Report - of.trafican.com/sl?id=615edca2f2be9af3ca25e3e7&pid=501&sub1=1ppnccjg6lvl&sub2=501&sub3=540&sub4=8384&sub5=frd&sub6=0&sub7=&sub8=

Report Overview

Submitted URL
of.trafican.com/sl?id=615edca2f2be9af3ca25e3e7&pid=501&sub1=1ppnccjg6lvl&sub2=501&sub3=540&sub4=8384&sub5=frd&sub6=0&sub7=&sub8=
IP
104.21.85.150
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-01 05:11:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.242.41.15
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	727 B	3.3 kB	104.18.20.226
campaignsrus.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	528 B	982 B	188.114.96.1
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
clik.global-trk.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	577 B	2.1 kB	63.32.205.138
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	68 kB	151.101.129.229
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	519 B	2.0 kB	216.58.211.4
l12.datingtopia.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	706 B	104.21.65.62
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	29 kB	104.17.25.14
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	29 kB	31.13.72.12
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	7.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	9.1 kB	142.250.74.131
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	1.6 kB	142.250.74.106
app.swpush.com	319657	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	2.8 kB	188.114.96.1
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	21 kB	142.250.74.110
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	87 kB	31.13.72.36
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	949 B	188.114.96.1
v.gambol.link	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	602 B	969 B	18.156.16.63
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	611 B	714 B	74.125.131.156
subscribe.swpush.com	504964	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.6 kB	188.114.96.1
cdn-dt.fcdn.info	230544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	42 kB	104.21.234.87
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	36 kB	142.250.74.35
of.trafican.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	825 B	104.21.85.150
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	984 B	54.230.245.110
kingered-banctours.com	844736	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	18.195.123.247
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	78 kB	34.120.237.76
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	4.2 kB	87.250.251.119
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	518 B	694 B	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-01	medium	kingered-banctours.com	Sinkholed
2022-12-01	medium	kingered-banctours.com	Sinkholed

JavaScript (13)

	URL	Size	First Seen	Last Seen
	cdn-dt.fcdn.info/swpush.min.js	34 kB	2023-03-07	2023-08-07
Pretty URL cdn-dt.fcdn.info/swpush.min.js IP 104.21.234.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-08-07 07:25:23 Times Seen135 Hash af2540aefe6334edb036a720947abb72 f17f394267c73b004d0f2c6dfb8a790aa2d7bf7e 7af8787e4bc78270a5a72a75f86a45ae9d3bd803c3c57ec3efb84d2aabe102a2 Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls	2.0 kB	2023-03-08	2023-08-05
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:49 Last Seen2023-08-05 05:23:20 Times Seen90 Hash d00e6ad49da65d35d2c16a0e8dc62528 288f34d1c15166d79dfb6e21eae4d544f9d8fcde dfc2a1ae536ba70b69ca552d509366a0dbc8d7489af802a59cd70d7eb06cc5a3 Loading...

	kingered-banctours.com/hp	382 B	2023-03-07	2024-03-03
Pretty URL kingered-banctours.com/hp IP 18.195.123.247 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-03-03 10:20:26 Times Seen1245 Hash 10263a40a9d604e06e31e20f0b213918 524c7e3d46f4c3b19319ff3315ba6adfafd5eb3b 1d685538334a6762f8c278c2274cb62dfdc47c59ba5968562dddf4f96d808aee Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-15 19:32:36 Times Seen1507 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	connect.facebook.net/signals/config/1426921724108509?v=2.9.89&r=stable	301 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/1426921724108509?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:21:49 Last Seen2023-03-11 23:21:50 Times Seen1 Hash 4d8be5247821b615c079e083222282ee 4fb3f3e3d8d01f9edc963edaf910416fa1fb1047 f7817016a22581a3f09f8f2a64e00bb7f6a93772a32e6d5a4784132cf2fc8c4d Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls	64 B	2023-03-07	2023-06-03
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:20 Last Seen2023-06-03 23:52:16 Times Seen3 Hash a8fd51875ebf85929d55cbca281af8c8 0a7935609c4e652ac7385240212c46eb0766f439 e18eb1d0dceaab228ea0b8574efb80a50d47e89d0bb980f42d8f1074035de602 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-04-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-16 21:02:46 Times Seen94706 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls	98 B	2023-03-11	2023-08-05
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:06:56 Last Seen2023-08-05 05:23:20 Times Seen7 Hash 6f5cc698895f00f4798f7d42444b060b c2b16ed17b409db7247bb27c79362981ebf5ffe2 4577d7f1f7c1fd1283deecd001c978da857c9a2aea80272c9a0d4b2c63c4e360 Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls	8.4 kB	2023-03-11	2023-03-11
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:21:49 Last Seen2023-03-11 23:21:49 Times Seen1 Hash c3eaed84a240effc5a9d0ccab848e3a7 5cd6ef2e0889911ef470c00a5ead5b7cd3bc0336 2a3ea367c9acef281ebef9b3135235dae24f692a99963993d6a1911091573f7c Loading...

	l12.datingtopia.com/j56le98/js/fn.js	502 B	2023-03-11	2023-06-03
Pretty URL l12.datingtopia.com/j56le98/js/fn.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:06:56 Last Seen2023-06-03 23:52:16 Times Seen4 Hash cc4d50800fcd93497d25b6c309d76fe4 6455a66293112b3e26034565b6d08682a2366b76 6b2c588c281dbf5bd57ff7c9587e7e4c0ffb5a33c16613be58f800bb480cd011 Loading...

	l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls	486 B	2023-03-11	2023-08-05
Pretty URL l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls IP 104.21.65.62 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:06:56 Last Seen2023-08-05 05:23:20 Times Seen7 Hash 2554fa32557299b32acd18e5e61427b4 c98a79bde494c171d8f9bc15bd2e52491c574aa3 dcf4450bdb83decd29daeab83fafa608449eca8294eb23a66a15be5d8bce2b3f Loading...

	cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js	165 kB	2023-03-11	2023-03-11
Pretty URL cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:27:12 Last Seen2023-03-11 23:21:49 Times Seen1 Hash 60c9a521a4107bd29878a87910910fdd 48cafe623cd352d58c1c5965265380b2844b8ed7 56e54a9bc2d28a88e7e6d212e692821e07f601185ee5b5e972355a8bbcd9f3cd Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

HTTP Transactions (73)

URL IP Response Size

of.trafican.com/sl?id=615edca2f2be9af3ca25e3e7&pid=501&sub1=1ppnccjg6lvl&sub2=501&sub3=540&sub4=8384&sub5=frd&sub6=0&sub7=&sub8=

104.21.85.150

302 Found

0 B

URL HTTP/1.1
of.trafican.com/sl?id=615edca2f2be9af3ca25e3e7&pid=501&sub1=1ppnccjg6lvl&sub2=501&sub3=540&sub4=8384&sub5=frd&sub6=0&sub7=&sub8=
IP
104.21.85.150:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sl?id=615edca2f2be9af3ca25e3e7&pid=501&sub1=1ppnccjg6lvl&sub2=501&sub3=540&sub4=8384&sub5=frd&sub6=0&sub7=&sub8= HTTP/1.1
Host: of.trafican.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Thu, 01 Dec 2022 05:11:36 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://campaignsrus.com/cr.php?cid=7290&aff_id=7204&doland&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0
Set-Cookie: afclick=63883788a134710001d65ab7; expires=Fri, 01 Dec 2023 05:11:36 GMT; secure; SameSite=None
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrESdDrwvcbZtAvFPOopfBoRgM1HOTCTaFLriKSyfB45c35W0LhmjAnjLF18IPp9vQCSySd98vLlqsksa7QiqyQNaYodPrKr%2FeiDaUAdvdudBBTDG58c%2BnDlvlDELM3VE6I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 772952b42cc50b61-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2934
Expires: Thu, 01 Dec 2022 06:00:30 GMT
Date: Thu, 01 Dec 2022 05:11:36 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3636
Cache-Control: max-age=109219
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:36 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 11:31:55 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 04:19:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3111
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5943
Expires: Thu, 01 Dec 2022 06:50:39 GMT
Date: Thu, 01 Dec 2022 05:11:36 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cqv1P0MEK4mFUBqHPIRl7BoMNE7f9mUHiXPT4MVRofZwUCuj0HGxCtBWEBY8TXXZKGTul4WkpSE=
x-amz-request-id: 8NEHAV6RGXGZRPXB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 04:45:31 GMT
age: 1565
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 05:11:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
899bc4c5e864e7d964363e67d345ad59
7d7806cf09ea8bd6b22ed08c599f72cace01c537
d24477c0516943d6bb8d7fba704a0a30b3fa4b9db3f4627df730b354ac4a56a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:36 GMT
Server: ECS (amb/6BB7)
Content-Length: 280

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 05:08:56 GMT
cache-control: public,max-age=3600
age: 161
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
899bc4c5e864e7d964363e67d345ad59
7d7806cf09ea8bd6b22ed08c599f72cace01c537
d24477c0516943d6bb8d7fba704a0a30b3fa4b9db3f4627df730b354ac4a56a9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:37 GMT
Last-Modified: Thu, 01 Dec 2022 05:11:36 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3575
Cache-Control: max-age=104089
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:37 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 10:06:26 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6cc449b83cb0839288ed365989e506e5
7d66029ded813c8dd9b1440f2856d1d441a87741
9907f6fcd098da2b204640e7cd946ef14a7b3f05031ce120e51c756b2dcb8870

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167812
Date: Thu, 01 Dec 2022 05:11:37 GMT
Etag: "6388240d-1d7"
Expires: Sat, 03 Dec 2022 03:48:29 GMT
Last-Modified: Thu, 01 Dec 2022 03:48:29 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pwAScXwaBMv9ZlwSwZJ7YzVb7SLW4Pqgib31YDn5uiRg3AUeVFXCuQ==

clik.global-trk.com/aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=EvDS113018697&aff_id=7204&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0

63.32.205.138

302 Found

385 B

URL HTTP/1.1
clik.global-trk.com/aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=EvDS113018697&aff_id=7204&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0
IP
63.32.205.138:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
385 B (385 bytes)
Hash
bc9b466981de9b6c1df0b6ea3e3d64d5
70e57245fde049185adbb25c1ee370b6ee1974ea
3e20ea3dc280bb407fbb56beeab3e94a335b0d11ee2bbe53d5ba3e9c2f5c6da8

HTTP Headers

GET /aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=EvDS113018697&aff_id=7204&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0 HTTP/1.1
Host: clik.global-trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Dec 2022 05:11:37 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 385
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://v.gambol.link/bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_7154=ENC03671f72c7c0cd57a47fbd4ade14baddcd046d2097b36b25fd2f3fcc152bc9e0cf4d3f33c00554942968240ef8aa7f122d367edf363b122a965897ea8b657ad21db5645beec90d1f5d3f3ba4cd9ba838068b5ef1f99fcd4513bf5266a84974ae3d49541142d2338eba24fe6333c550f97e6cdcdc53a2dab24292dc6ce9ed4b9740c7949c4225e6d9fcdfb6aaccf88143882870d1db2af5e64508d551e078d57a2402b053c1; expires=Sun, 01 Jan 2023 05:11:37 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 25 Oct 2025 15:51:37 GMT; path=/; SameSite=None; Secure
Tracking_id: 102cd926709d4b7bb2c46dc46e59d5
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: e49fbd27f1fb5fa89aa426416d51b8a6
Access-Control-Allow-Headers: Tune-SDK-Version

v.gambol.link/bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5

18.156.16.63

302 Found

0 B

URL HTTP/2
v.gambol.link/bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5
IP
18.156.16.63:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bacf24eb-ee09-4999-950c-bd9380adc496?utm_source=bacf24eb&utm_medium=44&utm_content=GSL-7204&utm_campaign=501_0&email={email}&cid=102cd926709d4b7bb2c46dc46e59d5 HTTP/1.1
Host: v.gambol.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 05:11:37 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wddmv05p5471btrk2toef2ls
pragma: no-cache
set-cookie: bacf24eb-ee09-4999-950c-bd9380adc496-v4=n0n1EcuD8zwe6_tfziFVWsqA1SPmWL8H5zbRks5bzps; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:11:37 GMT; Domain=v.gambol.link; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=QwLSQ7cnXbW49Lk%2B3kbObnV6mQnu%2F1wcBY8Uyoep%2FG76gUd4AfsW0HssdvTtsQeljrRrvK2y3pBsoMpoxxN1D82%2BeK0gkIGudeop%2BUHMHquOqNnrgLdTKfKwp%2FvZDNO4ioVv%2BvqT2k2QvXPtpSIBzQ%3D%3D; Max-Age=31536000; Expires=Fri, 01-Dec-2023 05:11:37 GMT; Domain=v.gambol.link; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.242.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ds48pQbhEYN0/NP+hha2WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: plyHKvTYen/GWxgVMIt0xQRAfy8=

kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wddmv05p5471btrk2toef2ls

18.195.123.247

302 Found

0 B

URL HTTP/2
kingered-banctours.com/0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wddmv05p5471btrk2toef2ls
IP
18.195.123.247:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /0e565a05-6b58-4a68-8931-3234a344b16f?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&cid=wddmv05p5471btrk2toef2ls HTTP/1.1
Host: kingered-banctours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Thu, 01 Dec 2022 05:11:37 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls
pragma: no-cache
set-cookie: 0e565a05-6b58-4a68-8931-3234a344b16f-v4=Aybzkymq1zP_zs1mK6D6EaOugFrpLcDC_IETBnamrpo; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:11:37 GMT; Domain=kingered-banctours.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=O-BXIrcBLIcozdzf5UWdYbJl5A95SuIYs9tEJHrwm7w53Gi3liNMnPhEpfDfOzW6g7nYg2MdzEhrZxOUA6072qTmhuSS8RGS3sH8E9cbc-U4RkvcK5i8of9pLvDaJFHy-IC7-hMH7zIYTXhYgrq62wm8K3gDjbLZyFtmne6376qpLOdO415kuK8GKXxYVav9xo0DxIajZdZWZ9s19wiu-f7JIXN_1pR7X6wt32D3xk33TyNpCxOpbwiHRtWJvlwLnEV9GgBiVz1PzeXOOWqrGBgP4Uv55nmAghcwE380YRpc0UvEW6X9JothTrkw-bbqzXqmKlspa7IrszcFTuw5ypZ-izMNMMftYvTsT1Dmy10trYP_UoGKf1ZFiWHyw3yT8W_i5O38G4lR2wDxnLn5x3I2S7ue2r9iyou1UvcYgtrOZxZ4It04w-eure1C9hE8430hUERU3bm_N5JmXhOwSJtGq737vT22jogliEdM11wOU8AK_Gk2xRprQb6eeExw; Max-Age=86400; Expires=Fri, 02-Dec-2022 05:11:37 GMT; Domain=kingered-banctours.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bf9e2e94c25978cafa9051ddac7804a0
241f23b2f445531965a581a1db62e669fda220e1
b78ef1ced95e8dae2401e37272c0c74ea6e4231945c5655cc879ab7909459ce9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 630
Cache-Control: max-age=161996
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:37 GMT
Etag: "63880adf-117"
Expires: Sat, 03 Dec 2022 02:11:33 GMT
Last-Modified: Thu, 01 Dec 2022 02:01:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2992
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:11:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2992
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:11:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2992
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:11:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2992
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:11:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2992
Expires: Thu, 01 Dec 2022 06:01:29 GMT
Date: Thu, 01 Dec 2022 05:11:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10985 bytes)
Hash
f07f254d44ff2fb86ee22cee39ef3eb0
0660a548a491d4a58ca2246f094f0553437c3f61
859b2416d638b1dc91ff563800517124b38d45b4c5db99e21539c1700829dbe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02cf22ee-ded9-4b9d-b5d8-ee6690ac9f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10985
x-amzn-requestid: ef9e5eb9-b7b3-41e9-9837-a5979ab35d94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV91OFzsoAMFcew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63857687-53b152c0027d26e52383e27e;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 03:03:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: F_ZBWwAOPbEjvMD1ChrgN9QYUyyFYdtRT6CcX6gviowmeinPRgVtnA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:19:21 GMT
age: 3136
etag: "0660a548a491d4a58ca2246f094f0553437c3f61"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1df312f-7c86-4a62-be1e-1a72c9b2d228.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
72735620afafb0d8d91b6d83cf292298
9de2fd7c375e92fd60444dc677cf09428393eff3
9dd40d4adf9e3dacb962cc6e1bd00d38473125567eb2b57eef643be972dfe69f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1df312f-7c86-4a62-be1e-1a72c9b2d228.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8660
x-amzn-requestid: 9474178d-c342-498a-996d-1ef3b804f1a7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cWh0hEx_oAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385b01c-33e27513010fdec8627942be;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 07:09:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4R5jPnETZnbrWCUXoWvq3FTs_NOJMQWCaHbK321P4qqRgv05JtR1kA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 07:18:56 GMT
age: 78761
etag: "9de2fd7c375e92fd60444dc677cf09428393eff3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4409 bytes)
Hash
b8802d5080eb35e4052ef31cf7658650
1e78566f2e69268c5f753fb49112ab07aae3eccf
9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4409
x-amzn-requestid: cb422842-e955-4749-8b2a-3c028a09c20f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz7XEE2IAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd15-3c4d1a6d4d542e81179ea8ba;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zYLCQ4DUQtMklG-T-ATot22PDIUMjnN1wpVkoHBh4Oa3TAyNzTv86g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 26512
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10437 bytes)
Hash
291127b670135b42b6e9687aa2a13237
99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1
49b082a738bcd15a0bb4e9f96a180797ffcfa368977ac1927df882a0343664d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff41bace1-a7a5-42ae-b255-862c9cbac9de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10437
x-amzn-requestid: 2a8183c4-47ec-42bb-8e67-3e742dc3750c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YpEeooAMFfvg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-2014fd4d49dcd4087bf1db4d;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Q9y5-OF59ODaZRd9YFFdM2rIH0bYYyIT40rCwr8cBwBQd0GOqtNobg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:08:51 GMT
age: 25366
etag: "99b5ef2d6a4d1a1251a06d9d9f989b01d089a8d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4762 bytes)
Hash
d2dd5a4bcfd47db8f38544bf39ce3031
fa2217bae05b7beca2e12597eaad835298276b82
3266004f5e73af5359b71622eea31f1e28abb4bbc443b5f9e481b5a8b2e9249e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F051e025a-c892-4a7d-8a1d-95f6d77ebb3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4762
x-amzn-requestid: 52b09ca3-705b-4c86-9f56-172637553f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7TVG58oAMFQTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c15-4577a47243ad190672f8ac89;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Y0-NAp2LMMG5TjQQ9ENHwDyKXLObKTYqzPPOWvZhs7Y9WJIC6LoblQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 08:50:17 GMT
age: 73280
etag: "fa2217bae05b7beca2e12597eaad835298276b82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3751 bytes)
Hash
609419f1a2c58ae67febde5e2cb91c9f
bfb37735a2500848338a8fa12f28516a1ad9b5ba
32a4a65c8bd4da715b5331537bd606bab2767ad8c07af3b8aebbe5cad5591812

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38aeadfb-098c-4e6a-8abc-40288efe2526.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3751
x-amzn-requestid: 80396218-5515-4f77-9d57-95b323e1f1c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzNHHGGoAMF8mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbed-09f83d1a5b7f65175fb137ab;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _mQdH9J5CaTiYNIQf5xVn-HGUP5tKhW_1foVDdpsVIoG_NKb9wZOJg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:45 GMT
age: 26512
etag: "bfb37735a2500848338a8fa12f28516a1ad9b5ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
bf9e2e94c25978cafa9051ddac7804a0
241f23b2f445531965a581a1db62e669fda220e1
b78ef1ced95e8dae2401e37272c0c74ea6e4231945c5655cc879ab7909459ce9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 630
Cache-Control: max-age=161996
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:37 GMT
Etag: "63880adf-117"
Expires: Sat, 03 Dec 2022 02:11:33 GMT
Last-Modified: Thu, 01 Dec 2022 02:01:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27748 bytes)
Hash
638a4990025383a0f83ebf29bdb84a68
153e8818dc42f598e47fde8cf398f1447649a4d0
878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:11:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 27748
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15851"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3038522
expires: Tue, 21 Nov 2023 05:11:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3V25opbQDMCwla9fDWMCqSF4FjOfivz5Elg1jidgZIE%2BAEbP0rKhz%2FUq7yBXXMjYVsB%2F5R%2F0kve9EU6DKsMlARZe3Bn9ewSbVidtlt44utdsEwhM7I8dQ7qAEd1zR1bz3S8D7aUP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772952be8b15b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
fac97585e2ade88546f664f3bdc32c19
951f4b7f91f0d963e56bbab370647caed9f60287
7328b50cc11ed5cc081891644a18261991fefc7083d1b4bfb76ff3ccb91de1a7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 630
Cache-Control: max-age=148351
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Etag: "6387d593-118"
Expires: Fri, 02 Dec 2022 22:24:09 GMT
Last-Modified: Wed, 30 Nov 2022 22:13:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Ubuntu:300,400,700

142.250.74.106

200 OK

854 B

URL HTTP/2
fonts.googleapis.com/css?family=Ubuntu:300,400,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
854 B (854 bytes)
Hash
0f8edd0e9d80dbf40047f350d555e50d
6e761bf3fe0125ec765f4dc725215ab58b1f1548
beba5907ff72ea16f61db84ff85d183de63bffbf9047adb805ad4e987d12cb78

HTTP Headers

GET /css?family=Ubuntu:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 05:11:38 GMT
date: Thu, 01 Dec 2022 05:11:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

151.101.129.229

200 OK

67 kB

URL HTTP/2
cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
data
Size
67 kB (66907 bytes)
Hash
d000038a1cc99cfe2c035a12535fa1c7
bac4ba171b59bf58196f667af7d027e293c36c29
46556795137e778c0b1138daec822762eb678488aaccfd7d582210385e6ef730

HTTP Headers

GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.249.0
x-jsd-version-type: version
etag: W/"28441-HHcPD8UUl0943tDpENjh6gMs5yQ"
content-encoding: gzip
accept-ranges: bytes
date: Thu, 01 Dec 2022 05:11:38 GMT
age: 38791
x-served-by: cache-fra-eddf8230043-FRA, cache-bma1634-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66654
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
bf4e100eaf315f162b2944a4788424a3
06b4f9cfe21567611455c8027c1d9210185ba7d8
3fbec0db105a8b3402516a2f02a753e59d0efe38631de093d285f6211c0121fe

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 05:11:38 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78A12757C72E70FCDF773DDBCB6B3832E74CF061"
Expires: Thu, 01 Dec 2022 16:00:00 GMT
Last-Modified: Thu, 01 Dec 2022 04:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3526
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772952bfe9d4b527-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dt.fcdn.info/swpush.min.js

104.21.234.87

200 OK

41 kB

URL HTTP/2
cdn-dt.fcdn.info/swpush.min.js
IP
104.21.234.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (34449)
Size
41 kB (41006 bytes)
Hash
a958619e46cbb14d55a8a83cb43f789a
0bfd65e7b71fa8a3fdc1cd3d618f1afe84f40541
ddc22503f9e3b45e6b35bf36b326bc1517e6f4787c8ad3218ed484e62f7f3924

HTTP Headers

GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:11:38 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 671173
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ8N0Iahg13jEZKkV9dDN%2F%2Biz%2BEA5wolHW8uQ7ynsO5Po2TnB8UFEDIu4oBrpzJB5BqXlKFURRGHxMNpq4JVWZOGwLjDcsohWOsKiBqp0zoHIgdlGlgnR85UU6yARV2hrPjr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 772952bf1abc76e4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

711 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
711 B (711 bytes)
Hash
09539cf8a9137f9c2d74acc2eb6113e1
75f3cd956d577a72ba3c4141a2d5f66e1949e10c
ebb5ff130363fee0f8dc1bdb6250bc8216c476b6130fee74f0bde2c82025fc59

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5911
Cache-Control: max-age=122972
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Etag: "63875dcf-117"
Expires: Fri, 02 Dec 2022 15:21:10 GMT
Last-Modified: Wed, 30 Nov 2022 13:42:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

142.250.74.35

200 OK

35 kB

URL HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Size
35 kB (34852 bytes)
Hash
0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

HTTP Headers

GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:29:21 GMT
expires: Fri, 24 Nov 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 578537
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
a98f82d2ecb0ce80de9b393e33c7d97b
c431a7ac9d33902d8a1ce508b55afe8974e3fe5f
3b55a3b3d11a87172c61c9daacb7f5a68e401400a3318c84cd9d4248c2a29c40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5911
Cache-Control: max-age=122972
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Etag: "63875dcf-117"
Expires: Fri, 02 Dec 2022 15:21:10 GMT
Last-Modified: Wed, 30 Nov 2022 13:42:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

app.swpush.com/get-keys

188.114.96.1

204 No Content

1.2 kB

URL HTTP/2
app.swpush.com/get-keys
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.2 kB (1234 bytes)
Hash
48a2c52836750315b5047287348b97e9
98e5f330f65df8b055df82edd0ec2353214c7548
26f9f6ea0ebf143358dec3779d63e6fc4d992a1f3e252271c4cfbc6ee1b25ab5

HTTP Headers

OPTIONS /get-keys HTTP/1.1
Host: app.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://l12.datingtopia.com/
Origin: https://l12.datingtopia.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Thu, 01 Dec 2022 05:11:38 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVvVnLjhOjtDjH9g0%2Fa2r0%2FWzY6BxM7QUGDwjsV4zPcS6staD7ZU1a7pkO7XmXd1jpF5XuFSNbDQiHMYqwGSCGKDgFLLOm9MFF3%2FD6jUGt4I6VX1U3k5Oisjj%2FPL0nwUIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772952bfacceb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3485
Cache-Control: max-age=142184
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 20:41:22 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bBUX/MMZfWwaOBLvYCJdmllMCJDTFdPRIkG9jhuO6wNvHJo3k/ldGh5mkNzxGvjb6foSHFKpiSXIbK8nHwCKhA==
content-length: 27340
x-fb-trip-id: 1904183273
date: Thu, 01 Dec 2022 05:11:38 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 04:41:08 GMT
expires: Thu, 01 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 1830
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1601a7c8a96ebe5b2af6fe1abcb6b90b
fb19f5121052f37c9cef4640791964583618560c
893364204eb010f01c891762b80db20df137be75ecb85fa4e22dbc68143b53fb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3485
Cache-Control: max-age=142184
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Etag: "6387b255-1d7"
Expires: Fri, 02 Dec 2022 20:41:22 GMT
Last-Modified: Wed, 30 Nov 2022 19:43:17 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gseccovsslca2018

104.18.20.226

200 OK

939 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
939 B (939 bytes)
Hash
d27d40ef61da63a75a8774e292631778
c19de49a4fca93792e64092c882646d12017dbb1
52b71e6e04a4eb72ba1d9d96d9adf41ea09e5e351aaf6d651de8bccc91d7d3cc

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 05:11:38 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Mon, 05 Dec 2022 02:13:23 GMT
ETag: "c19de49a4fca93792e64092c882646d12017dbb1"
Last-Modified: Thu, 01 Dec 2022 02:13:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 11
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 772952c1fb18b527-OSL

mc.yandex.ru/metrika/advert.gif

87.250.251.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Thu, 01 Dec 2022 05:11:38 GMT
access-control-allow-origin: *
etag: "63875d46-2b"
expires: Thu, 01 Dec 2022 06:11:38 GMT
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 16:40:22 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1905%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A181046067569%3Ahid%3A292101780%3Az%3A0%3Ai%3A20221201051137%3Aet%3A1669871497%3Ac%3A1%3Arn%3A343560298%3Arqn%3A1%3Au%3A1669871497284593006%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C33%2C132%2C0%2C1427%2C0%2C%2C268%2C3%2C%2C%2C%2C1890%3Ans%3A1669871494922%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669871497%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29

87.250.251.119

200 OK

419 B

URL HTTP/2
mc.yandex.ru/watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1905%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A181046067569%3Ahid%3A292101780%3Az%3A0%3Ai%3A20221201051137%3Aet%3A1669871497%3Ac%3A1%3Arn%3A343560298%3Arqn%3A1%3Au%3A1669871497284593006%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C33%2C132%2C0%2C1427%2C0%2C%2C268%2C3%2C%2C%2C%2C1890%3Ans%3A1669871494922%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669871497%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Size
419 B (419 bytes)
Hash
1e163906cfea05c837d59b28cc3e0324
b174828fe72cb3428f548f4e742d1efbc7aa2db1
4fea6e1f8e0988c80a45caf1b65d7eab3f21fb3ff61fabac067b5587f420de05

HTTP Headers

GET /watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1905%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A181046067569%3Ahid%3A292101780%3Az%3A0%3Ai%3A20221201051137%3Aet%3A1669871497%3Ac%3A1%3Arn%3A343560298%3Arqn%3A1%3Au%3A1669871497284593006%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C33%2C132%2C0%2C1427%2C0%2C%2C268%2C3%2C%2C%2C%2C1890%3Ans%3A1669871494922%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669871497%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l12.datingtopia.com
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 419
date: Thu, 01 Dec 2022 05:11:38 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://l12.datingtopia.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 05:11:38 GMT
last-modified: Thu, 01-Dec-2022 05:11:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d

188.114.96.1

204 No Content

0 B

URL HTTP/2
subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d HTTP/1.1
Host: subscribe.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://l12.datingtopia.com/
Origin: https://l12.datingtopia.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Thu, 01 Dec 2022 05:11:38 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVJkXv%2FK6SgIS%2BTtVdPG57BVQ6qJ9R7%2B5FdpoWjZXfgUDcHRP3UsL22veTVCSXWms8fBk2Sw3%2FPXRw0GFfUNvj5pnWp%2F20e9TmvN69C7FUS52fo6PuD95VgU0%2FpB3lHTotBWLx0%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772952c29e92b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d

188.114.96.1

200 OK

5 B

URL HTTP/2
subscribe.swpush.com/subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

HTTP Headers

GET /subscriber/null/08bdb7bc-b201-4b11-9235-0457358ac58d HTTP/1.1
Host: subscribe.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:11:38 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCw3JcWOC98b%2Bif9kKVDGVA3F02YmPijJCjfOQVrxyllHMcf2n80rN6bMxvcD2GLH3mUw1JKrYFjRTyaOR0zaZLcXQNSIHrxdoy6vq5KFu0XaFKNmW0%2F7%2B3ka%2BGZutjaoIhmhNin1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772952c35efdb523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1426921724108509&ev=PageView&dl=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&rl=&if=false&ts=1669871497680&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669871497680.406364504&it=1669871497120&coo=false&rqm=GET

31.13.72.36

200 OK

87 kB

URL HTTP/2
www.facebook.com/tr/?id=1426921724108509&ev=PageView&dl=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&rl=&if=false&ts=1669871497680&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669871497680.406364504&it=1669871497120&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
87 kB (86669 bytes)
Hash
cf04eb0d89bbc47cedf9206bf0e25207
977f886f9f1a6671b5e776dcb3d021969a0877fb
e6524ec1cddf781cf194cc91b1b9eded027e47bc85d8e5adecdbcf2d2a093f35

HTTP Headers

GET /tr/?id=1426921724108509&ev=PageView&dl=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&rl=&if=false&ts=1669871497680&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669871497680.406364504&it=1669871497120&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 01 Dec 2022 05:11:39 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

478 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
478 B (478 bytes)
Hash
0eb093103d70da697dd134837479cc93
91bb2da91a23f6bbaa9b0cc8339fa92167f8a4cd
83e482f5fab7592d4b0af346ddfe6f3a117071773733cd5cdda30b8cd25e7fe7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&gjid=1134676577&_gid=7845220.1669871497&_u=IEBAAEAAAAAAACAAI~&z=1260924523

74.125.131.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&gjid=1134676577&_gid=7845220.1669871497&_u=IEBAAEAAAAAAACAAI~&z=1260924523
IP
74.125.131.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&gjid=1134676577&_gid=7845220.1669871497&_u=IEBAAEAAAAAAACAAI~&z=1260924523 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Content-Type: text/plain
Origin: https://l12.datingtopia.com
Content-Length: 0
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://l12.datingtopia.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Dec 2022 05:11:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16c3ad4a2bc7f419fb354b37778f8b2f
d193a1336556dcf6b4975a057e7c849037eef0ff
5993deb5a53b2e844b9027a6b6906c718f6e9f69c27388199c4343a80ef067f6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&_u=IEBAAEAAAAAAACAAI~&z=931744215

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&_u=IEBAAEAAAAAAACAAI~&z=931744215
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&_u=IEBAAEAAAAAAACAAI~&z=931744215 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 05:11:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&_u=IEBAAEAAAAAAACAAI~&z=931744215

216.58.211.4

200 OK

1.3 kB

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&_u=IEBAAEAAAAAAACAAI~&z=931744215
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1339 bytes)
Hash
068b17c4f11683392527fb2b5b1f3982
bd256772b469e8c08f5d05e1f657eb53a12c9283
14f46ec6dc1ee5bbbbed7eaf1707e8cd7655b892774863039ae8548195459118

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97359813-1&cid=413324672.1669871497&jid=2079356614&_u=IEBAAEAAAAAAACAAI~&z=931744215 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://l12.datingtopia.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 01 Dec 2022 05:11:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
81abfd63eeb2fadc85b31541378babb1
09d3223c1a2a4e2cbfcba0381ead2cee5ee0a200
c7665c83165956c11bdbe0509ae03bf6af1b34ca68bf352fbfd629dc3a04b815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
533f66ef53706466ce20dc9aebf11812
0c0d713d538eb224deeb9241917a117205f16cb2
8ce7b68022c847b59b9a132ada3a75eea73bb57bae4683901c8df08fa255ba79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 05:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 925134ee-dd35-45ed-8da7-d60c9c484993
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz80EHboAMFtmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-48de287757e82632291365ee;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8qQQUMSVzFmXqjWM1n_F1XEE-ZQcpEF81OwJgf9i3Q5M8XiFAa8Zg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:52:00 GMT
age: 26384
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9993 bytes)
Hash
70afa08b7d0b64772b90ae190689e6c1
527cf32104041423176fadd3cfc2120fe63f6bfc
31ebf9decb53b8180922c4b10d0427aba95a802246a5ced8ec368d814a33b843

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9993
x-amzn-requestid: 7d7febbc-2bdf-44e9-9727-9c56b5bcb138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1VNFZiIAMFV-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cf54-1f89231026a9b5c467324134;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Zc0QAEb9prX_ZBUYuD-407TwT2ATljy_OTmUNq31I9udG16Dx3JWtw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 22:00:48 GMT
age: 25857
etag: "527cf32104041423176fadd3cfc2120fe63f6bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

app.swpush.com/get-keys

188.114.96.1

200 OK

0 B

URL HTTP/2
app.swpush.com/get-keys
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.swpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls
Content-Length: 89
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:11:38 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td5oLYhVmE8xEXl7Jhc5bSWqwmPamGae9Y%2BrkbX1adRc54d9mysirz4Q3qsRXx2QcZzzxlClzMhduq%2FzRCHwQQEVaD42xNKafnY5YPhy8hAFMEUlId7j2tCFE5Bz1jAa7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772952c08d75b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mc.yandex.ru/watch/48184178?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1905%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A181046067569%3Ahid%3A292101780%3Az%3A0%3Ai%3A20221201051137%3Aet%3A1669871497%3Ac%3A1%3Arn%3A343560298%3Arqn%3A1%3Au%3A1669871497284593006%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C33%2C132%2C0%2C1427%2C0%2C%2C268%2C3%2C%2C%2C%2C1890%3Ans%3A1669871494922%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669871497%3At%3APreeland&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)

87.250.251.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/48184178?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1905%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A181046067569%3Ahid%3A292101780%3Az%3A0%3Ai%3A20221201051137%3Aet%3A1669871497%3Ac%3A1%3Arn%3A343560298%3Arqn%3A1%3Au%3A1669871497284593006%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C33%2C132%2C0%2C1427%2C0%2C%2C268%2C3%2C%2C%2C%2C1890%3Ans%3A1669871494922%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669871497%3At%3APreeland&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/48184178?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1905%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A181046067569%3Ahid%3A292101780%3Az%3A0%3Ai%3A20221201051137%3Aet%3A1669871497%3Ac%3A1%3Arn%3A343560298%3Arqn%3A1%3Au%3A1669871497284593006%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C33%2C132%2C0%2C1427%2C0%2C%2C268%2C3%2C%2C%2C%2C1890%3Ans%3A1669871494922%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669871497%3At%3APreeland&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://l12.datingtopia.com
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: /watch/48184178/1?wmode=7&page-url=https%3A%2F%2Fl12.datingtopia.com%2Fj56le98%2F%3Futm_source%3Dbacf24eb%26utm_medium%3D44%26utm_campaign%3D501_0%26utm_content%3DGSL-7204%26zid%3D%26bid%3D%26email%3D%257Bemail%257D%26data2%3D%26data3%3D%26data4%3D%26bt%3Dbt1%26cep%3DCdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8%26lptoken%3D1657691c870132dd97ca%26cid%3Dwddmv05p5471btrk2toef2ls&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12kpamsypdk9qpokppnvg4%3Afp%3A1905%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A181046067569%3Ahid%3A292101780%3Az%3A0%3Ai%3A20221201051137%3Aet%3A1669871497%3Ac%3A1%3Arn%3A343560298%3Arqn%3A1%3Au%3A1669871497284593006%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C33%2C132%2C0%2C1427%2C0%2C%2C268%2C3%2C%2C%2C%2C1890%3Ans%3A1669871494922%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669871497%3At%3APreeland&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 01 Dec 2022 05:11:38 GMT
access-control-allow-origin: https://l12.datingtopia.com
set-cookie: yandexuid=1961524381669871498; Expires=Fri, 01-Dec-2023 05:11:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1961524381669871498; Expires=Fri, 01-Dec-2023 05:11:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=164363861669871498; Path=/; SameSite=None; Secure
i=bHMu+XLydSylc67PSyCUaW6YJYrgsJrUsjpe+d+L01EKfC7OjJR7i/anjwRgOg9WhZJ+LUBwaD1dJC25nwKMoG9gzH8=; Expires=Sun, 28-Nov-2032 05:11:37 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701407498.yc.1669871498#1701407498.yrts.1669871498#1701407498.yrtsi.1669871498; Expires=Fri, 01-Dec-2023 05:11:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 01-Dec-2022 05:11:38 GMT
last-modified: Thu, 01-Dec-2022 05:11:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

campaignsrus.com/cr.php?cid=7290&aff_id=7204&doland&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0

188.114.96.1

302 Found

0 B

URL HTTP/2
campaignsrus.com/cr.php?cid=7290&aff_id=7204&doland&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cr.php?cid=7290&aff_id=7204&doland&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0 HTTP/1.1
Host: campaignsrus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Thu, 01 Dec 2022 05:11:37 GMT
content-type: text/html; charset=UTF-8
location: https://clik.global-trk.com/aff_c?offer_id=7154&aff_unique4=7290:32136&aff_unique5=EvDS113018697&aff_id=7204&aff_sub3=63883788a134710001d65ab7&aff_sub=501_0
cf-cache-status: DYNAMIC
set-cookie: hskp=EvDS113018697%2C; expires=Thu, 15-Dec-2022 05:11:37 GMT; Max-Age=1209600
skip=-1669871497%2C34793; expires=Thu, 01-Dec-2022 05:21:37 GMT; Max-Age=600
7290_34793_0=1669871497; expires=Fri, 02-Dec-2022 05:11:37 GMT; Max-Age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOrwqDDRs6fUHFZzSRcaCrnucKLH5nQzC66iS1ZFy4m0RxYn3%2B%2BTkquaHYLWek817W9tBssIrzd%2BXvHwoORvcuTxzB38pY14Dcv19vgZpHgffjPvRKeJ5wJeoGZWMUdLYPSi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772952b7aabab4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls

104.21.65.62

200 OK

0 B

URL HTTP/2
l12.datingtopia.com/j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls
IP
104.21.65.62:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /j56le98/?utm_source=bacf24eb&utm_medium=44&utm_campaign=501_0&utm_content=GSL-7204&zid=&bid=&email=%7Bemail%7D&data2=&data3=&data4=&bt=bt1&cep=CdcItr5a6RAVlt6D6u80Si_cQNeU37jgXPGTpphkiD1FpeQURMqDgtRvvyc4jjFO4vkoLiREfbc1idajvX0pblmreOYwQ1oHdL8JpTgnYzU4d5S-OLpEIox51vFEH8tD0wPq0V6HSWeWz86Nk6uX0L3-OY_WxqoFPU0ifbENWV4tx-QKow-Qf5UXJ-ulwvRy8UHF8num8zX5BwS3haOyildS6q4-o4SxA8njx5Z_FLPWXHqC0lNEeM3_o8TJvYBKRK7bdwt_eAagp-9siNqgnHEk4mhBh4t8euf0Q7-qrPtpTkTgIPjUZ1OdGsKm43OXs4--oT1qkOypbQtEgtlMA3vS1al55Of4cmuU8YmaYYs2QW7r-atQcRovBm8ie3Ulgk1CGnZHWSJSxKbsQYGLFxdoODW313JzBYL122VcpRIFiczRHS-I-hLLp3ZuLeiBzlI-HKI7ojZB6XVCWJiW6Ce1vdesZ6_z0t_0CkGGKzpO4MZd3txG6YG9Rel7x7v8&lptoken=1657691c870132dd97ca&cid=wddmv05p5471btrk2toef2ls HTTP/1.1
Host: l12.datingtopia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:11:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.1.12
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuWJ4gtkHbZ9mjfNrMAtyEjFRheMH2dKiEEVFiudBlSdwLeYu9hbty%2BWFHSRN9R3JQcecnukFU8vat%2BoALLEHXv5pVONqBke7VPhpB7%2FE8W9eF4qNeM%2BtTKO6MYIJOJzgUn9vaEt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772952bcf9b31c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kingered-banctours.com/hp

18.195.123.247

200 OK

0 B

URL HTTP/2
kingered-banctours.com/hp
IP
18.195.123.247:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /hp HTTP/1.1
Host: kingered-banctours.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 05:11:38 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

cdnjam.com/cdn/sw.min.js

188.114.96.1

200 OK

0 B

URL HTTP/2
cdnjam.com/cdn/sw.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/sw.min.js HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://l12.datingtopia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Dec 2022 05:11:38 GMT
content-type: application/x-javascript
content-security-policy: block-all-mixed-content
etag: W/"b585b42672057da38c103f8002eaf012"
last-modified: Thu, 17 Mar 2022 13:12:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F62D8D719DDEB8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 4295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8g0QhUgY7arePqX6dpLDC2vlLs3hdfmJT3Hqx1PRTPUOwefM6uOj%2FPQ8odR39HzKqxRF1UFPN88fw9NT8Y1EkbSKWGToRUrnTuhgJgbNsbsNU1KMT2eBdVO94NRa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 772952c0383afac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations