urlquery - report: findflirtydates.com/tds/ae

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
findflirtydates.com (2)	0	2022-06-25 18:56:17 UTC	2022-12-08 20:20:34 UTC	18.185.232.255	Unknown ranking
r3.o.lencr.org (8)	344	2020-12-02 08:52:13 UTC	2022-12-08 17:12:06 UTC	95.101.11.115
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-12-08 17:15:52 UTC	93.184.220.29
www.dirtytinder.club (1)	145327	2019-07-18 13:02:00 UTC	2022-12-08 22:42:17 UTC	3.122.92.146
ocsp.sectigo.com (1)	487	2018-12-17 11:31:55 UTC	2022-12-08 17:18:07 UTC	172.64.155.188
www.gstatic.com (2)	0	2012-05-29 15:36:17 UTC	2022-12-08 17:13:06 UTC	142.250.74.3	Domain (gstatic.com) ranked at: 540
ocsp.sca1b.amazontrust.com (2)	1015	2016-02-14 02:37:56 UTC	2019-03-27 04:05:54 UTC	143.204.42.156
findflirtydates.com (2)	0	2022-06-25 18:56:17 UTC	2022-12-08 20:20:34 UTC	3.66.185.70	Unknown ranking
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-12-08 15:50:00 UTC	34.120.237.76
ocsp.pki.goog (3)	175	2017-06-14 07:23:31 UTC	2022-12-08 17:12:01 UTC	216.58.211.3
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2022-12-08 17:12:32 UTC	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-12-08 17:21:04 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-08 17:14:01 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-12-08 17:20:00 UTC	54.149.51.98
www.redir2fuck.com (2)	138232	2019-08-22 01:00:02 UTC	2022-12-09 05:02:34 UTC	52.19.101.114
rgjgwe.metlculousdates.net (3)	0	2022-12-02 14:02:19 UTC	2022-12-08 22:52:20 UTC	63.32.216.166	Unknown ranking
cdn-dimi.akamaized.net (14)	0	2022-07-07 13:18:25 UTC	2022-12-08 13:28:46 UTC	184.31.15.67	Domain (akamaized.net) ranked at: 280

Scan Date	Severity	Indicator	Comment
2022-12-09	2	findflirtydates.com/tds/ae	Phishing

Date	UQ / IDS / BL	URL	IP
2022-12-09 06:28:09 +0000	0 - 0 - 1	findflirtydates.com/tds/ae	18.185.232.255

Date	UQ / IDS / BL	URL	IP
2023-02-01 23:00:53 +0000	0 - 1 - 0	portal-corporativo-cliente.org/	15.197.130.221
2023-02-01 22:59:00 +0000	0 - 0 - 2	furned-mashorses.com/9fcfad6c-f95f-491c-b5e6- (...)	18.193.235.10
2023-02-01 22:57:58 +0000	0 - 8 - 0	hello.2sfilms.biz/click/1/529456468/77e5cfe89 (...)	52.53.211.236
2023-02-01 22:57:57 +0000	0 - 0 - 6	continuetosite.com/go/881fe4ea-88cc-45df-988f (...)	3.70.16.242
2023-02-01 22:56:47 +0000	1 - 1 - 1	track.rendan-compto.com/dc7ee8d1-74d2-4cfc-aa (...)	18.195.128.171

Date	UQ / IDS / BL	URL	IP
2022-12-09 06:28:09 +0000	0 - 0 - 1	findflirtydates.com/tds/ae	18.185.232.255

Date	UQ / IDS / BL	URL	IP
2023-01-28 13:53:17 +0000	0 - 0 - 1	findmycrushes.com/tds/ae	52.59.26.150
2023-01-22 20:43:43 +0000	0 - 0 - 1	goads.pro/tds/ae	3.66.64.17
2023-01-14 19:47:41 +0000	0 - 0 - 1	find-me-fuck.com/tds	3.66.82.41
2023-01-14 17:16:34 +0000	0 - 0 - 1	looking4fuck.com/tds	18.157.201.101
2023-01-14 01:58:45 +0000	0 - 0 - 1	blacks-for-fuck.com/tds	18.195.157.163

Request	Response
GET /tds/ae HTTP/1.1 Host: findflirtydates.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: findflirtydates.com/tds/ae FQDN: findflirtydates.com IP: 18.185.232.255 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.185.232.255 HTTP/1.1 302 Found Date: Fri, 09 Dec 2022 06:27:59 GMT Transfer-Encoding: chunked Connection: keep-alive Server: nginx Access-Control-Allow-Origin: * P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Timing-Allow-Origin: * Accept-CH: UA, Platform, Model, Mobile, Arch Set-Cookie: dci=55a871db946414beb79adab4d1683af08db21703; Max-Age=31536000; Domain=.findflirtydates.com; Path=/; Expires=Sat, 09 Dec 2023 06:27:59 GMT; Secure; SameSite=None dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Wed, 14 Dec 2022 06:27:59 GMT Location: https://findflirtydates.com/res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=TECH_UNKNOWN_CAMPAIGN --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11740 Expires: Fri, 09 Dec 2022 09:43:39 GMT Date: Fri, 09 Dec 2022 06:27:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 388f6fea5bafa378266622b72311a6ee Sha1: 447f102dc12172ce1ba44c5e94e1d7bb49d43372 Sha256: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5936 Expires: Fri, 09 Dec 2022 08:06:55 GMT Date: Fri, 09 Dec 2022 06:27:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7181eff9c60e83eb0004ece591e47dca Sha1: 0fd8cd0c9d10b0547938982e57d2c43e2d98679f Sha256: 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA" Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15063 Expires: Fri, 09 Dec 2022 10:39:02 GMT Date: Fri, 09 Dec 2022 06:27:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee537977be9c03702f8ffe0025bf1fe Sha1: 21637881c4aa34c4add703f8bff4eff573159f45 Sha256: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 09 Dec 2022 06:08:17 GMT age: 1182 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: aPvCeeXs9NyP8XH6SjfycA/owOikvyrTUMIFiV5pdUi0veaK+r9VnRNYF3eyIkwyqhbe3+41uns= x-amz-request-id: M7Q95QVP0DK9G2ZF content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 09 Dec 2022 05:50:08 GMT age: 2271 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 09 Dec 2022 06:27:59 GMT content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 09 Dec 2022 06:07:55 GMT age: 1204 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.156 HASH: 7ddbda9418f9cb292eb9e74c28eb7905f0dcbf8c4b88acb11146613c84046fd4 143.204.42.156 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=108575 Date: Fri, 09 Dec 2022 06:27:59 GMT Etag: "6391da8e-1d7" Expires: Sat, 10 Dec 2022 12:37:34 GMT Last-Modified: Thu, 08 Dec 2022 12:37:34 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: 7L-ALNdxpDiVXzKpzZzti9qTK0kDWf6Dk21BqcGfkA5UkU1isJq0zw== --- Additional Info --- Magic: data Size: 471 Md5: 07c2ccbc85fb7b7d84ceda8e7b035e82 Sha1: b5d95320562213d6a90f6b515f65b10ebd318046 Sha256: 7ddbda9418f9cb292eb9e74c28eb7905f0dcbf8c4b88acb11146613c84046fd4
GET /res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=TECH_UNKNOWN_CAMPAIGN HTTP/1.1 Host: findflirtydates.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: findflirtydates.com/res_route/fback?s1=&s2=&s3=&s4=&s5= (...) FQDN: findflirtydates.com IP: 3.66.185.70 HASH: 3fc0fbd5baebc9966029c9362a532698f7de479aa586a8b306826e9e952315be 3.66.185.70 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 06:27:59 GMT content-length: 350 location: https://www.dirtytinder.club/c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= server: nginx x-powered-by: Express access-control-allow-origin: * vary: Accept, Accept-Encoding X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (350), with no line terminators Size: 350 Md5: 67f0003da95624d577f7653bcd071724 Sha1: f8a6d804d1064054ca52cfc703b8f2c8f547ed92 Sha256: 3fc0fbd5baebc9966029c9362a532698f7de479aa586a8b306826e9e952315be
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6340 Cache-Control: max-age=102272 Date: Fri, 09 Dec 2022 06:28:00 GMT Etag: "6391a92c-1d7" Expires: Sat, 10 Dec 2022 10:52:32 GMT Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fd55f4aaaab6ec40bc7dc10252cd819a Sha1: a72523f60be265a391fa9edc43e0a93418ad1fd0 Sha256: bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.156 HASH: 0a8aa70d5f8138fef563d9eafee2f9ac3e03bf0b4c7813e99ab0867f3d73372b 143.204.42.156 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=157482 Date: Fri, 09 Dec 2022 06:28:00 GMT Etag: "6392999a-1d7" Expires: Sun, 11 Dec 2022 02:12:42 GMT Last-Modified: Fri, 09 Dec 2022 02:12:42 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: AePhrFvjk_XBfeThOvf-OPAGMrc5IxVcaI1U5PkoB5ihffjvzjUpdQ== --- Additional Info --- Magic: data Size: 471 Md5: 74ade7a59069dd177f748ea5e0cda2d8 Sha1: 217d5ac6cb07c8b18956215e80ac7855faa31ad1 Sha256: 0a8aa70d5f8138fef563d9eafee2f9ac3e03bf0b4c7813e99ab0867f3d73372b
