r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ade0f92f30e7d68787598ca2b5fd30c7
fc7065ecb41bdfc5cbf0d8d568d335426c57f02f
1aac1c0926e545793d2040b114d2e064b175592a131ba27ff820fcd4aff4b4e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1AAC1C0926E545793D2040B114D2E064B175592A131BA27FF820FCD4AFF4B4E3"
Last-Modified: Wed, 16 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15162
Expires: Wed, 16 Nov 2022 19:44:21 GMT
Date: Wed, 16 Nov 2022 15:31:39 GMT
Connection: keep-alive
single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
3.121.96.35200 OK 2.5 kB URL HTTP/1.1 single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
IP 3.121.96.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11743)
Hash 30d6338d68b727930b14a1dd5ef74715
b317ae1671e379f002ac9b4c8ad14068d523fa13
8a412299b423c78d901a84d57cbc5fbdf70f41a943f2d99c96d8d2ed0dd0b3f9
GET /jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9b4e6c72233070ef185ff980135e9555
2f14523a3f6f9532df3b872984fd23e156d2c465
5040e340e60b331b1569d52d66afcd5649a4121e2841d38cca0974e2a4c0af75
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1559
Cache-Control: max-age=156337
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 15:31:39 GMT
Etag: "6374bbf5-1d7"
Expires: Fri, 18 Nov 2022 10:57:16 GMT
Last-Modified: Wed, 16 Nov 2022 10:31:17 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c88bc06741ab9fb81c2544acfcc34aa2
362cab19cff5aba27f472cc00071d5dfa38192e4
314ba27975f458e13917b2be91c9d5989a3e57c9e94b5a84dd52d0e21d27ae7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "314BA27975F458E13917B2BE91C9D5989A3E57C9E94B5A84DD52D0E21D27AE7F"
Last-Modified: Mon, 14 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14679
Expires: Wed, 16 Nov 2022 19:36:18 GMT
Date: Wed, 16 Nov 2022 15:31:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 16 Nov 2022 14:44:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2814
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X7UoUcTmE3cszCGAIYHiVpt+6It9fMjxdIRmD5Wvz+GJ5iQCbPPfYUgR/RiS7TVP/m6kV1tCQkVAmM4AUoMtRg==
x-amz-request-id: 9PGFTMZJBKX1M38T
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 16 Nov 2022 14:52:04 GMT
age: 2375
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 16 Nov 2022 15:31:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
single-hearts.com/bridge/intg.js?v=8
3.121.96.35200 OK 317 B URL HTTP/1.1 single-hearts.com/bridge/intg.js?v=8
IP 3.121.96.35:0
File type ASCII text, with very long lines (316)
Hash d9bd6d4fe07232e0fcae03c7e68d4e81
4a7e1c2e8cc35c2ff31c71175095f4b1a2b8c17b
0ad2eb2d6a74f3d18026ab24c088ca7c561a742fd870e44045db9d823ac0a3c6
GET /bridge/intg.js?v=8 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:39 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 317
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 15 Nov 2022 13:21:14 GMT
ETag: W/"13d-1847b737110"
Vary: Accept-Encoding
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (48316), with no line terminators
Hash 2e46e3b0807c19e0ee85603dd4ba3f72
cb55679976d9a5d9933f291218b8ff0f95ebdc17
87a3f839cfc8bca3368a7dec7c5ff14e5f613928e899b601292b5a1f1bd5dc05
GET /ajax/libs/crypto-js/4.1.1/crypto-js.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 16 Nov 2022 15:31:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 13972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61182885-3694"
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8463523
expires: Mon, 06 Nov 2023 15:31:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJkIzTB1Ea2ZbfIFt4HquTllqB1XGvel3BKGXtlmjrPkv6r3EXw6Ad%2B%2BMJvaT%2FPewrLTszl%2B6HhoXmUBIUZE2sJHX%2Fsg9vk%2FY1agoU5APo5oTSMmSuZgQ9zAhQygEYsn8gD8SMGV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76b1465f3987b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn3reference.com/landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css
99.86.114.68200 OK 2.0 kB URL HTTP/1.1 cdn3reference.com/landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css
IP 99.86.114.68:0
File type Unicode text, UTF-8 text, with very long lines (6939), with no line terminators
Hash 19c1abb983c96b97d39264f4fd35ede4
5d08739c87ae5e5685787baed41d554dac8bf66b
fa9c63441604c7b8fc998dbd7ed22dd84ae916e98594c367e9cee51d62e1c64b
GET /landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 16 Nov 2022 15:31:40 GMT
Last-Modified: Tue, 24 May 2022 13:06:55 GMT
Content-Encoding: gzip
ETag: W/"1b21-5dfc1a183b9c0"
X-Cache: Miss from cloudfront
Via: 1.1 a10ef2362efd83570036459690ee6d42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: kberbUzP5fqcd8AzCa3xTWCqOpAGlJm0jiZ44lktDg18PHr8DblaWw==
cdn3reference.com/js/dc_img.js?v=8
99.86.114.68200 OK 324 B URL HTTP/1.1 cdn3reference.com/js/dc_img.js?v=8
IP 99.86.114.68:0
File type ASCII text, with very long lines (350)
Hash e4ce4a12b20f6729b1dff496aa37772b
f99b82ce285c754486f676c6bb90c14752b6df3e
d27b3460b2ea7fd76a7178d2d8582a011390500cbe1e726de31894df61692dc4
GET /js/dc_img.js?v=8 HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 16 Nov 2022 15:31:40 GMT
Last-Modified: Thu, 29 Oct 2020 09:22:15 GMT
Content-Encoding: gzip
ETag: W/"1e8-5b2cbd0d9620d"
X-Cache: Miss from cloudfront
Via: 1.1 51608619c24847980745d41550b7ad54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: GM61Vl8SERvbqdOTr4P7gdKkcUtgAXerQteQp0ygmc6R7C-2qrQxNQ==
single-hearts.com/bridge/ao_loader.js
3.121.96.35200 OK 836 B URL HTTP/1.1 single-hearts.com/bridge/ao_loader.js
IP 3.121.96.35:0
File type ASCII text, with very long lines (835)
Hash 9c129816fdafb5e9525563ba64018bd7
79dfb5a385a3583a597716ac4b1e1649e9b9994d
43d06cd88d872d0f1ab73eda7cf55805382dfd0d56bb90aad3398c72a5bb4acf
Analyzer Verdict Alert fortinet Phishing
GET /bridge/ao_loader.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 836
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 15 Nov 2022 13:21:14 GMT
ETag: W/"344-1847b737110"
Vary: Accept-Encoding
single-hearts.com/bridge/frodi_data.js
3.121.96.35200 OK 2.9 kB URL HTTP/1.1 single-hearts.com/bridge/frodi_data.js
IP 3.121.96.35:0
File type C source, ASCII text, with very long lines (6647)
Hash 625b730293917702d84f6d523a8f393d
06864e7f108f35894939cb7c1d4f35728bac196b
d41f3ab66a1cce893c51be831fb7af4889964f145779c569f33ffde9c6f1a584
Analyzer Verdict Alert fortinet Phishing
GET /bridge/frodi_data.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 15 Nov 2022 13:21:14 GMT
ETag: W/"19f8-1847b737110"
Vary: Accept-Encoding
Content-Encoding: gzip
single-hearts.com/integration.js
3.121.96.35200 OK 755 B URL HTTP/1.1 single-hearts.com/integration.js
IP 3.121.96.35:0
Hash 5cb382e96d9add8b918b274c299d0a52
2548a82fc14093db564de53912001a930f09ee3c
792afe86d5719d9cc0bebe207f7c428ab031d8be446340883eee2dfda3e802d5
Analyzer Verdict Alert fortinet Phishing
GET /integration.js HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"713-tOtbBHXhCDJ4hzrQzYKUn0xJVzw"
Vary: Accept-Encoding
Content-Encoding: gzip
cdn3reference.com/landings/25780/js/fcb402559838d93ae26813c51e9821e3.js
99.86.114.68200 OK 36 kB URL HTTP/1.1 cdn3reference.com/landings/25780/js/fcb402559838d93ae26813c51e9821e3.js
IP 99.86.114.68:0
File type ASCII text, with very long lines (65535)
Hash 47bc83f94bc04611c2c960fa895e5d8f
