Report - single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

Report Overview

Submitted URL
single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
IP
18.158.237.173
ASN
#16509 AMAZON-02
Submitted
2022-09-21 04:41:44
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
cdn3reference.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	705 kB	54.230.111.43
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	679 B	50 kB	142.250.74.72
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.231.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
single-hearts.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	39 kB	3.127.62.74
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	15 kB	104.17.24.14
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	46 kB	142.250.74.163
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	5.6 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	789 B	2.9 kB	216.58.211.10
retarget2core.com	86164	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	748 B	1.8 kB	52.57.160.247
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-21	medium	single-hearts.com/bridge/frodi_data.js	Phishing
2022-09-21	medium	single-hearts.com/integration.js	Phishing
2022-09-21	medium	single-hearts.com/mtu-integration.js	Phishing
2022-09-21	medium	single-hearts.com/tds/interlayer	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	cdn3reference.com/landings/25541/js/307086820268afd5185473666c3c43c5.js	100 kB	2023-03-07	2023-03-14
Pretty URL cdn3reference.com/landings/25541/js/307086820268afd5185473666c3c43c5.js IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:20:03 Last Seen2023-03-14 15:58:47 Times Seen1 Hash 307086820268afd5185473666c3c43c5 4a80968dd6fffca226b3e4239dcce23623cbd7f3 893c50d34d4f418008ec851c27694a0802a67513b5c323408925c6ab88fbe6ed Loading...

	single-hearts.com/bridge/intg.js?v=8	310 B	2023-03-07	2023-03-08
Pretty URL single-hearts.com/bridge/intg.js?v=8 IP 3.127.62.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:20:03 Last Seen2023-03-08 02:18:04 Times Seen1 Hash f70bccf9386b17fb671847cbe714d782 3426391ed54b60800545185732ed55c893cabbba 1f701e379e358c319c9219cb01af8f462c6948f9b5f525bddeca552d6bf0877b Loading...

	cdn3reference.com/js/dc_img.js?v=8	488 B	2023-03-07	2023-05-14
Pretty URL cdn3reference.com/js/dc_img.js?v=8 IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen18 Hash 866e1e7da88eb0918114ea04e4379f40 cb9ed6b52f93bead89eb5da6d618c9b58b34a2b5 ac742d62b8d28cb2cc72fa86d6d1769ead306bd34eb3b04e712d9f32a7378c53 Loading...

	single-hearts.com/integration.js	1.8 kB	2023-03-07	2023-03-07
Pretty URL single-hearts.com/integration.js IP 3.127.62.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:20:03 Last Seen2023-03-07 22:20:03 Times Seen1 Hash fad78ca57b2a835a0aa0c13eca3ca1e6 0b27d3afaad517c64e70c24e2703e8f3f7274a38 b107c5b39b645305185f3196972da43a999c2b05dc1acf23431e1d9f7e0c5e7f Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js	48 kB	2023-03-07	2024-05-10
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2024-05-10 18:44:08 Times Seen46050 Hash 2ca03ad87885ab983541092b87adb299 1a17f60bf776a8c468a185c1e8e985c41a50dc27 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Loading...

	single-hearts.com/bridge/frodi_data.js	6.6 kB	2023-03-07	2023-12-25
Pretty URL single-hearts.com/bridge/frodi_data.js IP 3.127.62.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-12-25 02:16:58 Times Seen154 Hash acba46edbe151b3ac5b3a3ad6adb6852 967fc6c8942a27986534f16a8a5ae2f71b0481bf 544d040fe3985f2f3f2f519c6db58110b24d23c8b13e794a988ec90a05b48658 Loading...

	retarget2core.com/fp/fp_ec.js	1.2 kB	2023-03-07	2023-03-29
Pretty URL retarget2core.com/fp/fp_ec.js IP 52.57.160.247 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-03-29 23:19:33 Times Seen17 Hash 6faaf5b255433abc88fbe4a547ac7784 c60ab4a050864bbd815922e5abade6d5af4333a6 7eda108904da9c98eeeeab666426197e6738b78dfd103a653897d14366e2cd20 Loading...

	cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8	8.9 kB	2023-03-07	2023-05-14
Pretty URL cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8 IP 54.230.111.43 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen2 Hash c0fafab6f2cbb33a818ba23d30f68842 c016126575618881427fdc86eed31717844f0573 85f09c34c4b7fc07125b5a5c84f6bbd1dde7df7f1ee059701a3660264300342f Loading...

	single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==	452 B	2023-03-07	2023-03-14
Pretty URL single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA== IP 3.127.62.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:20:03 Last Seen2023-03-14 15:58:47 Times Seen1 Hash 569e8833bcd6b92686e6c9ca49ef418c b99bd4c4b9f856c46bcfd21e73b079bcb1711eaf 5147d947b0b8e1369f17be04e60b55f4de52f4bb80daefe78c76fafbe7fff826 Loading...

	single-hearts.com/bridge/ao.js	699 B	2023-03-07	2023-05-14
Pretty URL single-hearts.com/bridge/ao.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:31:53 Last Seen2023-05-14 11:44:44 Times Seen2 Hash 6cebf45feb7e4563c5cc6295f32962e9 05b6e9f7db40c500fbf5e6751d763ee1ee9357a0 ff8435de19ba549afe5ad4813fc597bb52fdd6c5b2283d39d5211a94d5068967 Loading...

	single-hearts.com/mtu-integration.js	4.7 kB	2023-03-07	2023-03-17
Pretty URL single-hearts.com/mtu-integration.js IP 3.127.62.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:39 Last Seen2023-03-17 12:45:17 Times Seen1 Hash e1de353b9de3c5b340374c36a022d0f7 7d5a1db4c21be88787f766c1c03cdf774bb3d58f b9f97ba5647f8b73a9f16d36c48a8e0abce304478b0d0c96f12529828d776d5b Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer	129 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:20:03 Last Seen2023-03-07 22:20:03 Times Seen1 Hash 11a20a4ba6885e21af6b723acb90035f 59f9a50f0521c8205ccc5f4579ba6f91dd81077d 111d0485eb641feb773a927c8a1a6583c1deba92f54aff1f81e68f85cb6f93d7 Loading...

	single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==	446 B	2023-03-07	2023-03-07
Pretty URL single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA== IP 3.127.62.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:20:03 Last Seen2023-03-07 22:20:03 Times Seen1 Hash dabea29823cc49f6d8dc8a2bda54aaef 84b3c2266e604eb2abe424186714595e99f92c31 e2f65ae785a83e20fe69d299d97d9bbd96b3a19b5a591e7c08310f0a4a2129b9 Loading...

	single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={}	118 kB	2023-03-07	2023-03-07
Pretty URL single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={} IP 3.127.62.74 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:20:03 Last Seen2023-03-07 22:20:03 Times Seen1 Hash b73e44e08c47d3a0d291f78153ae6902 f11b963c474c7e188e411e5bad0b7610a28933af 57897415e5969a914a04b63be97c054e4b193ab31c9ae93504ca3f5c0c968f74 Loading...

		Size	First Seen	Last Seen
	#1 Eval - ca45c42226c1d974d33ba66f5fbec226	273 B	2023-03-07	2024-05-08
Pretty Observations First Seen2023-03-07 01:31:53 Last Seen2024-05-08 14:19:16 Times Seen302 Hash ca45c42226c1d974d33ba66f5fbec226 acdf858cb51509213a6b58ea26c99788ffa9ba51 8f61ee4a89b9d76a579f5ed446960dc9aba5dad5f67f5676bc5aab5f8fe726b3 Loading...

HTTP Transactions (56)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Retry-After, Content-Type, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 04:13:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wcm3UXy6kQCLeNyPW_4cVQZHuD-ig_e47qHX08UDrCrEKO85_hFMWw==
Age: 1680

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10654
Expires: Wed, 21 Sep 2022 07:39:06 GMT
Date: Wed, 21 Sep 2022 04:41:32 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0IaMP2qLL0pc24-brk9YARQksbUhb8FUi2xNqoHyAIABsKV69VN6UQ==
age: 379
X-Firefox-Spdy: h2

single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

3.127.62.74

200 OK

2.3 kB

URL HTTP/1.1
single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6295)
Size
2.3 kB (2275 bytes)
Hash
d24547d8e08a90dc6905ec37eb7dd38d
3b53886322525853060e7b79a8ae3c352601acb4
a79abf5170724bf8a00dc05c4f27387c3cb9e2872d78529e085a8ff2b5fd3b41

HTTP Headers

GET /jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA== HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 04:41:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

single-hearts.com/bridge/intg.js?v=8

3.127.62.74

200 OK

310 B

URL HTTP/1.1
single-hearts.com/bridge/intg.js?v=8
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (309)
Size
310 B (310 bytes)
Hash
f70bccf9386b17fb671847cbe714d782
3426391ed54b60800545185732ed55c893cabbba
1f701e379e358c319c9219cb01af8f462c6948f9b5f525bddeca552d6bf0877b

HTTP Headers

GET /bridge/intg.js?v=8 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:32 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 310
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"136-1835aef3e20"
Vary: Accept-Encoding

cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8

54.230.111.43

200 OK

3.8 kB

URL HTTP/1.1
cdn3reference.com/js/webPushMotivationPopupSmall.js?v=8
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1866)
Size
3.8 kB (3772 bytes)
Hash
9127d71e35310730851099b2490f5ea4
8bd6182ecd3134b9adc292aade3415506f90cda9
43e51c6ac7a00a0ea7bf7a80683ab2724b0cfb89ac43ed6cf7f92c3666de7f54

HTTP Headers

GET /js/webPushMotivationPopupSmall.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Wed, 31 Oct 2018 08:29:51 GMT
Content-Encoding: gzip
ETag: W/"22c1-579821b2406fb"
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _a0iTgphgUraCCI0H1wNN-JFdWRa5azzpwz1ZYvQGts_yXUJd9OMRQ==

cdn3reference.com/js/dc_img.js?v=8

54.230.111.43

200 OK

324 B

URL HTTP/1.1
cdn3reference.com/js/dc_img.js?v=8
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (350)
Size
324 B (324 bytes)
Hash
e4ce4a12b20f6729b1dff496aa37772b
f99b82ce285c754486f676c6bb90c14752b6df3e
d27b3460b2ea7fd76a7178d2d8582a011390500cbe1e726de31894df61692dc4

HTTP Headers

GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 29 Oct 2020 09:22:15 GMT
Content-Encoding: gzip
ETag: W/"1e8-5b2cbd0d9620d"
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _fZJYjCGb26oLR9OzBmgJQOy232UQ9myLFCgSCQCglugI_BuxrxmZQ==

cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2

54.230.111.43

200 OK

1.3 kB

URL HTTP/1.1
cdn3reference.com/css/webPushMotivationPopupSmall.css?v=2
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
1.3 kB (1272 bytes)
Hash
6c4d15e4271e5d44cafad1c3e22d54ef
dc4d4cf3b17dc7ae77df81cef63a11db364dbfdf
d10197ca0011136bcced6466c4cc4e6a331f57ef120e283eaf02594b2475b28f

HTTP Headers

GET /css/webPushMotivationPopupSmall.css?v=2 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Wed, 31 Oct 2018 08:31:29 GMT
ETag: W/"1340-5798220f78880"
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fWc3iDHyEasKJ2ZYyv7I0FpXYD_mzaqqk7Jdsd7VbsjFX7w2TDGPqA==

cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css

54.230.111.43

200 OK

1.3 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3597), with no line terminators
Size
1.3 kB (1291 bytes)
Hash
b563d19503ce67ae7e0b2af3a765f49b
825613ced484ffbbce246a654775bdad42a8934b
f9bea3f8ebd1f794edbe51d10a385439e7c70b7b93d7a3c497770cda4a493c42

HTTP Headers

GET /landings/25541/css/35861ed72021c0d5075bbdedee300211.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Tue, 11 May 2021 12:37:58 GMT
Content-Encoding: gzip
ETag: W/"e0d-5c20d29f77580"
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E1z81mKEVghZzWlc0jYzug8VYrmK9a3MOnSOAVJacG6YwUPm9bbxaQ==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 21 Sep 2022 04:03:22 GMT
Expires: Wed, 21 Sep 2022 04:37:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zBidh3poOEWHbUOpsR4H7wQM_cdZsS-E5LX0935PTky0Da1wiWiXJg==
Age: 2291

cdn3reference.com/landings/25541/js/307086820268afd5185473666c3c43c5.js

54.230.111.43

200 OK

35 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/js/307086820268afd5185473666c3c43c5.js
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65535)
Size
35 kB (34857 bytes)
Hash
8b06f3ca1d4b689fd9eeb8344fde2663
a74e3703e713aa6b03bb330769d9e8330fdaa0ec
b456636b4fec996eeb2e845e207810dc7080060c60a56f78a271de7d627859b2

HTTP Headers

GET /landings/25541/js/307086820268afd5185473666c3c43c5.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Tue, 11 May 2021 12:37:58 GMT
Content-Encoding: gzip
ETag: W/"187f5-5c20d29f77580"
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IkBG-qbSciJcsMEDiMPdv-SR_CSZevM_tJQFzvH0w3-qDBVLX6DmmQ==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2035
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Wed, 21 Sep 2022 04:07:38 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

104.17.24.14

200 OK

14 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (48316), with no line terminators
Size
14 kB (13972 bytes)
Hash
2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05

HTTP Headers

GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Sep 2022 04:41:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3586116
expires: Mon, 11 Sep 2023 04:41:33 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1qlVQ5I6XCvlIaF4FUMzP7TdlwXP7GFmNo9Rg8fl5VwyYgkiUePeoIWhAzLOCR%2F1FLh%2FGTrRqtaFVS8CTkFa6H5hEKT59CFLBOCsrZtx4RWOE2ZsjpnKUjW4VeXdHR%2FOBuFiyZo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74e021101cdab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5d7d983b288c67e17280c6a1c0d80d9
8a1e575f8b8427e872c1e4c5645d9ce3e5445e52
a08530049c460e7e3cf236a9969b94b4a794d83f3f4279ac43934194f39dedd6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

216.58.211.10

200 OK

1.4 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1401 bytes)
Hash
3da9e4faa8659226e248b749bf14cf17
9cbcae08ca949641c9907c1d00d0d594abf0db75
129b32471965c5afc9110b39656a63b3b94ad5351cdc930940425ac938650374

HTTP Headers

GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:41:33 GMT
date: Wed, 21 Sep 2022 04:41:33 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

single-hearts.com/bridge/frodi_data.js

3.127.62.74

200 OK

2.9 kB

URL HTTP/1.1
single-hearts.com/bridge/frodi_data.js
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
C source, ASCII text, with very long lines (6647)
Size
2.9 kB (2852 bytes)
Hash
625b730293917702d84f6d523a8f393d
06864e7f108f35894939cb7c1d4f35728bac196b
d41f3ab66a1cce893c51be831fb7af4889964f145779c569f33ffde9c6f1a584

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /bridge/frodi_data.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"19f8-1835aef3e20"
Vary: Accept-Encoding
Content-Encoding: gzip

single-hearts.com/integration.js

3.127.62.74

200 OK

757 B

URL HTTP/1.1
single-hearts.com/integration.js
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
757 B (757 bytes)
Hash
d09af220c2964eedd689efc2572d8764
81000363829dbe53b91b11a296f394bc32d649af
02984cfd6cf9e2f314f31cad6fe06c770cab57cf8eae8783715278bdd61c804d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"715-CyfTr6rVF8ZOcMJOJwPo8/cnSjg"
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

142.250.74.72

302 Found

265 B

URL HTTP/1.1
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
265 B (265 bytes)
Hash
89fb7d2ef48c4a5d43b40ba73184510f
d3c8774d6ab3d1a24b8721b0aa148f6f2f134e24
4a84ebd3a763279bd4c3e9f12d43b7bdce8f916d07ef34371da477104a78811f

HTTP Headers

GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 265
X-XSS-Protection: 0

single-hearts.com/mtu-integration.js

3.127.62.74

200 OK

2.0 kB

URL HTTP/1.1
single-hearts.com/mtu-integration.js
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (4722)
Size
2.0 kB (1958 bytes)
Hash
0681a36b7965f33bb31025520ba0ea95
77988e2b65016405e20d1f9c65ec8ed9994a808f
ed8c2978d45ad059745c733bee65682cf0787e1bb0ca79782c3250e83a7b9750

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /mtu-integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"1273-1835aef3e20"
Vary: Accept-Encoding
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://single-hearts.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 08:31:01 GMT
expires: Wed, 20 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 72632
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

retarget2core.com/fp/fp_ec.js

52.57.160.247

200 OK

703 B

URL HTTP/1.1
retarget2core.com/fp/fp_ec.js
IP
52.57.160.247:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1212)
Size
703 B (703 bytes)
Hash
ada333f1282ce9b098687f8c699c96e4
953cc03e6c595d3d58247b6966370da05054957e
823521b4328c9b2d58026cb8fb904ffe437b13a8a0a1773de479afbe218ebc85

HTTP Headers

GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 20 Sep 2022 12:46:12 GMT
ETag: W/"4bd-1835aef3e20"
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

single-hearts.com/tds/interlayer

3.127.62.74

200 OK

225 B

URL HTTP/1.1
single-hearts.com/tds/interlayer
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
225 B (225 bytes)
Hash
7ff5e8496cfe95773c0b825dbcb67170
e9bc6aad9fd3399ec5e234df9e80d899428dde43
e46271e5220041103a8a4a393e36ed00cea0db1eaa2153f32ef855070fff26b4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /tds/interlayer HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8
Content-Length: 685
Origin: http://single-hearts.com
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 225
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
ETag: W/"e1-6bxqrZ/TOZ7F4jTfnoDYmUKN3kM"
Vary: Accept-Encoding

single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={}

3.127.62.74

200 OK

27 kB

URL HTTP/1.1
single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={}
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
C++ source, ASCII text, with very long lines (21894)
Size
27 kB (26652 bytes)
Hash
6e0a3949d513c331e3541462e8ec0f7a
d379174e28b03f453eace6ee4fcb8abd0bd7a142
bb70f77f4164d80cadacc74e31d0dfd53474ff8840a923cb8521de662488f5fe

HTTP Headers

GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D&uaDataValues={} HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"1ce8d-8RuWPEdMfhiOQR5brQt2EKKJM68"
Vary: Accept-Encoding
Content-Encoding: gzip

single-hearts.com/tds/interlayer?handler=FrodiData

3.127.62.74

200 OK

0 B

URL HTTP/1.1
single-hearts.com/tds/interlayer?handler=FrodiData
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8
Content-Length: 1635
Origin: http://single-hearts.com
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer

142.250.74.72

200 OK

48 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-KMSJRW&l=adsLayer
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4073)
Size
48 kB (48358 bytes)
Hash
a5d7c42cd59baaa164c4c88f0e9a1302
53059c958765710f2cd9e72e119be1bd83682d4a
1e6a856f77522fcf5cfdfd609954d16c1182f9f2ee813d932aa125a59d94327a

HTTP Headers

GET /gtm.js?id=GTM-KMSJRW&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://single-hearts.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 04:41:33 GMT
expires: Wed, 21 Sep 2022 04:41:33 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48358
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&j_type=open&jump=25541&jump_name=

52.57.160.247

200 OK

35 B

URL HTTP/1.1
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&j_type=open&jump=25541&jump_name=
IP
52.57.160.247:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&j_type=open&jump=25541&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=8c2ac4b679593d5f87eca8f26ff5ec0100f73a0e; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Thu, 21 Sep 2023 04:41:33 GMT; Secure; SameSite=None

single-hearts.com/ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D

3.127.62.74

200 OK

10 B

URL HTTP/1.1
single-hearts.com/ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
10 B (10 bytes)
Hash
c2db64f99c6ebc0162f2ff0a32704299
d483e5dbd40c7600c97357394ebe7c7e747aee9f
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6

HTTP Headers

GET /ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 10
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
Vary: Accept-Encoding

single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D

3.127.62.74

200 OK

27 B

URL HTTP/1.1
single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af

HTTP Headers

GET /ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Futm_source%3Dddm%26tds_id%3Db9618gvi_jump_a_1608815002835%26tds_host%3Dsingle-hearts.com%26tds_campaign%3Db9618gvi%26tds_oid%3D25541%26utm_content%3D2254%26dci%3D69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1%26utm_campaign%3Da78ddb94%26s3%3D1285%26tds_ao%3D3%26id%3D25541%26tds_rt%3D%26s1%3Ddd%26tds_cid%3Ded731b208db8959de0cb508ae452aacec9d69742%26tds_ac_id%3Ds7016shm%26utm_term%3Dmob_rtr_usa_b9618gvi%26data2%3D102f0fa54153209759bd40f47794a5%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA%3D%3D HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 27
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
Vary: Accept-Encoding

push.services.mozilla.com/

35.161.231.36

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.231.36:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mNWRzx0FpMrVPSP17eZWcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AyHLQIerdn0PgjNsw4ASt57sGRc=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 04:41:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn3reference.com/landings/25541/images/d1.jpg

54.230.111.43

200 OK

89 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/images/d1.jpg
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size
89 kB (89075 bytes)
Hash
9fa36dc624bd78c6ce7654e86029e70e
4d9c9baa9faa97b5f4f690c6a828deb7ce16af15
b949ebcd891415fe1c7437cf418694d617a7130bc64754e5dabb0e797f5a7699

HTTP Headers

GET /landings/25541/images/d1.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 89075
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "15bf3-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yeTD7d58rOF1Gnj5Yvj7BsLsFFIgdKoKoQHT1-L01RjAaTh18YOdyA==

cdn3reference.com/landings/25541/images/d5.jpg

54.230.111.43

200 OK

133 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/images/d5.jpg
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size
133 kB (133361 bytes)
Hash
62780ac6f781262036da93dbe57ff2bb
75fee756b0a4cd2ce646b9f59635e421262911e6
5ec127c92061a2f3d99db02feb9fb9a5e3a873d995389e5461ccc769b462c401

HTTP Headers

GET /landings/25541/images/d5.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 133361
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "208f1-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: BIE3Jzl6i_LgbRuaRb2cg_p3uC-mLG_nwFaRZvFx3y9Ug2g8OVZH5Q==

cdn3reference.com/landings/25541/images/d3.jpg

54.230.111.43

200 OK

87 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/images/d3.jpg
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size
87 kB (86894 bytes)
Hash
9e8b51fc3954b13a5ea7db63a9b5a547
e418d1898f8d98807dba872440fa3b4d0d89509a
228d913d45b74e27895c4f4da44e40889903c94a267c27cf9990e1370b96314e

HTTP Headers

GET /landings/25541/images/d3.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 86894
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "1536e-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RwS9_ybpcQBolIIsDn3NPFEyhfPSMisvKGXFOYyLd9Gv-jJ7frvH9Q==

cdn3reference.com/landings/25541/images/d2.jpg

54.230.111.43

200 OK

112 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/images/d2.jpg
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size
112 kB (112293 bytes)
Hash
15e2f2cc6fb42bae20d80a55ce98146a
819ebe527d034b4c20a743143a990f67a30eb2a6
ff6f26c23f2efe8263e4fb38a3d604b09f7d98b888ed632eb4829c481d920249

HTTP Headers

GET /landings/25541/images/d2.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 112293
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "1b6a5-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s7UxM1XGRcha2Ro7iirpITiTdDZ48DNqprSDA4WjQx1_4gtoImCgQg==

cdn3reference.com/landings/25541/images/d4.jpg

54.230.111.43

200 OK

145 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/images/d4.jpg
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size
145 kB (144930 bytes)
Hash
adad591d23aaa4655cad7035bc35f605
38fd949797630bd39f1c494b3bf896b6a64abab3
208f336858a8b83c4aa00ec99f957a95f52547212d1451b90778ef54e645ff23

HTTP Headers

GET /landings/25541/images/d4.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 144930
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "23622-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5tznbIMeYLsSIKGJaKKBJthxtnL5HxLuAAbvD9tO3IZesrWfqx8vwg==

cdn3reference.com/landings/25541/images/d6.jpg

54.230.111.43

200 OK

91 kB

URL HTTP/1.1
cdn3reference.com/landings/25541/images/d6.jpg
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1158x800, components 3\012- data
Size
91 kB (91172 bytes)
Hash
b8fab3f64979ab411bc4a47fa240827d
9ba1d5756ef5af00f49da5aca3a7c677100fb0f2
4e82a4fc068bc953fbf661e2535941937f8320eb26738f979e4286cdf6716d06

HTTP Headers

GET /landings/25541/images/d6.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25541/css/35861ed72021c0d5075bbdedee300211.css

HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 91172
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:33 GMT
Last-Modified: Thu, 06 May 2021 07:11:41 GMT
ETag: "16424-5c1a405e14540"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LgdrsWPlVnSALGSeCJ6rUKsiiC-55POIpa8fKTE9U8ng07vQ1xR3lw==

single-hearts.com/ufis/pwa/track?uaDataValues={}&networkGroup=

3.127.62.74

200 OK

20 B

URL HTTP/1.1
single-hearts.com/ufis/pwa/track?uaDataValues={}&networkGroup=
IP
3.127.62.74:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

HTTP Headers

POST /ufis/pwa/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://single-hearts.com/jump?utm_source=ddm&tds_id=b9618gvi_jump_a_1608815002835&tds_host=single-hearts.com&tds_campaign=b9618gvi&tds_oid=25541&utm_content=2254&dci=69eb52a169d73aa62ecc17e706f6e28f0a7f2ee1&utm_campaign=a78ddb94&s3=1285&tds_ao=3&id=25541&tds_rt=&s1=dd&tds_cid=ed731b208db8959de0cb508ae452aacec9d69742&tds_ac_id=s7016shm&utm_term=mob_rtr_usa_b9618gvi&data2=102f0fa54153209759bd40f47794a5&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy9iNGIzOTRkYzM5MjUwOTNlOTEyNzc5ZjhkYTRhMzEzZj9fX3Q9MTY2MzczNTI4NTg3OSZfX2w9MzYwMA==
Content-Type: application/json
Origin: http://single-hearts.com
Content-Length: 1163
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 04:41:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 20
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Accept-Encoding

cdn3reference.com/images/jump-favicon.ico

54.230.111.43

200 OK

140 B

URL HTTP/1.1
cdn3reference.com/images/jump-favicon.ico
IP
54.230.111.43:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
140 B (140 bytes)
Hash
9323618250d1ebf9d90bb8ccd61ae3ed
f5959b04c30f434573c990cf4c454e8f8ea417e8
9fc17a567b7c732de87bf32b86d9bbdba2b44ecedeff4d39fb5d025a30552ba2

HTTP Headers

GET /images/jump-favicon.ico HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/

HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 21 Sep 2022 04:41:34 GMT
Last-Modified: Fri, 05 Dec 2014 08:28:50 GMT
Cache-Control: public, max-age=604800
Content-Encoding: gzip
ETag: W/"47e-50973ddc33480"
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -EYQbHIprm4thDdWFOLiE72Yd_441Pod-pTAq1bASSos2DXPWSJ6UA==

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Wed, 21 Sep 2022 08:24:58 GMT
Date: Wed, 21 Sep 2022 04:41:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10038 bytes)
Hash
dab1f2cd68979d2004ba4449d759a341
54ed14436a75ba2aeb8459bad2ce70229aff4203
e782fb5ede547e1b167719068c6821c62414dcb0991bf9ac38285cb3ce8894e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecaa9082-610c-41c1-ae9a-e453d87828ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10038
x-amzn-requestid: 4cf38a70-a706-4e6a-b854-9404727c599d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yxy1mHDCIAMF5-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a31bd-5aba5b0640221b302a19781b;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:33:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hDCOWNm2vFa9h7BffUJwcwZ6i27jM2qBuSTasH9q_wsQ9oNWhVpQCg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:47:24 GMT
etag: "54ed14436a75ba2aeb8459bad2ce70229aff4203"
content-type: image/jpeg
age: 24851
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7060 bytes)
Hash
c92f202bddcfee6efac41bcc25be5745
9d297544318ff34f839678d8b358290ab6bd62a8
f471aaff7c08c60905cff5b1c9d4b669a3179574493d23d27e681110688af6b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f1d773-46e0-4cf2-8178-3101a22f8b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 69e8f4d4-2360-4124-a9e9-9cce3dd43da7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0NWEgmIAMFusQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a33ee-0f4861c226117d70664b8612;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kj4FQUvvo13Yrwu_bKqee64IMn6X0UXlOJQ3fh40qejOi-3dtCrEYg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:55:57 GMT
age: 24338
etag: "9d297544318ff34f839678d8b358290ab6bd62a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6904 bytes)
Hash
2cb692de2fcf108bf060af0b9599869f
443706b089783f7a16d4b001948a141a83ace053
06bedf63121d961420176535071c3a98d39e1d4586acb734d00ad80ce2b291ce

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febae4a05-492e-4ab9-a79b-7e3f27cfc01e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6904
x-amzn-requestid: 1c4e2685-d06f-45fc-ab93-8678905f3804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwcI5HuLoAMFoRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6329a705-099ce127249e148456270c11;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:41:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: sRlJblY5obOlucutG9WQ_WPl5QGdA-0XsxIkHGkShaHvezNeqwGrkw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:37:39 GMT
age: 25436
etag: "443706b089783f7a16d4b001948a141a83ace053"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9271 bytes)
Hash
267173c6b4e4e6ae4a84dc08df92f82f
4183102af1963e1edb3aa572c43aeda7d855e9f5
20487bb2e59f2e6afcaaac3e3c4f1dfec9a8ef761403a44f7f92a6b57d143714

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6be1360-d048-4319-9cac-dfebe92db87f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9271
x-amzn-requestid: b8139dfc-8f24-41e0-9948-56bad215416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yx0Q-EkZoAMF_sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a3406-4365026f7f832cee0c12e4d7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:43:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rUeMyRv1DxHKmRAc4s-8GkQELQtAO-_lKHB2tjRYSQUSBMJMmDAZcQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:56:09 GMT
age: 24326
etag: "4183102af1963e1edb3aa572c43aeda7d855e9f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7507 bytes)
Hash
4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:21:54 GMT
age: 22781
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6897 bytes)
Hash
8bae3a7a80ff40df1d701dfc925ddeff
91df60162a8322469cada0dd8eb93619f28aec1a
fab10c7ad4658bc191621d9f2042236a7b6e34448ce5215dde5b8d6a64b52952

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6b35a1c-f445-4b05-b56e-ce2ad0ef2a9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6897
x-amzn-requestid: 280a2e44-c21a-4d78-991b-3328e816d045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YwWSpE0SoAMFaxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63299daa-55cb53491be78c4d5bed0462;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 11:02:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eNkM22Xu--qgJdsrH-UrTG5-Ie4nAsyLjiMaJ5ZKIz0bbw7cYrvFjw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 02:18:26 GMT
age: 8589
etag: "91df60162a8322469cada0dd8eb93619f28aec1a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Assistant

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Assistant
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Assistant HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cdn3reference.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 04:41:33 GMT
date: Wed, 21 Sep 2022 04:41:33 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations