Report - hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12

Report Overview

Submitted URL
hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12
IP
93.115.28.104
ASN
#16125 UAB Cherry Servers
Submitted
2023-01-28 07:49:07
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
d1zp0skjzco26d.cloudfront.net	unknown	2022-12-20T23:16:46Z	2023-03-09T06:49:07Z	1.7 kB	247 kB	54.230.245.204
unpkg.com	11693	2016-01-08T00:26:01Z	2023-03-13T08:09:51Z	1.2 kB	1.8 kB	104.16.126.175
cdn.onesignal.com	3015	2015-04-22T15:41:50Z	2023-03-13T08:35:13Z	380 B	553 B	104.18.226.52
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
www.dql2clk.com	308712	2022-02-28T21:07:04Z	2023-03-10T15:20:20Z	544 B	1.0 kB	34.117.199.78
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-13T08:10:39Z	350 B	1.0 kB	54.230.80.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	2.7 kB	45 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	1.3 kB	1.9 kB	142.250.74.106
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
orest-vlv.com	unknown	2023-01-16T11:21:19Z	2023-03-13T02:10:56Z	1.6 kB	4.3 kB	54.237.193.255
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.4 kB	7.0 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	496 B	32 kB	142.250.74.35
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	944 B	54.230.245.39
hsk1.drofortho.com	unknown			1.6 kB	1.6 kB	93.115.28.104
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.82.48.240
cartining-specute.com	unknown	2021-02-01T00:37:43Z	2023-03-13T06:57:55Z	917 B	659 B	18.197.36.77
ocsp.starfieldtech.com	6616	2012-06-22T20:08:50Z	2023-03-13T05:25:08Z	692 B	4.7 kB	192.124.249.41
www.seniorflirting.com	unknown	2021-02-20T12:46:51Z	2023-03-08T14:16:03Z	4.8 kB	21 kB	3.67.229.193
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	802 B	101 kB	142.250.74.106
live.connect2api.com	295739	2021-05-22T16:54:20Z	2023-03-08T15:37:31Z	470 B	1.0 kB	18.185.169.138

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek	1.4 kB	2023-03-09	2023-03-13
Pretty URL www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek IP 3.67.229.193 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:51:15 Last Seen2023-03-13 19:28:18 Times Seen1 Hash 5dab7c4649ad0bf9cbe04bd3bf46f016 28ebb12348b541ece9a17b67658a6050020ddf0b 3601e11479a4aa65c29e04736cdae1880a33646bd5129703cbe8103b06b22384 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.226.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12	417 B	2023-03-13	2023-03-13
Pretty URL hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12 IP 93.115.28.104 ASN #16125 UAB Cherry Servers Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:28:24 Last Seen2023-03-13 09:28:24 Times Seen1 Hash d53377fc44feb3b65d007d890736793d 8a860643ef0bc1c3ea3d66085efdc3d8dbd3b55d 4011971c590afb005612bb1131f4e5b5dd512cdd7e6a04865ba110015cbd03c5 Loading...

	orest-vlv.com/zcvisitor/37b75ca3-9ee0-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=940f4220-d5a9-11ec-98f9-12beee04f19b	849 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcvisitor/37b75ca3-9ee0-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=940f4220-d5a9-11ec-98f9-12beee04f19b IP 54.237.193.255 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:28:24 Last Seen2023-03-13 09:28:24 Times Seen1 Hash 06ac33e337e537271761e90148ff6b9f dbee469f1133331568a31916757d350dc57c8986 1bf1c93117f89ae29c7187daf1d3b3f4b77d0abb54dd38683afcff957c9a2893 Loading...

	onesignal.com/api/v1/sync/bf59e5c7-9222-49c0-bc5c-c4317baf500e/web?callback=__jp0	3.3 kB	2023-03-13	2023-03-13
Pretty URL onesignal.com/api/v1/sync/bf59e5c7-9222-49c0-bc5c-c4317baf500e/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:28:24 Last Seen2023-03-13 09:28:24 Times Seen1 Hash 9e04c0b2a0fa2aabca47f360779d7537 410b308296bdf0efc6951e957abe7f9502bc70dd 26012253664661da0da0a3634c571d5e97ba34574c422767e91d196e95045fe5 Loading...

	www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek	2.5 kB	2023-03-13	2023-03-13
Pretty URL www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek IP 3.67.229.193 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:12:47 Last Seen2023-03-13 14:28:06 Times Seen1 Hash e0f8a0a9d9113a7063f22dfc3855754e 48931a7c9bbe90f6de5c4b58ff5da48e3e3c74d7 53a5daf01b4e16628d51d65258184819bc18c7b9d0b943061a5423859012e900 Loading...

