firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 04:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wcm3UXy6kQCLeNyPW_4cVQZHuD-ig_e47qHX08UDrCrEKO85_hFMWw==
Age: 1680
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10654
Expires: Wed, 21 Sep 2022 07:39:06 GMT
Date: Wed, 21 Sep 2022 04:41:32 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0IaMP2qLL0pc24-brk9YARQksbUhb8FUi2xNqoHyAIABsKV69VN6UQ==
age: 379
X-Firefox-Spdy: h2
single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
3.127.62.74200 OK 2.3 kB URL HTTP/1.1 single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
IP 3.127.62.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6295)
Hash d24547d8e08a90dc6905ec37eb7dd38d
3b53886322525853060e7b79a8ae3c352601acb4
a79abf5170724bf8a00dc05c4f27387c3cb9e2872d78529e085a8ff2b5fd3b41
GET /jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA== HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 04:41:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
single-hearts.com/bridge/intg.js?v=8
3.127.62.74200 OK 310 B URL HTTP/1.1 single-hearts.com/bridge/intg.js?v=8
IP 3.127.62.74:0
File type ASCII text, with very long lines (309)
Hash f70bccf9386b17fb671847cbe714d782
3426391ed54b60800545185732ed55c893cabbba
1f701e379e358c319c9219cb01af8f462c6948f9b5f525bddeca552d6bf0877b
GET /bridge/intg.js?v=8 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:32 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 310
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"136-1835aef3e20"
Vary: Accept-Encoding
cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
54.230.111.43200 OK 3.8 kB URL HTTP/1.1 cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
IP 54.230.111.43:0
File type ASCII text, with very long lines (1866)
Hash 9127d71e35310730851099b2490f5ea4
8bd6182ecd3134b9adc292aade3415506f90cda9
43e51c6ac7a00a0ea7bf7a80683ab2724b0cfb89ac43ed6cf7f92c3666de7f54
GET /js/webPushMotivationPopupSmall.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Wed, 31 Oct 2018 08:29:51 GMT
Content-Encoding: gzip
ETag: W/"22c1-579821b2406fb"
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _a0iTgphgUraCCI0H1wNN-JFdWRa5azzpwz1ZYvQGts_yXUJd9OMRQ==
cdn3reference.com/js/dc_img.js?v=8
54.230.111.43200 OK 324 B URL HTTP/1.1 cdn3reference.com/js/dc_img.js?v=8
IP 54.230.111.43:0
File type ASCII text, with very long lines (350)
Hash e4ce4a12b20f6729b1dff496aa37772b
f99b82ce285c754486f676c6bb90c14752b6df3e
d27b3460b2ea7fd76a7178d2d8582a011390500cbe1e726de31894df61692dc4
GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 29 Oct 2020 09:22:15 GMT
Content-Encoding: gzip
ETag: W/"1e8-5b2cbd0d9620d"
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _fZJYjCGb26oLR9OzBmgJQOy232UQ9myLFCgSCQCglugI_BuxrxmZQ==
cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
54.230.111.43200 OK 1.3 kB URL HTTP/1.1 cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
IP 54.230.111.43:0
Hash 6c4d15e4271e5d44cafad1c3e22d54ef
dc4d4cf3b17dc7ae77df81cef63a11db364dbfdf
d10197ca0011136bcced6466c4cc4e6a331f57ef120e283eaf02594b2475b28f
GET /css/webPushMotivationPopupSmall.css?v=2 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Wed, 31 Oct 2018 08:31:29 GMT
ETag: W/"1340-5798220f78880"
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fWc3iDHyEasKJ2ZYyv7I0FpXYD_mzaqqk7Jdsd7VbsjFX7w2TDGPqA==
cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
54.230.111.43200 OK 1.3 kB URL HTTP/1.1 cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
IP 54.230.111.43:0
File type ASCII text, with very long lines (3597), with no line terminators
Hash b563d19503ce67ae7e0b2af3a765f49b
825613ced484ffbbce246a654775bdad42a8934b
f9bea3f8ebd1f794edbe51d10a385439e7c70b7b93d7a3c497770cda4a493c42
GET /landings/25541/css/35861ed72021c0d5075bbdedee300211.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Tue, 11 May 2021 12:37:58 GMT
Content-Encoding: gzip
ETag: W/"e0d-5c20d29f77580"
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E1z81mKEVghZzWlc0jYzug8VYrmK9a3MOnSOAVJacG6YwUPm9bbxaQ==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 04:03:22 GMT
Expires: Wed, 21 Sep 2022 04:37:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zBidh3poOEWHbUOpsR4H7wQM_cdZsS-E5LX0935PTky0Da1wiWiXJg==
Age: 2291
cdn3reference.com/landings/25541/js/307086820268afd5185473666c3c43c5.js
54.230.111.43200 OK 35 kB URL HTTP/1.1 cdn3reference.com/landings/25541/js/307086820268afd5185473666c3c43c5.js
IP 54.230.111.43:0
File type ASCII text, with very long lines (65535)
Hash 8b06f3ca1d4b689fd9eeb8344fde2663
a74e3703e713aa6b03bb330769d9e8330fdaa0ec
b456636b4fec996eeb2e845e207810dc7080060c60a56f78a271de7d627859b2
GET /landings/25541/js/307086820268afd5185473666c3c43c5.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Tue, 11 May 2021 12:37:58 GMT
Content-Encoding: gzip
ETag: W/"187f5-5c20d29f77580"
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IkBG-qbSciJcsMEDiMPdv-SR_CSZevM_tJQFzvH0w3-qDBVLX6DmmQ==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Wed, 21 Sep 2022 04:07:38 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (48316), with no line terminators
Hash 2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:41:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3586116
expires: Mon, 11 Sep 2023 04:41:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1qlVQ5I6XCvlIaF4FUMzP7TdlwXP7GFmNo9Rg8fl5VwyYgkiUePeoIWhAzLOCR%2F1FLh%2FGTrRqtaFVS8CTkFa6H5hEKT59CFLBOCsrZtx4RWOE2ZsjpnKUjW4VeXdHR%2FOBuFiyZo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e021101cdab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
216.58.211.10200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
IP 216.58.211.10:0
Hash 3da9e4faa8659226e248b749bf14cf17
9cbcae08ca949641c9907c1d00d0d594abf0db75
129b32471965c5afc9110b39656a63b3b94ad5351cdc930940425ac938650374
GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:41:33 GMT
date: Wed, 21 Sep 2022 04:41:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
single-hearts.com/bridge/frodi_data.js
3.127.62.74200 OK 2.9 kB URL HTTP/1.1 single-hearts.com/bridge/frodi_data.js
IP 3.127.62.74:0
File type C source, ASCII text, with very long lines (6647)
Hash 625b730293917702d84f6d523a8f393d
06864e7f108f35894939cb7c1d4f35728bac196b
d41f3ab66a1cce893c51be831fb7af4889964f145779c569f33ffde9c6f1a584
Analyzer Verdict Alert fortinet Phishing
GET /bridge/frodi_data.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"19f8-1835aef3e20"
Vary: Accept-Encoding
Content-Encoding: gzip
single-hearts.com/integration.js
3.127.62.74200 OK 757 B URL HTTP/1.1 single-hearts.com/integration.js
IP 3.127.62.74:0
Hash d09af220c2964eedd689efc2572d8764
81000363829dbe53b91b11a296f394bc32d649af
02984cfd6cf9e2f314f31cad6fe06c770cab57cf8eae8783715278bdd61c804d
Analyzer Verdict Alert fortinet Phishing
GET /integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"715-CyfTr6rVF8ZOcMJOJwPo8/cnSjg"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.72302 Found 265 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 89fb7d2ef48c4a5d43b40ba73184510f
d3c8774d6ab3d1a24b8721b0aa148f6f2f134e24
4a84ebd3a763279bd4c3e9f12d43b7bdce8f916d07ef34371da477104a78811f
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 265
X-XSS-Protection: 0
single-hearts.com/mtu-integration.js
3.127.62.74200 OK 2.0 kB URL HTTP/1.1 single-hearts.com/mtu-integration.js
IP 3.127.62.74:0
File type ASCII text, with very long lines (4722)
Hash 0681a36b7965f33bb31025520ba0ea95
77988e2b65016405e20d1f9c65ec8ed9994a808f
ed8c2978d45ad059745c733bee65682cf0787e1bb0ca79782c3250e83a7b9750
Analyzer Verdict Alert fortinet Phishing
GET /mtu-integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"1273-1835aef3e20"
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://single-hearts.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 72632
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
retarget2core.com/fp/fp_ec.js
52.57.160.247200 OK 703 B URL HTTP/1.1 retarget2core.com/fp/fp_ec.js
IP 52.57.160.247:0
File type ASCII text, with very long lines (1212)
Hash ada333f1282ce9b098687f8c699c96e4
953cc03e6c595d3d58247b6966370da05054957e
823521b4328c9b2d58026cb8fb904ffe437b13a8a0a1773de479afbe218ebc85
GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"4bd-1835aef3e20"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
single-hearts.com/tds/interlayer
3.127.62.74200 OK 225 B URL HTTP/1.1 single-hearts.com/tds/interlayer
IP 3.127.62.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ff5e8496cfe95773c0b825dbcb67170
e9bc6aad9fd3399ec5e234df9e80d899428dde43
e46271e5220041103a8a4a393e36ed00cea0db1eaa2153f32ef855070fff26b4
Analyzer Verdict Alert fortinet Phishing
POST /tds/interlayer HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8
Content-Length: 685
Origin: http://single-hearts.com
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 225
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
ETag: W/"e1-6bxqrZ/TOZ7F4jTfnoDYmUKN3kM"
Vary: Accept-Encoding
single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={}
3.127.62.74200 OK 27 kB URL HTTP/1.1 single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={}
IP 3.127.62.74:0
File type C++ source, ASCII text, with very long lines (21894)
Hash 6e0a3949d513c331e3541462e8ec0f7a
d379174e28b03f453eace6ee4fcb8abd0bd7a142
bb70f77f4164d80cadacc74e31d0dfd53474ff8840a923cb8521de662488f5fe
GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={} HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"1ce8d-8RuWPEdMfhiOQR5brQt2EKKJM68"
Vary: Accept-Encoding
Content-Encoding: gzip
single-hearts.com/tds/interlayer?handler=FrodiData
3.127.62.74200 OK 0 B URL HTTP/1.1 single-hearts.com/tds/interlayer?handler=FrodiData
IP 3.127.62.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8
Content-Length: 1635
Origin: http://single-hearts.com
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
142.250.74.72200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP 142.250.74.72:0
File type ASCII text, with very long lines (4073)
Hash a5d7c42cd59baaa164c4c88f0e9a1302
53059c958765710f2cd9e72e119be1bd83682d4a
1e6a856f77522fcf5cfdfd609954d16c1182f9f2ee813d932aa125a59d94327a
GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://single-hearts.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 04:41:33 GMT
expires: Wed, 21 Sep 2022 04:41:33 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&j_type=open&jump=25541&jump_name=
52.57.160.247200 OK 35 B URL HTTP/1.1 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&j_type=open&jump=25541&jump_name=
IP 52.57.160.247:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&j_type=open&jump=25541&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=8c2ac4b679593d5f87eca8f26ff5ec0100f73a0e; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Thu, 21 Sep 2023 04:41:33 GMT; Secure; SameSite=None
single-hearts.com/ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D
3.127.62.74200 OK 10 B URL HTTP/1.1 single-hearts.com/ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D
IP 3.127.62.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c2db64f99c6ebc0162f2ff0a32704299
d483e5dbd40c7600c97357394ebe7c7e747aee9f
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
GET /ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 10
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
Vary: Accept-Encoding
single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D
3.127.62.74200 OK 27 B URL HTTP/1.1 single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D
IP 3.127.62.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af
GET /ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 27
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
Vary: Accept-Encoding
push.services.mozilla.com/
35.161.231.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.231.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mNWRzx0FpMrVPSP17eZWcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AyHLQIerdn0PgjNsw4ASt57sGRc=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn3reference.com/landings/25541/images/d1.jpg
54.230.111.43200 OK 89 kB URL HTTP/1.1 cdn3reference.com/landings/25541/images/d1.jpg
IP 54.230.111.43:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Hash 9fa36dc624bd78c6ce7654e86029e70e
4d9c9baa9faa97b5f4f690c6a828deb7ce16af15
b949ebcd891415fe1c7437cf418694d617a7130bc64754e5dabb0e797f5a7699
GET /landings/25541/images/d1.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 89075
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "15bf3-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yeTD7d58rOF1Gnj5Yvj7BsLsFFIgdKoKoQHT1-L01RjAaTh18YOdyA==
cdn3reference.com/landings/25541/images/d5.jpg
54.230.111.43200 OK 133 kB URL HTTP/1.1 cdn3reference.com/landings/25541/images/d5.jpg
IP 54.230.111.43:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size 133 kB (133361 bytes)
Hash 62780ac6f781262036da93dbe57ff2bb
75fee756b0a4cd2ce646b9f59635e421262911e6
5ec127c92061a2f3d99db02feb9fb9a5e3a873d995389e5461ccc769b462c401
GET /landings/25541/images/d5.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 133361
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "208f1-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BIE3Jzl6i_LgbRuaRb2cg_p3uC-mLG_nwFaRZvFx3y9Ug2g8OVZH5Q==
cdn3reference.com/landings/25541/images/d3.jpg
54.230.111.43200 OK 87 kB URL HTTP/1.1 cdn3reference.com/landings/25541/images/d3.jpg
IP 54.230.111.43:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Hash 9e8b51fc3954b13a5ea7db63a9b5a547
e418d1898f8d98807dba872440fa3b4d0d89509a
228d913d45b74e27895c4f4da44e40889903c94a267c27cf9990e1370b96314e
GET /landings/25541/images/d3.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 86894
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "1536e-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RwS9_ybpcQBolIIsDn3NPFEyhfPSMisvKGXFOYyLd9Gv-jJ7frvH9Q==
cdn3reference.com/landings/25541/images/d2.jpg
54.230.111.43200 OK 112 kB URL HTTP/1.1 cdn3reference.com/landings/25541/images/d2.jpg
IP 54.230.111.43:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size 112 kB (112293 bytes)
Hash 15e2f2cc6fb42bae20d80a55ce98146a
819ebe527d034b4c20a743143a990f67a30eb2a6
ff6f26c23f2efe8263e4fb38a3d604b09f7d98b888ed632eb4829c481d920249
GET /landings/25541/images/d2.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 112293
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "1b6a5-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s7UxM1XGRcha2Ro7iirpITiTdDZ48DNqprSDA4WjQx1_4gtoImCgQg==
cdn3reference.com/landings/25541/images/d4.jpg
54.230.111.43200 OK 145 kB URL HTTP/1.1 cdn3reference.com/landings/25541/images/d4.jpg
IP 54.230.111.43:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size 145 kB (144930 bytes)
Hash adad591d23aaa4655cad7035bc35f605
38fd949797630bd39f1c494b3bf896b6a64abab3
208f336858a8b83c4aa00ec99f957a95f52547212d1451b90778ef54e645ff23
GET /landings/25541/images/d4.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 144930
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "23622-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5tznbIMeYLsSIKGJaKKBJthxtnL5HxLuAAbvD9tO3IZesrWfqx8vwg==
cdn3reference.com/landings/25541/images/d6.jpg
54.230.111.43200 OK 91 kB URL HTTP/1.1 cdn3reference.com/landings/25541/images/d6.jpg
IP 54.230.111.43:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Hash b8fab3f64979ab411bc4a47fa240827d
9ba1d5756ef5af00f49da5aca3a7c677100fb0f2
4e82a4fc068bc953fbf661e2535941937f8320eb26738f979e4286cdf6716d06
GET /landings/25541/images/d6.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 91172
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "16424-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LgdrsWPlVnSALGSeCJ6rUKsiiC-55POIpa8fKTE9U8ng07vQ1xR3lw==
single-hearts.com/ufis/pwa/track?uaDataValues={}&networkGroup=
3.127.62.74200 OK 20 B URL HTTP/1.1 single-hearts.com/ufis/pwa/track?uaDataValues={}&networkGroup=
IP 3.127.62.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/pwa/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
Content-Type: application/json
Origin: http://single-hearts.com
Content-Length: 1163
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 20
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Accept-Encoding
cdn3reference.com/images/jump-favicon.ico
54.230.111.43200 OK 140 B URL HTTP/1.1 cdn3reference.com/images/jump-favicon.ico
IP 54.230.111.43:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 9323618250d1ebf9d90bb8ccd61ae3ed
f5959b04c30f434573c990cf4c454e8f8ea417e8
9fc17a567b7c732de87bf32b86d9bbdba2b44ecedeff4d39fb5d025a30552ba2
GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:34 GMT
Last-Modified: Fri, 05 Dec 2014 08:28:50 GMT
Cache-Control: public, max-age=604800
Content-Encoding: gzip
ETag: W/"47e-50973ddc33480"
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -EYQbHIprm4thDdWFOLiE72Yd_441Pod-pTAq1bASSos2DXPWSJ6UA==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 24851
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 24338
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cb692de2fcf108bf060af0b9599869f
443706b089783f7a16d4b001948a141a83ace053
06bedf63121d961420176535071c3a98d39e1d4586acb734d00ad80ce2b291ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6904
x-amzn-requestid: 1c4e2685-d06f-45fc-ab93-8678905f3804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwcI5HuLoAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329a705-099ce127249e148456270c11;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:41:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sRlJblY5obOlucutG9WQ_WPl5QGdA-0XsxIkHGkShaHvezNeqwGrkw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:37:39 GMT
age: 25436
etag: "443706b089783f7a16d4b001948a141a83ace053"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 267173c6b4e4e6ae4a84dc08df92f82f
4183102af1963e1edb3aa572c43aeda7d855e9f5
20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rUeMyRv1DxHKmRAc4s-8GkQELQtAO-_lKHB2tjRYSQUSBMJMmDAZcQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 24326
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 22781
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwWSpE0SoAMFaxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 02:18:26 GMT
age: 8589
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Assistant
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Assistant
IP 216.58.211.10:0
GET /css?family=Assistant HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:41:33 GMT
date: Wed, 21 Sep 2022 04:41:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2