87bf102fb06a0c9eaa1b1862e549fffeff8efba4
e487941dc12fc0d44a113237cd6db05ef09ae216fd94199c3b7b8ac5517be033
GET /landings/25780/js/fcb402559838d93ae26813c51e9821e3.js HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Wed, 16 Nov 2022 15:31:40 GMT
Last-Modified: Tue, 24 May 2022 13:06:55 GMT
Content-Encoding: gzip
ETag: W/"197d9-5dfc1a183b9c0"
X-Cache: Miss from cloudfront
Via: 1.1 8759b407cd243e2e2c573d5db804d720.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: 7TecDwzzAg3pDr4XDNe3c_nCNchEhgoSTV8HqM8l4drftkB3d7v39g==
single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2&uaDataValues={}
3.121.96.35200 OK 28 kB URL HTTP/1.1 single-hearts.com/ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2&uaDataValues={}
IP 3.121.96.35:0
File type C++ source, ASCII text, with very long lines (21894)
Hash effb8e48e93511b6aa1aebe0f6088d15
be01ee8999c21044c94f8baecb26612cd79cc5dd
a41a1e89984e1e6e7ff70581ccd9cd5f49dbb0e6a18b99d853b197a2a33a04cb
GET /ufis/main.js?ippContent=null&wpContent=null&pwaContent=null&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2&uaDataValues={} HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
ETag: W/"1f6f9-NZzKSlsHCJfcO+8/KJIC9/62cKI"
Vary: Accept-Encoding
Content-Encoding: gzip
single-hearts.com/tds/interlayer?handler=FrodiData
3.121.96.35200 OK 0 B URL HTTP/1.1 single-hearts.com/tds/interlayer?handler=FrodiData
IP 3.121.96.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tds/interlayer?handler=FrodiData HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8
Content-Length: 1646
Origin: http://single-hearts.com
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
www.googletagmanager.com/gtm.js?id=GTM-W3LH5SB&l=adsLayer
142.250.74.168302 Found 266 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-W3LH5SB&l=adsLayer
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0ea74a16b0341b688fae35975bfea5c6
ccb9b6eba0656ac6d80bff6ea422f5ea52ca1469
e1e075771ab68bc980badada339d10d10fc077821f92704f47714e9ec3d33f9e
GET /gtm.js?id=GTM-W3LH5SB&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-W3LH5SB&l=adsLayer
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 266
X-XSS-Protection: 0
cdn3reference.com/landings/25780/images/favicon.png
99.86.114.68200 OK 1.8 kB URL HTTP/1.1 cdn3reference.com/landings/25780/images/favicon.png
IP 99.86.114.68:0
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d658e55a18c46569f820dcb53fb0228
8d6f6d24829a0599c1309beedb3814b8fce7b8e4
0a225727f83c4d29abd12f49aa2161b6b7560dd23f3864cab690471fee17ac9a
GET /landings/25780/images/favicon.png HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1831
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 10 Aug 2021 14:44:08 GMT
Accept-Ranges: bytes
Date: Wed, 16 Nov 2022 15:31:40 GMT
Cache-Control: public, max-age=604800
ETag: "727-5c93588bb9e00"
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 a10ef2362efd83570036459690ee6d42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: ibkNe43cLNMPIF7kH5bJn806crAtpmlDE7tXzUhfVij4yJe0ThKN5g==
single-hearts.com/ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
3.121.96.35200 OK 10 B URL HTTP/1.1 single-hearts.com/ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
IP 3.121.96.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c2db64f99c6ebc0162f2ff0a32704299
d483e5dbd40c7600c97357394ebe7c7e747aee9f
0d891cd61411a07f3c3be0426f9cfdd76d1c8c84955cdd9d3a8e3b95d986b5d6
GET /ufis/rtr?referer=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 10
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"a-1IPl29QMdgDJc1c5Tr58fnR67p8"
Vary: Accept-Encoding
single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
3.121.96.35200 OK 27 B URL HTTP/1.1 single-hearts.com/ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
IP 3.121.96.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7f55b876f962b6dc8dc3b2145a13315
aef7bcbe00d506bf8ae34b4f469ccc69b701fdb4
341891286e02aad359716b2976363f926c510a574f3ec042f10fb056f629f9af
GET /ufis/recaptcha/inject/single-hearts.com?placement=default&doc_location=http%3A%2F%2Fsingle-hearts.com%2Fjump%3Fid%3D25780%26tds_ac_id%3Ds7016shm%26s1%3Ddd%26tds_rt%3D%26s3%3D1285%26utm_campaign%3Da78ddb94%26tds_cid%3D6d723e006b30703e047ee430b24f3342d57f5767%26tds_campaign%3Db3293shm%26_tgUrl%3DaHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA%3D%3D%26tds_ao%3D3%26tds_id%3Db3293shm_jump_a_1608815003949%26utm_source%3Dddm%26tds_oid%3D25780%26tds_host%3Dsingle-hearts.com%26data2%3D102c6faca60bffb082596d80bf309d%26utm_term%3Dweb_rtr_usa_b3293shm%26utm_content%3D2254%26dci%3Da6f8193ed84a1574cbdf1fe190baa91ab4b22ee2 HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 27
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"1b-rve8vgDVBr+K40tPRpzMabcB/bQ"
Vary: Accept-Encoding
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 16 Nov 2022 15:25:01 GMT
cache-control: public,max-age=3600
age: 399
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
retarget2core.com/fp/fp_ec.js
18.185.204.76200 OK 703 B URL HTTP/1.1 retarget2core.com/fp/fp_ec.js
IP 18.185.204.76:0
File type ASCII text, with very long lines (1212)
Hash ada333f1282ce9b098687f8c699c96e4
953cc03e6c595d3d58247b6966370da05054957e
823521b4328c9b2d58026cb8fb904ffe437b13a8a0a1773de479afbe218ebc85
GET /fp/fp_ec.js HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Robots-Tag: noindex
Accept-Ranges: bytes
Cache-Control: public, max-age=3600
Last-Modified: Tue, 15 Nov 2022 13:21:14 GMT
ETag: W/"4bd-1847b737110"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 15:31:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W3LH5SB&l=adsLayer
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W3LH5SB&l=adsLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (6640)
Hash 8c12a2edbaeb910fd33f5f154041b990
6dd9b2038f932e2aa302c02dd3db9621fe61dc04
02f4a15cd9fe4ddcecbe273509234567afe23b65f9d8682bb2ba63ef45d375fc
GET /gtm.js?id=GTM-W3LH5SB&l=adsLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://single-hearts.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 16 Nov 2022 15:31:40 GMT
expires: Wed, 16 Nov 2022 15:31:40 GMT
cache-control: private, max-age=900
last-modified: Wed, 16 Nov 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2&j_type=open&jump=25780&jump_name=
18.185.204.76200 OK 35 B URL HTTP/1.1 retarget2core.com/43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2&j_type=open&jump=25780&jump_name=
IP 18.185.204.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /43fbb6270523e1760fa5f0d2579dea07/ac3fc68831981c704535980c826941a5?tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2&j_type=open&jump=25780&jump_name= HTTP/1.1
Host: retarget2core.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://single-hearts.com/
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=ea8b06e67d47185eeabb2a4845d31dfaae4c94e0; Max-Age=31536000; Domain=.retarget2core.com; Path=/; Expires=Thu, 16 Nov 2023 15:31:40 GMT; Secure; SameSite=None
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash abdbaa56ac358c53c5dc3723c7671381
48c0e50792e786d83b35f0a36efb55f4c94c694d
6e9cb55f14b8219b7495ed4cd17bae3f0ca6127735ed01d3c1979601ffeb7b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 15:31:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn3reference.com/landings/25780/images/bg1.jpg
99.86.114.68200 OK 53 kB URL HTTP/1.1 cdn3reference.com/landings/25780/images/bg1.jpg
IP 99.86.114.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 704x1000, components 3\012- data
Hash ba9194b435c08d7d0eecb13c1fffaae7
5e1d1877109f9a13fa3774d6b47f71fa97c11471
f041915183641a514e49e3b56d82132f0cb926f338c4f184abad7a96dddf09fa
GET /landings/25780/images/bg1.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 52761
Connection: keep-alive
Server: nginx
Date: Wed, 16 Nov 2022 15:31:40 GMT
Last-Modified: Tue, 10 Aug 2021 14:44:08 GMT
ETag: "ce19-5c93588bb9e00"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 8759b407cd243e2e2c573d5db804d720.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: fBpWED6ojMg6t7Hjp0vQBnfJrmjCNdNLEpFgxE2ejK1K0oiCf3ftWw==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8345d8a2ca46c3b181a81d8626d0425f
5d9d088c5dca072bbc9ad23a15450e7af7829400
663b0e6c239177f35b5b48d4203ce95aabc0e5bab7911f5b1d9fb7624cac2e25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1588
Cache-Control: max-age=151315
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 15:31:40 GMT
Etag: "6374a83b-1d7"
Expires: Fri, 18 Nov 2022 09:33:35 GMT
Last-Modified: Wed, 16 Nov 2022 09:07:07 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f65bbeba59ba5e31638a17325798582f
4e544597bb0593697cec412fb97217899add2d96
adc5670dce70829fcd1edfa5c47f3bf14ee0ee7eb1e090a62818e679b91585d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 15:31:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js
142.250.74.163200 OK 11 kB URL HTTP/2 www.gstatic.com/firebasejs/8.6.8/firebase-messaging.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (40876)
Hash 5df942bc55c20f421cf56876855ced51
61e1c33b26d5a693425a8c229f90b1ea39736f29
3fb9f58427a7229af7bfb3c37e2f9718ba1e8776c368a80c511c6e27466d4932
GET /firebasejs/8.6.8/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://single-hearts.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10869
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:33:28 GMT
expires: Fri, 10 Nov 2023 21:33:28 GMT
cache-control: public, max-age=31536000
age: 496692
last-modified: Thu, 01 Jul 2021 23:11:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f65bbeba59ba5e31638a17325798582f
4e544597bb0593697cec412fb97217899add2d96
adc5670dce70829fcd1edfa5c47f3bf14ee0ee7eb1e090a62818e679b91585d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 16 Nov 2022 15:31:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
single-hearts.com/ufis/pwa/track?uaDataValues={}&networkGroup=
3.121.96.35200 OK 20 B URL HTTP/1.1 single-hearts.com/ufis/pwa/track?uaDataValues={}&networkGroup=
IP 3.121.96.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /ufis/pwa/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
Content-Type: application/json
Origin: http://single-hearts.com
Content-Length: 1163
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 20
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Accept-Encoding
single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
3.121.96.35200 OK 30 B URL HTTP/1.1 single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 3.121.96.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1191
Origin: http://single-hearts.com
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 30
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
Vary: Accept-Encoding
single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
3.121.96.35200 OK 30 B URL HTTP/1.1 single-hearts.com/ufis/webpush/track?uaDataValues={}&networkGroup=
IP 3.121.96.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81e3f07d1645f13d7cf94d9fe27b2db2
ff7bd614a52eeaf470852cb2c90344225fc3ffa5
33913d055081924c5e30b81bbab55e0a68df0397f2e3ae3c9606467c2d00da64
POST /ufis/webpush/track?uaDataValues={}&networkGroup= HTTP/1.1
Host: single-hearts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=UTF-8
Content-Length: 1274
Origin: http://single-hearts.com
Connection: keep-alive
Referer: http://single-hearts.com/jump?id=25780&tds_ac_id=s7016shm&s1=dd&tds_rt=&s3=1285&utm_campaign=a78ddb94&tds_cid=6d723e006b30703e047ee430b24f3342d57f5767&tds_campaign=b3293shm&_tgUrl=aHR0cHM6Ly9zaW5nbGUtaGVhcnRzLmNvbS90ZHMvdGcvcy85NTEzMWI2YmRhY2EzMDViNDkyZTI0ZDIyOGNiMjFiYj9fX3Q9MTY2ODYxMjY4MjgwNyZfX2w9MzYwMA==&tds_ao=3&tds_id=b3293shm_jump_a_1608815003949&utm_source=ddm&tds_oid=25780&tds_host=single-hearts.com&data2=102c6faca60bffb082596d80bf309d&utm_term=web_rtr_usa_b3293shm&utm_content=2254&dci=a6f8193ed84a1574cbdf1fe190baa91ab4b22ee2
HTTP/1.1 200 OK
Date: Wed, 16 Nov 2022 15:31:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 30
Connection: keep-alive
Server: nginx
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"1e-/3vWFKUu6vRwhSyyyQNEIl/D/6U"
Vary: Accept-Encoding
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bfUBTDiWtL49rSL4Bg+bYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HnAG+woZ1LL7KIJZBBa72Dvu8Sw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10265
Expires: Wed, 16 Nov 2022 18:22:46 GMT
Date: Wed, 16 Nov 2022 15:31:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10265
Expires: Wed, 16 Nov 2022 18:22:46 GMT
Date: Wed, 16 Nov 2022 15:31:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10265
Expires: Wed, 16 Nov 2022 18:22:46 GMT
Date: Wed, 16 Nov 2022 15:31:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10265
Expires: Wed, 16 Nov 2022 18:22:46 GMT
Date: Wed, 16 Nov 2022 15:31:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae0ab55e0e77a4265808a6689f25cbc3
187e6b340b43eb1aa0c724b749db7c20a486706a
3881e5ad44b9b2fae82510794af43d14e304ce624f26f66523f85d58fea063dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e399ef-c649-4728-84e9-6fea03ea9b5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9625
x-amzn-requestid: 9bd72b4a-2ac0-423f-b0e2-73fd51e02e97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEBHTjIAMFvOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-57f5412d5eca6d640a0f590d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qWuPuzaXg4Cfowj2mJuTEUIH3UVCely6rXVpbiNGxIDgBAt38UOBxw==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:54:50 GMT
etag: "187e6b340b43eb1aa0c724b749db7c20a486706a"
content-type: image/jpeg
age: 63411
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a698bf97cc6c0c464ed1a2b2adb1c1d3
a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0
64d52d8983b2bf30b9b1f260b8d6534664024b8dfda0da273307ee510ed33aad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F520b9f3d-222d-4840-bd88-673cedf9b5fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4919
x-amzn-requestid: aae0d2da-e891-40a6-bd83-8942fc3ef0c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFFEnxoAMFdCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ed-6ff1cc593aa1c934659030db;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: EoSIjUgouoxAtnpWMBPNTjLfmm_Anv7R5mYNdb5Ik9RrgxJg_nZ1rQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:48:37 GMT
age: 63784
etag: "a3977e8cde4b6ad7ef2e75a477e71b7bbbec21f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b31091803f98744f4da3b311467300a7
d829c5d23a494bc901d925dd02b84c470a0de479
c1cb88b82d8b5a82019da970f812cd31e13086c2da8498a21a57e7238aa34fe8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b5dd68c5-7146-4d31-a7fd-4ac4c474119a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnb6bGeyoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372d9dc-2ca4003e65d69039389bc676;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 00:14:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8TqIvhJUq_yG_iMFds_btqtYsrNzoaZeIQgOP0-Kc60yuQFOPYEXRA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 09:04:35 GMT
age: 23226
etag: "d829c5d23a494bc901d925dd02b84c470a0de479"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZLWa-RphwZqiAmeqffmEE8Mmfsfs9ZYz0bmANBEc5Ru1--VKDL4Fsw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:17:19 GMT
age: 62062
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e6ba2a-6046-47f6-8da2-f2c9ea6dd2b8.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e6ba2a-6046-47f6-8da2-f2c9ea6dd2b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e2a2d21ac149d7cf783628b5e815702
ae4692dccf90fa1a30119c95a1539ed8163e574f
5e1ebb536daa764e1c906c60a7a36c0f67aa476e12bf9fe1fda07bf87bc1f299
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e6ba2a-6046-47f6-8da2-f2c9ea6dd2b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9362
x-amzn-requestid: 12908795-19e3-41d7-b051-39e3c92e2753
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brWzaFP_oAMF4Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63746b48-6d68e610045bb99e6737731b;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 04:47:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5zMTezl4_7NFrjRAwHOCl1_glS_s5LVdhcRt3omkLw-HLQd_gvn1og==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 16 Nov 2022 04:53:49 GMT
etag: "ae4692dccf90fa1a30119c95a1539ed8163e574f"
content-type: image/jpeg
age: 38273
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53d2d9380ba28ed0656b54c22bc56766
757f8e6306effbab70d99757c5672564cfc9f623
6d6c41527ae28cdce016470ec1eb87e0ed384f3ef721838724f29845f3bd8dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8990
x-amzn-requestid: cb142f4b-787e-4b3c-9d75-72579105db60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFOHi8IAMFpDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ee-504a14105d2be58b1ce71c18;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: K-Js3sppuhzF03KF0M0wVw5GCSaq5VfHDbzU2DyEwjiARRDsccGYbQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:54:54 GMT
etag: "757f8e6306effbab70d99757c5672564cfc9f623"
content-type: image/jpeg
age: 63408
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn3reference.com/landings/25780/images/p1.jpg
99.86.114.68200 OK 5.1 kB URL HTTP/1.1 cdn3reference.com/landings/25780/images/p1.jpg
IP 99.86.114.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 91x71, components 3\012- data
Hash e127f50a1e5fe510963d02d6ba49fa0f
de8ed2f9db6e047984843966ed4701e76b2e88a4
b2b8b2c6a731e4f75ede97da052cbc0eb1f73538a94c267255a4e4c3dc0a20c6
GET /landings/25780/images/p1.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 5147
Connection: keep-alive
Server: nginx
Date: Wed, 16 Nov 2022 15:31:42 GMT
Last-Modified: Tue, 10 Aug 2021 14:44:08 GMT
ETag: "141b-5c93588bb9e00"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 8759b407cd243e2e2c573d5db804d720.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: 6Jh2WC7m087Cvd1upVcZmtPSVQdUqpB56pt7fsCW4WcgNMOELtJKmg==
cdn3reference.com/landings/25780/images/close.png
99.86.114.68200 OK 1.4 kB URL HTTP/1.1 cdn3reference.com/landings/25780/images/close.png
IP 99.86.114.68:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3afe47609da5639c4cd58336a952f968
2fe572459244842f534cf23f055ec5bb1950dd89
b9a113d7219535510c0b6454fccdf894e4d19d5be9c164e2ae1997350b6c372f
GET /landings/25780/images/close.png HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 1378
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 10 Aug 2021 14:44:08 GMT
Accept-Ranges: bytes
Date: Wed, 16 Nov 2022 15:31:42 GMT
Cache-Control: public, max-age=604800
ETag: "562-5c93588bb9e00"
Vary: Accept-Encoding
X-Cache: RefreshHit from cloudfront
Via: 1.1 a10ef2362efd83570036459690ee6d42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: I91CgAUjc5Q4jLrSldKMDX4FWkmnZ01l7nR-HfUgDy7mxFsbA4sW9A==
cdn3reference.com/landings/25780/images/p2.jpg
99.86.114.68200 OK 4.6 kB URL HTTP/1.1 cdn3reference.com/landings/25780/images/p2.jpg
IP 99.86.114.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 91x71, components 3\012- data
Hash a39e7f48bb57c0aa788aecfdb3a00da3
368e2efc991209d32e7205da1dee5b1f022d26f6
0e22716ab461b73d3448b86d14c62c1e234d06f5888015a27e4b5fcdd3f73df5
GET /landings/25780/images/p2.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 4559
Connection: keep-alive
Server: nginx
Date: Wed, 16 Nov 2022 15:31:44 GMT
Last-Modified: Tue, 10 Aug 2021 14:44:08 GMT
ETag: "11cf-5c93588bb9e00"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 8759b407cd243e2e2c573d5db804d720.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: zjphK59vsaltQnhQ741RQfKMBfCQSTzHb8obugHV7s1_8mJ7IUqsXA==
cdn3reference.com/landings/25780/images/p3.jpg
99.86.114.68200 OK 5.2 kB URL HTTP/1.1 cdn3reference.com/landings/25780/images/p3.jpg
IP 99.86.114.68:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 91x71, components 3\012- data
Hash 912aee47e72196d2528f9c881f10f5ae
16239f163d7e1de51d25a84abd17981799fb2cc2
5180524bf05880b45758df15c9fdd36fb15baf15fa41d3394aa5d8f975480060
GET /landings/25780/images/p3.jpg HTTP/1.1
Host: cdn3reference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3reference.com/landings/25780/css/223410ad3182ac8c9b71d6ff9de0da0e.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 5166
Connection: keep-alive
Server: nginx
Date: Wed, 16 Nov 2022 15:31:48 GMT
Last-Modified: Tue, 10 Aug 2021 14:44:08 GMT
ETag: "142e-5c93588bb9e00"
Accept-Ranges: bytes
Cache-Control: public, max-age=604800
X-Cache: Miss from cloudfront
Via: 1.1 8759b407cd243e2e2c573d5db804d720.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C1
X-Amz-Cf-Id: s2nEo6LSTte9S_qhoDh6HYL1tGo3szJUeh9IlY2rrHZH8HrWODHCiw==
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F357cd6ac-cc6f-4fc8-846b-665a992369bd.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F357cd6ac-cc6f-4fc8-846b-665a992369bd.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f53e6645ae6c5c1b96b371e561a34df
524b78bebc7fd71a34cb445e23751526dea99a9b
43480e4d45807997a2bfdde4230584717c2caa47c57e10eeff3091d893163d7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F357cd6ac-cc6f-4fc8-846b-665a992369bd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12436
x-amzn-requestid: 579569d4-c368-4cea-97dc-6ccdbc5771f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYF4HNjoAMFSDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406f2-65f74c0126d29b1f62a60f75;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: biJHjjPp8OrYrG7lolOwiF91N64Cg_40F_ybrA7t7CORL6l-ucDUiA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:06:50 GMT
etag: "524b78bebc7fd71a34cb445e23751526dea99a9b"
content-type: image/jpeg
age: 62698
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2