	unpkg.com/ionicons@5.2.3/dist/ionicons/p-6f4eae92.js	8.1 kB	2023-03-07	2024-05-10
Pretty URL unpkg.com/ionicons@5.2.3/dist/ionicons/p-6f4eae92.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:49 Last Seen2024-05-10 12:30:27 Times Seen140 Hash 074019980c5e58b4b06d6f7609bb8708 81f0c385ae1bba318bf0cdc00295cd1374416f04 998017d8e261ff05c8beb90beacc69fd6c8071b1695ed87a9a6d33a3b3caa7f5 Loading...

	unpkg.com/ionicons@5.2.3/dist/ionicons.js	962 B	2023-03-07	2024-05-10
Pretty URL unpkg.com/ionicons@5.2.3/dist/ionicons.js IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:35 Last Seen2024-05-10 12:30:27 Times Seen107 Hash 1bc0082a5b1dbbce917ec2269bb121a9 7a436a529b6a0f50047390f47544fa91269c184d 937e1da6a3f1f5f56d7c7f68d47217686d4d73881a6332607eb9769f9e50bc5e Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 01:45:32 Times Seen37532904 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek	4.5 kB	2023-03-09	2023-03-13
Pretty URL www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek IP 3.67.229.193 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:51:15 Last Seen2023-03-13 19:28:18 Times Seen1 Hash fb1325370df03ac98e37d7cae5111bef dbdc9413a1c5b2b2e859c23a3139cccdd9005203 ea882cf24927ddb5c4db42a49bb84dce68efaafa8b93c5a1ed11d48eebb2378c Loading...

	www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek	1.2 kB	2023-03-12	2024-05-08
Pretty URL www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek IP 3.67.229.193 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:14:25 Last Seen2024-05-08 19:32:51 Times Seen68 Hash ac4db4820a000d6460ddfc2b0170d1fd 186343af46fd292471357c0f1579c18f30dc6622 3f8c1970f0af4ed8f65462147064a3b445764dc06f0ba8e6f74cd37d6b6329f2 Loading...

	unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js	335 B	2023-03-07	2024-05-10
Pretty URL unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:35 Last Seen2024-05-10 12:30:27 Times Seen118 Hash adb6d48631a4f2341424df91a182231c eaaedc3ffd963b15df8a28f4fc7e92a09da27091 9164e9e61772747c5cb442694612e0059544001673b79fb88d326b6fc0c008ef Loading...

	unpkg.com/ionicons@5.2.3/dist/ionicons/p-4372c4bc.js	1.2 kB	2023-03-07	2024-05-10
Pretty URL unpkg.com/ionicons@5.2.3/dist/ionicons/p-4372c4bc.js IP 104.16.126.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:48 Last Seen2024-05-10 12:30:27 Times Seen134 Hash ea3c112d7ccff97cbda6dd4d35acfddc 78bbfc504bbd70e170ed9718efac09f88451bd82 88432d4a953719ca1962f867cc4166caf9e6cdf2da51a540991256d63935fded Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	orest-vlv.com/zcredirect?visitid=37b75ca3-9ee0-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	324 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcredirect?visitid=37b75ca3-9ee0-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 54.237.193.255 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:28:24 Last Seen2023-03-13 09:28:24 Times Seen1 Hash 7566d1abfacd475131c5fd6fca8de5cf 2fa4c72bcce860ca20334d773b7a275762440f8b ad33d01c7f816a1db67b6260b429838d965b59bff712acabd6759c4088bb6737 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-11 01:13:16 Times Seen97919 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

HTTP Transactions (62)

URL IP Response Size

hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12

93.115.28.104

200 OK

521 B

URL HTTP/1.1
hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (521), with no line terminators
Size
521 B (521 bytes)
Hash
106c7c0ffbee521de994452b83de43f3
3c260e8b7e60409d237ba3cf76857a5be384251f
f7dd330a21760cbdb4511d4e5182c69197cb0fb0ab32e4d4678e7142df66cd9e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12 HTTP/1.1
Host: hsk1.drofortho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 521
content-type: text/html; charset=utf-8
date: Sat, 28 Jan 2023 07:48:54 GMT
server: nginx
set-cookie: sid=376f1c9c-9ee0-11ed-b03c-c2c52677350b; path=/; domain=.drofortho.com; expires=Thu, 15 Feb 2091 11:03:02 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13164
Expires: Sat, 28 Jan 2023 11:28:20 GMT
Date: Sat, 28 Jan 2023 07:48:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16246
Expires: Sat, 28 Jan 2023 12:19:42 GMT
Date: Sat, 28 Jan 2023 07:48:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 07:43:04 GMT
content-type: application/json
age: 352
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10491
Expires: Sat, 28 Jan 2023 10:43:47 GMT
Date: Sat, 28 Jan 2023 07:48:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xJqpI8WYpak5tHi98R2+D3kuL8tr9SViYfZMtxrD0YwxnKt1lx/N285e/18O/GYrKjaVj6uRmy/6UYHHhV46Tw==
x-amz-request-id: 15C155TF721JKNB4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 06:49:45 GMT
age: 3551
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 07:48:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

hsk1.drofortho.com/favicon.ico

93.115.28.104

404 Not Found

9 B

URL HTTP/1.1
hsk1.drofortho.com/favicon.ico
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hsk1.drofortho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12
Cookie: sid=376f1c9c-9ee0-11ed-b03c-c2c52677350b

HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sat, 28 Jan 2023 07:48:55 GMT
server: nginx

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 07:41:40 GMT
age: 436
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NDg5OTMzNSwiaWF0IjoxNjc0ODkyMTM1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3Y2ajFnOTJxMDRzNG5ua2syYWUzaTEiLCJuYmYiOjE2NzQ4OTIxMzUsInRzIjoxNjc0ODkyMTM1ODI3MzgwfQ.0dqEnXnKjK8xmLo4h4LM6ZHyF9fU6G1NqbSXqPaXPJo&sid=376f1c9c-9ee0-11ed-b03c-c2c52677350b

93.115.28.104

302 Found

11 B

URL HTTP/1.1
hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NDg5OTMzNSwiaWF0IjoxNjc0ODkyMTM1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3Y2ajFnOTJxMDRzNG5ua2syYWUzaTEiLCJuYmYiOjE2NzQ4OTIxMzUsInRzIjoxNjc0ODkyMTM1ODI3MzgwfQ.0dqEnXnKjK8xmLo4h4LM6ZHyF9fU6G1NqbSXqPaXPJo&sid=376f1c9c-9ee0-11ed-b03c-c2c52677350b
IP
93.115.28.104:0
ASN
#16125 UAB Cherry Servers

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NDg5OTMzNSwiaWF0IjoxNjc0ODkyMTM1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3Y2ajFnOTJxMDRzNG5ua2syYWUzaTEiLCJuYmYiOjE2NzQ4OTIxMzUsInRzIjoxNjc0ODkyMTM1ODI3MzgwfQ.0dqEnXnKjK8xmLo4h4LM6ZHyF9fU6G1NqbSXqPaXPJo&sid=376f1c9c-9ee0-11ed-b03c-c2c52677350b HTTP/1.1
Host: hsk1.drofortho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hsk1.drofortho.com/gdy:gio259693408dz6ztdh10fat5d7nj74sfcua12
Cookie: sid=376f1c9c-9ee0-11ed-b03c-c2c52677350b
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 28 Jan 2023 07:48:55 GMT
location: http://orest-vlv.com/zcvisitor/37b75ca3-9ee0-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=940f4220-d5a9-11ec-98f9-12beee04f19b
server: nginx
set-cookie: sid=376f1c9c-9ee0-11ed-b03c-c2c52677350b; path=/; domain=.drofortho.com; expires=Thu, 15 Feb 2091 11:03:03 GMT; max-age=2147483647; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14030
Expires: Sat, 28 Jan 2023 11:42:46 GMT
Date: Sat, 28 Jan 2023 07:48:56 GMT
Connection: keep-alive

orest-vlv.com/zcvisitor/37b75ca3-9ee0-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=940f4220-d5a9-11ec-98f9-12beee04f19b

54.237.193.255

200

1.1 kB

URL HTTP/1.1
orest-vlv.com/zcvisitor/37b75ca3-9ee0-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=940f4220-d5a9-11ec-98f9-12beee04f19b
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
3e708118aed525bd4a1880af53ca1dad
7012e28cc07439b586bb18d2182300d8e1afcd71
f53bbad72b575febd8b540e73b294ad3a2b194e13fb8b77a248741fe62f71cb5

HTTP Headers

GET /zcvisitor/37b75ca3-9ee0-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=940f4220-d5a9-11ec-98f9-12beee04f19b HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hsk1.drofortho.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sat, 28 Jan 2023 07:48:56 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: pdjjtQZN

orest-vlv.com/zcredirect?visitid=37b75ca3-9ee0-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

54.237.193.255

200

778 B

URL HTTP/1.1
orest-vlv.com/zcredirect?visitid=37b75ca3-9ee0-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (346)
Size
778 B (778 bytes)
Hash
a70a131b8146ce73382f52bb5eef9818
2e0a3f740e7a3fa554f70d41f22eb54305ebb0aa
957dd4fa0f32c1b6ff5456af8e1fb16dbab44b2033ac5307ed9e0a4d6821605e

HTTP Headers

GET /zcredirect?visitid=37b75ca3-9ee0-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/37b75ca3-9ee0-11ed-a98d-125e1845214f/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=940f4220-d5a9-11ec-98f9-12beee04f19b
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Sat, 28 Jan 2023 07:48:57 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: yyiFiAeN

push.services.mozilla.com/

35.82.48.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.48.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: v+LTgTtd7wEVaWEQNI2q3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DTjxvg+rJ7oZBToh4l3oJityy28=

orest-vlv.com/favicon.ico

54.237.193.255

404

653 B

URL HTTP/1.1
orest-vlv.com/favicon.ico
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=37b75ca3-9ee0-11ed-a98d-125e1845214f&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Sat, 28 Jan 2023 07:48:57 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: bVbBZNzJ

cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwww.dql2clk.com%2Fcmp%2FZGSRP1%2F27W1G%2F%3Fsource_id%3DSOURCEID%26sub1%3DSUBSOURCE%26sub5%3Dw65tvf9ejp5irf7m21c3ssek&caid=40df6672-448d-4949-8192-f27e595685b7&zpid=37b75ca3-9ee0-11ed-a98d-125e1845214f&cid=w65tvf9ejp5irf7m21c3ssek&rt=R

18.197.36.77

302 Found

0 B

URL HTTP/2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwww.dql2clk.com%2Fcmp%2FZGSRP1%2F27W1G%2F%3Fsource_id%3DSOURCEID%26sub1%3DSUBSOURCE%26sub5%3Dw65tvf9ejp5irf7m21c3ssek&caid=40df6672-448d-4949-8192-f27e595685b7&zpid=37b75ca3-9ee0-11ed-a98d-125e1845214f&cid=w65tvf9ejp5irf7m21c3ssek&rt=R
IP
18.197.36.77:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fwww.dql2clk.com%2Fcmp%2FZGSRP1%2F27W1G%2F%3Fsource_id%3DSOURCEID%26sub1%3DSUBSOURCE%26sub5%3Dw65tvf9ejp5irf7m21c3ssek&caid=40df6672-448d-4949-8192-f27e595685b7&zpid=37b75ca3-9ee0-11ed-a98d-125e1845214f&cid=w65tvf9ejp5irf7m21c3ssek&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Cookie: cc-v4=r27P8tgTvmF7DJEvG7GV0jixvEY1yQZ1gkubt3%2Fr7Jcb5eXlvF95XOCTkurmELOwJl1%2FYtyLnsBpvMO2u3jz5kc%2FN7p4XJKNekSx%2BAE30Q6tAsksBtp9Y0v9lkrG5Nho02hp0sDlTmqBE4lrvgQadA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 07:48:57 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.dql2clk.com/cmp/ZGSRP1/27W1G/?source_id=SOURCEID&sub1=SUBSOURCE&sub5=w65tvf9ejp5irf7m21c3ssek
pragma: no-cache
set-cookie: cc-v4=e0m28qDr%2B3h7lpY2g5TbVFprc0A7O8Xn%2BpZ9ENO783%2BcG8jt5GvAXK3xSvLr%2FxV1nDxislxQnN3d0q1bqmDR%2Bm1UDEWarWXaMCHa9gwH6ghgQH227puUtN2qOzElIM5aOF4jNcot0W1NmZ3ySwq3sg%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 07:48:57 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
e3fa84bc35bcd0513bbe8ad5d97ae586
c7b95a61e2e154512700af9d35d54994b7d5479d
0f5290c7df4232a31feb62f80529ae8bb951f7ebc5f8c07ef9bf7236acea9d17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 07:48:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 21:48:32 GMT
Expires: Sat, 28 Jan 2023 21:48:32 GMT
ETag: "c7b95a61e2e154512700af9d35d54994b7d5479d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

www.dql2clk.com/cmp/ZGSRP1/27W1G/?source_id=SOURCEID&sub1=SUBSOURCE&sub5=w65tvf9ejp5irf7m21c3ssek

34.117.199.78

302 Found

281 B

URL HTTP/2
www.dql2clk.com/cmp/ZGSRP1/27W1G/?source_id=SOURCEID&sub1=SUBSOURCE&sub5=w65tvf9ejp5irf7m21c3ssek
IP
34.117.199.78:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
281 B (281 bytes)
Hash
3b857173ca7ecdf9f50213e069a403d4
c7e9a9d7e6609a9f928ca8f08bc3e0309bcac94b
0bc6ecc3fc8288b44dbe14672ec1cb78ff252524bc119944fb0342d8b88ccef1

HTTP Headers

GET /cmp/ZGSRP1/27W1G/?source_id=SOURCEID&sub1=SUBSOURCE&sub5=w65tvf9ejp5irf7m21c3ssek HTTP/1.1
Host: www.dql2clk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 07:48:57 GMT
content-type: text/html; charset=utf-8
content-length: 281
location: https://www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
set-cookie: uniqueClick_27W1G=14f60e1f-07aa-4bfd-b82b-16fe2a5845d6:1674892137; Path=/; Expires=Sun, 29 Jan 2023 07:48:57 GMT
transaction_id=8bd7f073cb5c4f87b709bd0e21602950; Path=/; Expires=Fri, 28 Apr 2023 07:48:57 GMT
vary: Origin
x-eflow-request-id: 962e7acb-e223-471b-acf5-794f7b8f177c
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.starfieldtech.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1846 bytes)
Hash
e3fa84bc35bcd0513bbe8ad5d97ae586
c7b95a61e2e154512700af9d35d54994b7d5479d
0f5290c7df4232a31feb62f80529ae8bb951f7ebc5f8c07ef9bf7236acea9d17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 28 Jan 2023 07:48:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 27 Jan 2023 21:48:32 GMT
Expires: Sat, 28 Jan 2023 21:48:32 GMT
ETag: "c7b95a61e2e154512700af9d35d54994b7d5479d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
7724b662285abd22f0df903fd62f74c0
bbccd5521af1ccb6f07e4e3d6c58996a93a7176c
dd41306d0c3d19cf4c463d2f80f2ee034e19aa0776a45da8a07c88f52cda1870

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117563
Date: Sat, 28 Jan 2023 07:48:58 GMT
Etag: "63d3f6af-1d7"
Expires: Sun, 29 Jan 2023 16:28:21 GMT
Last-Modified: Fri, 27 Jan 2023 16:07:11 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _c6nHiphZ4z4KpmpG8AjRM8vyCknylyf1WqTOCw6f-0H6ZYu4N8COQ==
Age: 1270

www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek

3.67.229.193

200 OK

6.1 kB

URL HTTP/2
www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (569)
Size
6.1 kB (6073 bytes)
Hash
8623518e3386c36fe563039538ed14c6
1bca0e0a2d764ebe0b5df94fe3121fe4e3bbb098
2ebd2d1bd8d320c0611ca5b975a24012a56e77ca45e4c5a6d54bdf3165f16c48

HTTP Headers

GET /7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: text/html; charset=UTF-8
content-length: 6073
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.seniorflirting.com/7945/css/style.css

3.67.229.193

200 OK

2.1 kB

URL HTTP/2
www.seniorflirting.com/7945/css/style.css
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7035)
Size
2.1 kB (2071 bytes)
Hash
4b8427ffaaf0dc43e3c16065f444d4cd
73634df9c78e7b554f132240cb3422b1688410e5
1871578d243f30860a0b2d58c4414efd938ce38d1ce96d432e7460c6839e57e4

HTTP Headers

GET /7945/css/style.css HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: text/css
content-length: 2071
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "1b7c-5f3277a9df680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.seniorflirting.com/7945/css/jquery-ui.css

3.67.229.193

200 OK

8.4 kB

URL HTTP/2
www.seniorflirting.com/7945/css/jquery-ui.css
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (2363)
Size
8.4 kB (8405 bytes)
Hash
eb890942f434115913de08899ef174a4
84518af33d2157bf638eecd96ec00eeb378f547d
65c520e543b735967301de8a17d88ebfe96f9969d596fe477ebe4850f99f5d32

HTTP Headers

GET /7945/css/jquery-ui.css HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: text/css
content-length: 8405
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "8d02-5f3277a9df680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

www.seniorflirting.com/7945/media/woman.png

3.67.229.193

302 Found

336 B

URL HTTP/2
www.seniorflirting.com/7945/media/woman.png
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
336 B (336 bytes)
Hash
460fa8dd9da20556e8579ecdbe43658d
02233af5624836f4003ef4f5d99f1717d9322054
fc4fe696041f69d7aeedaa98f0cc5f46d986d85d9b8c570189b24de493a3f3b1

HTTP Headers

GET /7945/media/woman.png HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: text/html; charset=iso-8859-1
content-length: 336
location: https://d1zp0skjzco26d.cloudfront.net/media/7945/media/woman.png
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2

www.seniorflirting.com/7945/media/man.png

3.67.229.193

302 Found

334 B

URL HTTP/2
www.seniorflirting.com/7945/media/man.png
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
334 B (334 bytes)
Hash
4c083858ec331dfbcdb8fb47a77980ae
23747084fad258c2e053da5e3ac9430fce6c6b81
81afb8e394796a4b39c0b1e7c79db30bfbe0ed6f05cfb787caa5a332362b0cd9

HTTP Headers

GET /7945/media/man.png HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: text/html; charset=iso-8859-1
content-length: 334
location: https://d1zp0skjzco26d.cloudfront.net/media/7945/media/man.png
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2

www.seniorflirting.com/7945/media/credit.png

3.67.229.193

302 Found

337 B

URL HTTP/2
www.seniorflirting.com/7945/media/credit.png
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
337 B (337 bytes)
Hash
dcc82a530e5b4d46732c0372746a8409
4f380ea1be30699fa199fe75038cf3f9c337d5f5
870d028549ed17f28e5c20988149441148bb99b3ceeec2511237622e14b58649

HTTP Headers

GET /7945/media/credit.png HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: text/html; charset=iso-8859-1
content-length: 337
location: https://d1zp0skjzco26d.cloudfront.net/media/7945/media/credit.png
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9754
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 07:48:58 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js

142.250.74.106

200 OK

68 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (64399)
Size
68 kB (67865 bytes)
Hash
1c1c03a2c66f6ffc02df0371ce07d198
b8135c09922be0e935e1bab89d9f1c7ef417ff70
84bd856a069914c7516636117e2b2343935ac76dcf99aca86e7a8b2bcfb39b6c

HTTP Headers

GET /ajax/libs/jqueryui/1.13.2/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 67865
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 06:03:17 GMT
expires: Fri, 26 Jan 2024 06:03:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 20 Jul 2022 08:22:53 GMT
content-type: text/javascript; charset=UTF-8
age: 179141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7585 bytes)
Hash
ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1WE1zQwrCGVy8HLT9_BFkAr6rQE_ROyttMOByR32KeT0w2Hd_ylvYQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:16:00 GMT
age: 34378
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9754
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 07:48:58 GMT
Connection: keep-alive

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 00:57:20 GMT
expires: Sun, 28 Jan 2024 00:57:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 24698
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4975 bytes)
Hash
c982569d070f24dba1259603091c22e3
0f93acb5bee53670cc4ef486922f7333d96a2f4e
9a5a2d8a181a763ee6f60c27b396a0e3d7b1527e5177b2aff8d511db250753ed

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ed7c466-ac98-4e05-89cf-f0abf56e8d98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4975
x-amzn-requestid: 633350b7-4686-40d5-8c9d-3c097f8e2d34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-EBGuaoAMFbSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b3-4201212c1a0eb2a65d3f494c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XRAeWdoEkbnzXKOs_EdgQ1r9BGOeDNh4FRXm-fv0KiCz4juqk8UKIw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:35 GMT
age: 35363
etag: "0f93acb5bee53670cc4ef486922f7333d96a2f4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9364 bytes)
Hash
f185f0b4f90d06dbb397b44ed9c73dbe
a48e2c369a048447e0e25e4791eb603859391c1c
b466060fc132cc8d23fcb83001206606e2d5502118c65e9f55795b5adbff2fa6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F238effff-cb43-479f-8853-06086fff1bd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9364
x-amzn-requestid: e556be7b-567a-4c9a-931e-ff6fee42d3a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T8GbFoAMFySg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-6f4476e9388c77a057153277;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LPkLrx7l9Qf_GKdtJq_77RUkvgnKZlCaDN34xsB5bEO8c9VQEJPAew==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
age: 35540
etag: "a48e2c369a048447e0e25e4791eb603859391c1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9754
Expires: Sat, 28 Jan 2023 10:31:32 GMT
Date: Sat, 28 Jan 2023 07:48:58 GMT
Connection: keep-alive

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 35532
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13376 bytes)
Hash
195316042e7f798eeeb7993fecb3a383
4aeca24ad4702f87feaf9674ea0c1ff6d71826a3
b7e0a61060455241fce844d2c91eca500d409804361063ddb61053cbc9c7b1c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ce0741-fcf6-4205-8b3a-016953553eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13376
x-amzn-requestid: 64d0092e-1f1a-4183-a4a6-805e0bf37d32
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-DvHIyoAMF6fA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b1-6387770232ddca74531bce91;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jqb6G21QeTDiI0HWT9Fd87D-HkAOiesyfN9vr7vMxrOUADBxV-_Fug==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:55:42 GMT
age: 35596
etag: "4aeca24ad4702f87feaf9674ea0c1ff6d71826a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.seniorflirting.com/7945/media/background.jpg

3.67.229.193

302 Found

341 B

URL HTTP/2
www.seniorflirting.com/7945/media/background.jpg
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
341 B (341 bytes)
Hash
333a1890f845d2d3073c48054c337839
458883950c014e9d399d7eab01f354c2eec33dac
bd66ea2bfb34fa0fd2a61c51825c7aac107f9378dfee601ef79519772226b945

HTTP Headers

GET /7945/media/background.jpg HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/7945/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: text/html; charset=iso-8859-1
content-length: 341
location: https://d1zp0skjzco26d.cloudfront.net/media/7945/media/background.jpg
server: Apache/2.4.38 (Debian)
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.35

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.seniorflirting.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 07:08:09 GMT
expires: Sat, 27 Jan 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 88849
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 07:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

54.230.245.39

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.39:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3f717d5d65fef30b4ecc190b2360bbec
2b16dcf4bfc3429f46804b8815ccea400f2ecd85
d0d4c653d78406e852bbe9327d1f458b6535ef707fa3ee117933da86fa98a307

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 07:48:58 GMT
Last-Modified: Sat, 28 Jan 2023 06:14:55 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6ZFV-eK4tyk7AFX2rsNI3I_XIrhZp8gmt5qFRyOl4hbhsPryNTZAfg==
Age: 5643

d1zp0skjzco26d.cloudfront.net/media/7945/media/background.jpg

54.230.245.204

200 OK

221 kB

URL HTTP/2
d1zp0skjzco26d.cloudfront.net/media/7945/media/background.jpg
IP
54.230.245.204:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1280x800, components 3\012- data
Size
221 kB (221155 bytes)
Hash
df8855fd7fade772e0159e928a932fee
cb3219047cc0302818d3abd32f6699578f267a9b
ad05b87807a32b536ff55abd1463e14d282859231b2cfc14d15dee30cbc0fadf

HTTP Headers

GET /media/7945/media/background.jpg HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.seniorflirting.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/jpeg
content-length: 221155
date: Fri, 27 Jan 2023 21:39:16 GMT
last-modified: Tue, 20 Dec 2022 09:45:04 GMT
etag: "df8855fd7fade772e0159e928a932fee"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _CNZVZEgCAU1HrPJWJmpDaEZD_XUZw0ZF4DtwIaAl44r25rMb6J4DQ==
age: 36583
X-Firefox-Spdy: h2

www.seniorflirting.com/7945/media/favicon.ico

3.67.229.193

200 OK

1.2 kB

URL HTTP/2
www.seniorflirting.com/7945/media/favicon.ico
IP
3.67.229.193:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
18c8ba52db1ac2d3ccc020ba3c4a45bd
8820194d2f624ca833b1e1a35dc9def09c168a10
8faeb3f7a932e056b5d3939667c8209c4d8eea833e8d3997e6244493537615ed

HTTP Headers

GET /7945/media/favicon.ico HTTP/1.1
Host: www.seniorflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/7945/?country=NO&region=Oslo+County&city=Oslo&brands=seniorflirting.com&clickid=8bd7f073cb5c4f87b709bd0e21602950&pi=1104&campaignId=SOURCEID&var1=SUBSOURCE&var2=&var3=w65tvf9ejp5irf7m21c3ssek
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
server: Apache/2.4.38 (Debian)
last-modified: Thu, 26 Jan 2023 09:36:10 GMT
etag: "47e-5f3277a9df680"
accept-ranges: bytes
X-Firefox-Spdy: h2

d1zp0skjzco26d.cloudfront.net/media/7945/media/man.png

54.230.245.204

200 OK

6.2 kB

URL HTTP/2
d1zp0skjzco26d.cloudfront.net/media/7945/media/man.png
IP
54.230.245.204:0
ASN
#16509 AMAZON-02

File type
PNG image data, 88 x 85, 8-bit/color RGBA, non-interlaced\012- data
Size
6.2 kB (6204 bytes)
Hash
23b1b3c579745c2b018a7e8f88195527
4e8f3c584dda8bd05af1af482a245803a943062e
cb78052afebe56ab9012a2b31140a28225964e684b57fedb2f64a514eb6b9494

HTTP Headers

GET /media/7945/media/man.png HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.seniorflirting.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 6204
date: Fri, 27 Jan 2023 21:39:16 GMT
last-modified: Tue, 20 Dec 2022 09:45:02 GMT
etag: "23b1b3c579745c2b018a7e8f88195527"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Za76jCyCw6H-djK3-zT9mWUEPswyJtJpbmbWz8kCwtx7wE2AjiA6Aw==
age: 36583
X-Firefox-Spdy: h2

d1zp0skjzco26d.cloudfront.net/media/7945/media/woman.png

54.230.245.204

200 OK

5.6 kB

URL HTTP/2
d1zp0skjzco26d.cloudfront.net/media/7945/media/woman.png
IP
54.230.245.204:0
ASN
#16509 AMAZON-02

File type
PNG image data, 88 x 85, 8-bit/color RGBA, non-interlaced\012- data
Size
5.6 kB (5618 bytes)
Hash
b08be2bda6e4bed05112c67b647d2c17
9aeb0164a2f713ecdbed26c7f6ba732b9c5cb6c2
c6a2064216dfc19086bc1c65271dafbe00caf32af7546dbe67a2d68f0f71c4c0

HTTP Headers

GET /media/7945/media/woman.png HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.seniorflirting.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 5618
date: Fri, 27 Jan 2023 21:39:16 GMT
last-modified: Tue, 20 Dec 2022 09:45:03 GMT
etag: "b08be2bda6e4bed05112c67b647d2c17"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KY94orucDQhHGYQ1ELGdMKlZU_sTcdxSwxo2IubzNa0x8WCtNCsrlg==
age: 36583
X-Firefox-Spdy: h2

d1zp0skjzco26d.cloudfront.net/media/7945/media/credit.png

54.230.245.204

200 OK

12 kB

URL HTTP/2
d1zp0skjzco26d.cloudfront.net/media/7945/media/credit.png
IP
54.230.245.204:0
ASN
#16509 AMAZON-02

File type
PNG image data, 203 x 65, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12484 bytes)
Hash
cc1069f88eaa12609d38835df46bd066
57b9510f0838ad53ee64d0d744be3bfa40319440
b33d95f6241af54873c92f109ee0eaef50df74cc3be729d72b3b754cde4a0b8a

HTTP Headers

GET /media/7945/media/credit.png HTTP/1.1
Host: d1zp0skjzco26d.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.seniorflirting.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 12484
date: Fri, 27 Jan 2023 21:39:16 GMT
last-modified: Tue, 20 Dec 2022 09:45:02 GMT
etag: "cc1069f88eaa12609d38835df46bd066"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x9tsvjSbLDy_l8NvWq9efvL1hOlSjjO0OMzVQjUjcXxgGGYxOTPv8g==
age: 36583
X-Firefox-Spdy: h2

live.connect2api.com/langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en

18.185.169.138

200 OK

99 B

URL HTTP/2
live.connect2api.com/langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en
IP
18.185.169.138:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
99 B (99 bytes)
Hash
aef377e477b35e8352ffb4dfadccf881
3dc7cf829839b732cd764e1a36905f47e83d43ff
06a81b1f0fda6bc4c6cd8a0a0321b3ed9e944ebdf2c40433b4dad32c0aa371f7

HTTP Headers

GET /langlog?country=NO&lang=en&en=1&nl=0&de=0&es=0&fr=0&it=0&langs=en-US,en HTTP/1.1
Host: live.connect2api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seniorflirting.com
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: application/json
content-length: 99
server: Apache/2.4.54 () PHP/7.4.32
x-powered-by: PHP/7.4.32
access-control-allow-origin: *
access-control-allow-headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
allow: GET, POST, OPTIONS, PUT, DELETE
app: MadOffersAPI
cache-control: no-cache, private
set-cookie: laravel_session=eyJpdiI6IkNmZ01BVzRVZGVVL1BzbU5BMldEc2c9PSIsInZhbHVlIjoiOXZXS2RCSks4VjF3R0poT1h5SzdaR3FUMkxhUXRKeWlPQ3hRdFducUtodm9peVZzYS9kM3BpYXR1ZWF5RG5RV2F2RTZUbDZyQXk3Kzl4S0c0azUrdGRmOGVXNldGRlFSTUJVcitBYlRjZ0hlc2lhZmVpVnhlU0o4T2IxdWR5K1oiLCJtYWMiOiJmZWFjZjBjYWEzZTY1ZjI5N2E3ZDkzZjc3NTQ0NWYzMTQ4NjBhNjY3MTYzMmIyMmMyMWI2YjRiMTVjNmYzZmM1In0%3D; expires=Sat, 28-Jan-2023 09:48:58 GMT; Max-Age=7200; path=/; httponly; samesite=lax
X-Firefox-Spdy: h2

unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js

104.16.126.175

200 OK

0 B

URL HTTP/2
unpkg.com/ionicons@5.2.3/dist/ionicons/ionicons.esm.js
IP
104.16.126.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ionicons@5.2.3/dist/ionicons/ionicons.esm.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seniorflirting.com
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"14f-6q7cP/2WOxXfiij0/H6SoJ2icJE"
via: 1.1 fly.io
fly-request-id: 01G4XKKPY6H1AMZBNVTY4CXCG5-fra
cf-cache-status: HIT
age: 20336078
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 790820f98fdcb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/ionicons@5.2.3/dist/ionicons/p-4372c4bc.js

104.16.126.175

200 OK

0 B

URL HTTP/2
unpkg.com/ionicons@5.2.3/dist/ionicons/p-4372c4bc.js
IP
104.16.126.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ionicons@5.2.3/dist/ionicons/p-4372c4bc.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.seniorflirting.com
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"4a1-eLv8UEu9cOFw7ZcY76wJ+IRRvYI"
via: 1.1 fly.io
fly-request-id: 01G4XPYTT1EG50B7YNGR38J9FT-fra
cf-cache-status: HIT
age: 20332672
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 790820f9aff1b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.226.52

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.226.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1399
expires: Tue, 31 Jan 2023 07:48:58 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 790820f86bebb4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2

unpkg.com/ionicons@5.2.3/dist/ionicons.js

104.16.126.175

200 OK

0 B

URL HTTP/2
unpkg.com/ionicons@5.2.3/dist/ionicons.js
IP
104.16.126.175:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ionicons@5.2.3/dist/ionicons.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 07:48:58 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"3c2-ekNqUptqD1AEc5D0dUT6kSacGE0"
via: 1.1 fly.io
fly-request-id: 01G754FJRGHFW8Q10W30D0D7EY-fra
cf-cache-status: HIT
age: 17936212
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 790820f8ac3ab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Lato&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Lato&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Lato&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 07:48:58 GMT
date: Sat, 28 Jan 2023 07:48:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:wght@400;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 07:48:58 GMT
date: Sat, 28 Jan 2023 07:48:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto+Condensed:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.seniorflirting.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 07:48:58 GMT
date: Sat, 28 Jan 2023 07:48:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML