:25:19 GMT
content-type: image/gif
x-content-type-options: nosniff
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.appboycdn.com/web-sdk/1.6/appboy.min.css
104.17.218.31200 OK 0 B URL HTTP/2 js.appboycdn.com/web-sdk/1.6/appboy.min.css
IP 104.17.218.31:0
GET /web-sdk/1.6/appboy.min.css HTTP/1.1
Host: js.appboycdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 08:25:17 GMT
content-type: text/css; charset=utf-8
x-amz-id-2: huDB3PumhyF6WrF6APQUv+8CD8wIbVcPv5aL7uohp3adWf2h9c1YeKxEl7ZrrKdJivchdPfudxs=
x-amz-request-id: KAMFRPEM2QQ08FFS
last-modified: Fri, 06 Oct 2017 18:19:54 GMT
etag: W/"3f4d7e756ec9b4609665da772b9cef98"
cf-cache-status: HIT
age: 4832
expires: Wed, 21 Sep 2022 12:25:17 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 74e168cd6c8d0b06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/8.js?q=f027f4184d708639eaba
104.18.41.117404 Not Found 0 B URL HTTP/2 www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/8.js?q=f027f4184d708639eaba
IP 104.18.41.117:0
GET /245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/8.js?q=f027f4184d708639eaba HTTP/1.1
Host: www.christianmingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: text/html
strict-transport-security: max-age=63072000; includeSubdomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=vH1FqB9eqQKEFWMegTUO0LNOazpnYghIcqbKi7BYRi8-1663748718-0-Ac8VBse4DGKfa7MRvEReuydw/16LxIm2ePal1NC7rv8tTE7wDLkfAQ6VF4xVlkwDchMZrgl5wV3wvrYJoaJxJdY=; path=/; expires=Wed, 21-Sep-22 08:55:18 GMT; domain=.christianmingle.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e168cfb926b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-692969.js?sv=6
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-692969.js?sv=6
IP 143.204.55.54:0
GET /c/hotjar-692969.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 08:25:20 GMT
cache-control: max-age=60
etag: W/dc5e11cd9f6e53af3f2071260959a778
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oeTAhp0P0XVSI6GL3LBxcQR8nXMR3WRt8DJ-BI6Yymus1aSEHbv1jQ==
X-Firefox-Spdy: h2
cdn.segment.com/analytics.js/v1/yV4n34bkWQEPkTbR2EiMU3UtqH1FxfK8/analytics.min.js
143.204.48.96200 OK 0 B URL HTTP/2 cdn.segment.com/analytics.js/v1/yV4n34bkWQEPkTbR2EiMU3UtqH1FxfK8/analytics.min.js
IP 143.204.48.96:0
GET /analytics.js/v1/yV4n34bkWQEPkTbR2EiMU3UtqH1FxfK8/analytics.min.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 16 Jun 2022 18:04:02 GMT
x-amz-version-id: YnCyzjpCjV986.xpNLpvtAI2y.y0XmP_
server: AmazonS3
content-encoding: br
date: Wed, 21 Sep 2022 08:25:17 GMT
cache-control: public, max-age=120
etag: W/"08521cc76b5cdf06eab95b9fc031b95b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pfe7kVS9D2jhL2SWy3fA_Aztq8YrzLZHK6MpGWZCbqZ1a8JqUSo98A==
age: 111
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.85.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.85.208:0
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-requested-with
Referer: http://www.bangextreme.cedges.com/
Origin: http://www.bangextreme.cedges.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Wed, 21 Sep 2022 08:25:18 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663748718.035651,VS0,VE93
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/1.js?q=f74697b8b880f9be665d
104.18.41.117404 Not Found 0 B URL HTTP/2 www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/1.js?q=f74697b8b880f9be665d
IP 104.18.41.117:0
GET /245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/1.js?q=f74697b8b880f9be665d HTTP/1.1
Host: www.christianmingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Cookie: __cf_bm=cjs1FjX8RMr.QTJy4bHngow9HSuUshxDdN_XJQtDHxg-1663748718-0-ASJDjv8bYgWyaWBuHoZR/qHYI8lzv5fTPcW4z4xmM4xdkEM3qOtkcaC/c/3qiMlM+A4Y2zH9kALCO0sdKk9rbqo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: text/html
strict-transport-security: max-age=63072000; includeSubdomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74e168d43f04b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/2.js?q=bec5c429736cef0240c3
104.18.41.117404 Not Found 0 B URL HTTP/2 www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/2.js?q=bec5c429736cef0240c3
IP 104.18.41.117:0
GET /245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/2.js?q=bec5c429736cef0240c3 HTTP/1.1
Host: www.christianmingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: text/html
strict-transport-security: max-age=63072000; includeSubdomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=VQY4tB03UzW_T2zFolVrJd1hvM9UdIyvusMZ6oamViA-1663748718-0-Abpq6nZqzNkPmYXH4i0HiYMYGX8hQ1rlRIbY15FYBTiwfW3UItlOcRN5TzZcW3yf/Sg4rtSVwdpPcwICYr/4zXo=; path=/; expires=Wed, 21-Sep-22 08:55:18 GMT; domain=.christianmingle.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e168cfb91eb518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/7.js?q=f6e07bb13767015e8f0d
104.18.41.117404 Not Found 0 B URL HTTP/2 www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/7.js?q=f6e07bb13767015e8f0d
IP 104.18.41.117:0
GET /245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/7.js?q=f6e07bb13767015e8f0d HTTP/1.1
Host: www.christianmingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: text/html
strict-transport-security: max-age=63072000; includeSubdomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=cjs1FjX8RMr.QTJy4bHngow9HSuUshxDdN_XJQtDHxg-1663748718-0-ASJDjv8bYgWyaWBuHoZR/qHYI8lzv5fTPcW4z4xmM4xdkEM3qOtkcaC/c/3qiMlM+A4Y2zH9kALCO0sdKk9rbqo=; path=/; expires=Wed, 21-Sep-22 08:55:18 GMT; domain=.christianmingle.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e168cfc958b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/44.js?q=a7e1f0a02a1247049282
104.18.41.117404 Not Found 0 B URL HTTP/2 www.christianmingle.com/245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/44.js?q=a7e1f0a02a1247049282
IP 104.18.41.117:0
GET /245-7831fe4b41cb7ab6af128acfa64557d17688994f/js/44.js?q=a7e1f0a02a1247049282 HTTP/1.1
Host: www.christianmingle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Wed, 21 Sep 2022 08:25:18 GMT
content-type: text/html
strict-transport-security: max-age=63072000; includeSubdomains
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=rltpWv80Tpj05Mem27WAJ.C_sZwY3Lnyl5lVuXZajHs-1663748718-0-AYjWoWVaYA7gOIKUfyvyGdPWi7AoGlcgS61z4yGLDjUApafGE+wjEonRIUUZ7Ni3WGQNimjkrF1byzySrKMB3IM=; path=/; expires=Wed, 21-Sep-22 08:55:18 GMT; domain=.christianmingle.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74e168d14b73b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-692969.js?sv=5
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-692969.js?sv=5
IP 143.204.55.54:0
GET /c/hotjar-692969.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bangextreme.cedges.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 21 Sep 2022 08:25:20 GMT
cache-control: max-age=60
etag: W/dc5e11cd9f6e53af3f2071260959a778
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Fe6acoGHL4IVxhB48uXEgHrHR8XdSwnlHqV3aZ4g8JxRUFvS_uTLLQ==
X-Firefox-Spdy: h2