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: nu1usajxfw49is3OnUZg+g== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.149.51.98 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.149.51.98 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 0l/hsWakUSPPqf6zmN6aH+egO1U= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= HTTP/1.1 Host: www.dirtytinder.club User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: www.dirtytinder.club/c/8d2358ea43d0439d?s1=36_all_ng&s2 (...) FQDN: www.dirtytinder.club IP: 3.122.92.146 HASH: 9a0655ce6caae19b060d9edf9eedab35c5fa236208e85f1c8617da661b94c173 3.122.92.146 HTTP/2 302 Found content-type: text/html; charset=utf-8 date: Fri, 09 Dec 2022 06:28:00 GMT content-length: 316 location: https://www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UubWV0bGN1bG91c2RhdGVzLm5ldC9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD13aWtxZTYzOTJkNTcwMDAwYzAzZmMmajE9MSZqOT0x&action=action_tmp server: nginx set-cookie: unique_id=6392d5700003902b; Path=/; Expires=Tue, 07 Feb 2023 06:28:00 GMT; Secure; SameSite=None unique_id2=6392d57000039818; Path=/; Expires=Thu, 09 Mar 2023 06:28:00 GMT; Secure; SameSite=None impression=; Path=/; Expires=Fri, 09 Dec 2022 06:28:00 GMT; Secure; SameSite=None tid=wikqe6392d570000c03fc; Path=/; Expires=Sat, 13 Nov 2027 06:28:00 GMT; Secure; SameSite=None X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (314) Size: 316 Md5: 7caa094cbc361ad0797db0769fce830b Sha1: f4e634faf1584eae7d64dc911e1e962cd8c281a2 Sha256: 9a0655ce6caae19b060d9edf9eedab35c5fa236208e85f1c8617da661b94c173
POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sectigo.com/ FQDN: ocsp.sectigo.com IP: 172.64.155.188 HASH: 3745bf4fd194d410662cb43f6e71bbfd422e1ef56036695ea3f14495ad2284d2 172.64.155.188 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 06:28:00 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Thu, 08 Dec 2022 11:00:35 GMT Expires: Thu, 15 Dec 2022 11:00:34 GMT Etag: "3a722802425cc0e90cb1a4e5300c04b337bf7f73" Cache-Control: max-age=534153,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb3 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 776bad9ffcd9b4f3-OSL --- Additional Info --- Magic: data Size: 471 Md5: 85438f043a7b745849e9707a4c4fcf5e Sha1: 3a722802425cc0e90cb1a4e5300c04b337bf7f73 Sha256: 3745bf4fd194d410662cb43f6e71bbfd422e1ef56036695ea3f14495ad2284d2
GET /redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UubWV0bGN1bG91c2RhdGVzLm5ldC9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD13aWtxZTYzOTJkNTcwMDAwYzAzZmMmajE9MSZqOT0x&action=action_tmp HTTP/1.1 Host: www.redir2fuck.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: www.redir2fuck.com/redirect/index?type=script&to=aHR0cH (...) FQDN: www.redir2fuck.com IP: 52.19.101.114 HASH: 7547d88eb9c896c936b97c5a485656da70d61c638eea57394c526e1131786ec1 52.19.101.114 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: nginx date: Fri, 09 Dec 2022 06:28:00 GMT content-length: 295 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with no line terminators Size: 295 Md5: e7d10fb8bea96b1c3217948f4cf62d38 Sha1: 66fde5509e26a5731796bc5b5d2359bede2b2805 Sha256: 7547d88eb9c896c936b97c5a485656da70d61c638eea57394c526e1131786ec1
GET /redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UubWV0bGN1bG91c2RhdGVzLm5ldC9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD13aWtxZTYzOTJkNTcwMDAwYzAzZmMmajE9MSZqOT0x&action=action_final HTTP/1.1 Host: www.redir2fuck.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UubWV0bGN1bG91c2RhdGVzLm5ldC9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD13aWtxZTYzOTJkNTcwMDAwYzAzZmMmajE9MSZqOT0x&action=action_tmp Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: www.redir2fuck.com/redirect/index?type=script&to=aHR0cH (...) FQDN: www.redir2fuck.com IP: 52.19.101.114 HASH: 3a2fcb9a396a49457015fd23a2042329bd368b55bc5932036e76bd3e1063724d 52.19.101.114 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: nginx date: Fri, 09 Dec 2022 06:28:00 GMT content-length: 161 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, ASCII text, with no line terminators Size: 161 Md5: 5b6d1e3e58050521c35d28e9e40a1377 Sha1: f6fbe1b2308f7218ce13e1d053d62b701a46c4af Sha256: 3a2fcb9a396a49457015fd23a2042329bd368b55bc5932036e76bd3e1063724d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: fb44c446606a302086f4c1e1f2aa064129724cc9bd3d163fa9cf4ba579edf5dc 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FB44C446606A302086F4C1E1F2AA064129724CC9BD3D163FA9CF4BA579EDF5DC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14896 Expires: Fri, 09 Dec 2022 10:36:17 GMT Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a5721b04dd13970315bc562192a7e7fc Sha1: 2b6f5ce795df34fc6cf842a46f3c7a8657188998 Sha256: fb44c446606a302086f4c1e1f2aa064129724cc9bd3d163fa9cf4ba579edf5dc
GET /c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=&click_id=wikqe6392d570000c03fc&j1=1&j9=1 HTTP/1.1 Host: rgjgwe.metlculousdates.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.redir2fuck.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rgjgwe.metlculousdates.net/c/e2905f55ec3a568b?s1=138089 (...) FQDN: rgjgwe.metlculousdates.net IP: 63.32.216.166 HASH: 8214005699ef4342122ef0d1aadd9e8c2e8e7a720302bf60d618216e40ccf6d2 63.32.216.166 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: nginx date: Fri, 09 Dec 2022 06:28:01 GMT set-cookie: unique_id=6392d57100082c9b; Path=/; Expires=Tue, 07 Feb 2023 06:28:01 GMT; Secure; SameSite=None unique_id2=6392d571000a7c38; Path=/; Expires=Thu, 09 Mar 2023 06:28:01 GMT; Secure; SameSite=None 6392d571000a7c38_c=1; Path=/; Expires=Thu, 09 Mar 2023 06:28:01 GMT; Secure; SameSite=None ref_token=138089; Path=/; Expires=Sun, 08 Jan 2023 06:28:01 GMT; Secure; SameSite=None impression=; Path=/; Expires=Fri, 09 Dec 2022 06:28:01 GMT; Secure; SameSite=None 6392d571000a7c38_sl=[212225]; Path=/; Expires=Fri, 23 Dec 2022 06:28:01 GMT; Secure; SameSite=None content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 6079 Md5: 63c0a7470a3f5c98667eedf5a5059d2f Sha1: e3b96a0991f57101713963edcd8ea7d262b0165a Sha256: 8214005699ef4342122ef0d1aadd9e8c2e8e7a720302bf60d618216e40ccf6d2
GET /landings/212225/1624025125/css/main.css?1624025125 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/css/m (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: c8aff816800155d1460ec0dbce2c4ea158df479388e1f276e06514ab28d2bc2b 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/css x-amz-id-2: dGUFAMVBkOQ2M09fPhZ1Ma8w2Xy1XvKCfgRZ8AuwChumab2SGLxJ/MaaDA5FdXypzEIBQ1OFg34= x-amz-request-id: 3SRVVYPBVS1113MX Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT ETag: "e8ad0d5112ebc38ccffa906a88480571" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Fri, 09 Dec 2022 06:28:01 GMT Content-Length: 1438 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: assembler source, ASCII text Size: 1438 Md5: 8df101b94d92ec02934a35a76b709de6 Sha1: d76437a536afe0430c9d6a765841de9eeb50a448 Sha256: c8aff816800155d1460ec0dbce2c4ea158df479388e1f276e06514ab28d2bc2b
GET /landings/212225/1624025125/js/jquery.validate.min.js?1624025125 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/js/jq (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: x0n88vy6R42RaV/564yya+rciGgXVcQvshv7BBD+QqFLxydxKP4YN3T5glF0YCxYX1XDiujp19w= x-amz-request-id: 76SPH51FAFYCDKPA Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT ETag: "23d73c6bd6cbea8f06d0cc227896a827" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Fri, 09 Dec 2022 06:28:01 GMT Content-Length: 7815 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (24228) Size: 7815 Md5: f808399407c6ac496fe830d5deacb05f Sha1: 151039ee8631ce8ff989c5cf795c2feba950a499 Sha256: 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958
GET /landings/212225/1624025125/js/script.js?1624025125 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/js/sc (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: ee31e979a2410b8968bbfa00dbc3a6f2fb870562da1ac4315054da1a6c14eba0 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: 9v4LI0Nf/QJJk1CdEv3RcXP+gaGX0x+GvEWprsUgwN9MHr/m5kCGlZEi1P6bQ42YQFXAMUEd4PA= x-amz-request-id: 76SV05V07173EPSM Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT ETag: "7088a812e48fb5ed8602225eddbac48f" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 145 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 145 Md5: 7088a812e48fb5ed8602225eddbac48f Sha1: 4ab069794875538586cdbb1a924333a037e630d1 Sha256: ee31e979a2410b8968bbfa00dbc3a6f2fb870562da1ac4315054da1a6c14eba0
GET /landings/212225/1624025125/js/trls.js?1624025125 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/js/tr (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 95390457c7424017fadc461ca9ab9ad441f3fc2f96fb70e7b69ea333cf460a55 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: bEDMW+4uYXQPwp93E6hYipGoikvYukxCW1jf3CF2FDbC2bufMmZoIbFJeitROyv5M+AHZbFBmeE= x-amz-request-id: 76SN3BPGWTYB3T7P Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT ETag: "1f2a63d62e50fb3ea9b5bdfd69c66411" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Fri, 09 Dec 2022 06:28:01 GMT Content-Length: 12875 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 12875 Md5: 7c49093e0da4cde7c10e6eaeb5db33e8 Sha1: 8335e795d1fa1d5a59aad88a9f23a8bb43a09986 Sha256: 95390457c7424017fadc461ca9ab9ad441f3fc2f96fb70e7b69ea333cf460a55
GET /landings/212225/1624025125/js/jquery-2.2.4.min.js?1624025125 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/js/jq (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 97d25af867afe95682e66a2d01f9c5e2f085df402403671e6ba885f49a1e03be 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: iGCeVFed+qRt5/WMxWkRwGf/gH1XJWT9G/wuX8FMV9kjQEmQ+TKNro5xNmWT1F7vjK1rbeV2n2g= x-amz-request-id: 3SRP1WXFV252M78E Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT ETag: "61a04f254179208c931ebf40f4cfddf5" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Fri, 09 Dec 2022 06:28:01 GMT Content-Length: 36023 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text, with very long lines (530), with CRLF line terminators Size: 36023 Md5: 378507f30ab981ba7c512e07d134caaf Sha1: dd17d6f540df83bab63921deda1b9462a5047c00 Sha256: 97d25af867afe95682e66a2d01f9c5e2f085df402403671e6ba885f49a1e03be
GET /landings/212225/1624025125/css/css2.css HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/landings/212225/1624025125/css/main.css?1624025125 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/css/c (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: edd01a5eba971514bdb2bdac264929d7cc99b67d7b2d3999bb4f57c82a1a986b 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/css x-amz-id-2: +P7HmwoyklT5lBsWZZv8dRfONDR5sFbboGSfNKeGGuNgxzrvRIj5nqW9OadQJ+qU+0ZavuZXcfU= x-amz-request-id: 3SRH1EH4G0K4GEFB Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT ETag: "71422cc0c98c0f0d038113e2c0f4fc74" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 478 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text Size: 478 Md5: 71422cc0c98c0f0d038113e2c0f4fc74 Sha1: 8cb475413b46c087e604adcbf6e0dcd7b3e4f1ae Sha256: edd01a5eba971514bdb2bdac264929d7cc99b67d7b2d3999bb4f57c82a1a986b
GET /landings/212225/1624025125/images/filter.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: ad282a1099717f016062356106530897020924d9e92f613a21f2c305059184f8 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: 6eh5do1b8hgTeOza38mZfW8wgPNOd77OHhj5QOvCkmuRXAHd3sggs6UfTfbV6M2Kt838nKJuYCM= x-amz-request-id: G2Z4PE5JF8DVJFA5 Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "9c15c9a0a02ff49660d3c31f5c190b99" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 621 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 38 x 33, 8-bit colormap, non-interlaced\012- data Size: 621 Md5: 9c15c9a0a02ff49660d3c31f5c190b99 Sha1: 54c7501b9dfb865b87cd496e692779609bdc03bf Sha256: ad282a1099717f016062356106530897020924d9e92f613a21f2c305059184f8
GET /landings/212225/1624025125/images/btn.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 75941932fdfac80826ee9f5516cd038ed9233b6e377c8daf3440a90aa4b0ccc3 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: qS2r5FFQMtAGAH23af0BXqmzGu3JWD1tTH4mc4+4fujcUy6S3Dms9YqNpNpupX0Q58dps+7UyRQ= x-amz-request-id: G2ZEVQSE2KW3W5TF Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "c90d93be7b9e2e55e87b9d58d3589721" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 876 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 55 x 55, 8-bit colormap, non-interlaced\012- data Size: 876 Md5: c90d93be7b9e2e55e87b9d58d3589721 Sha1: 951a4e7d04ec68e711196b3c9db68bce699f7f89 Sha256: 75941932fdfac80826ee9f5516cd038ed9233b6e377c8daf3440a90aa4b0ccc3
GET /landings/212225/1624025125/images/preview.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: c7c713b35f729a8e3246f80f666d8ff01233745653afee65ff603ab2d86fe9b5 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: +nHh7RkH0nutv1CA35z5OcqzIEFGocwQgk9KVJyOUbAiSWuTg5EJP9olbg5ef7NM90ctAxxWtCM= x-amz-request-id: VSQNNVA9AT56022K Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "f14e845449946d94336832c6a288b753" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 41399 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=257, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=257], progressive, precision 8, 257x257, components 3\012- data Size: 41399 Md5: f14e845449946d94336832c6a288b753 Sha1: 16b73762fe2dd8ffccbf8da97504a3bd4c4c396f Sha256: c7c713b35f729a8e3246f80f666d8ff01233745653afee65ff603ab2d86fe9b5
GET /landings/212225/1624025125/images/camera.png HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 8a5920605debc2378688b502b33f55753fc099c17639d56c652981fc0442e57f 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/png x-amz-id-2: +6sgPo4IwWDjLEpOourHrMnv1aGCfMHsbFzaIuTWVIa/h1JSb2utLt52SYBYiwI1colyaojeSqs= x-amz-request-id: VSQJ2R9W0GQP46WC Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "e6fc25af3843556766acc03739200472" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 521 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 29 x 22, 8-bit colormap, non-interlaced\012- data Size: 521 Md5: e6fc25af3843556766acc03739200472 Sha1: 6aee49dbf2166cb5b0542fbe491d1b26da3f9e2c Sha256: 8a5920605debc2378688b502b33f55753fc099c17639d56c652981fc0442e57f
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19057 Expires: Fri, 09 Dec 2022 11:45:38 GMT Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19057 Expires: Fri, 09 Dec 2022 11:45:38 GMT Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19057 Expires: Fri, 09 Dec 2022 11:45:38 GMT Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=19057 Expires: Fri, 09 Dec 2022 11:45:38 GMT Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7b8c1870f03a90aac6370fc69516f95f Sha1: 1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8345 x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cpwRBF_gIAMFdCA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng== via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 12:37:33 GMT age: 64228 etag: "4792b0893827924e84cc51450012407717da4d2b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8345 Md5: 659b6eb1f1c430e2780758c7787b9a23 Sha1: 4792b0893827924e84cc51450012407717da4d2b Sha256: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4840 x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: c2LZPGd-oAMF5OA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0 x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: gGT6ZP9a7ENOcyGNek_ac8WlyRoiYeB4KdqC2UHHlwLdWBQUhHsw7w== via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 22:00:01 GMT age: 30480 etag: "433e295328d6c821a1df907c232bff4195e2860b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4840 Md5: 34a9b9b25e57f612db5560cd05e44cce Sha1: 433e295328d6c821a1df907c232bff4195e2860b Sha256: 139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3030 x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czUqCFWBoAMFiqg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0 x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 14:51:55 GMT etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f" age: 56166 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3030 Md5: a1be0ae00ba0c6009ac14c8df38b8ad0 Sha1: 33edd1469c54a08e3c4cb0003b87b225eba55b3f Sha256: ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47563cf2-d887-4c1d-a3b9-0b5151226171.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 042494598add540a49650d5556d33bf53f647d77e64fbf13f3d881ebf251a525 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8709 x-amzn-requestid: 8c5094d3-3286-44db-bd3f-9369cd8220eb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: c2LYGGm6oAMFn1A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63925900-2ea563bc1b5aa87a0ebd6251;Sampled=0 x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:04 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oHNHICPfq1U2qYhNmrtf5_56-jtn-zOMPGvBdhXICE493RfJ1cFCvA== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 21:59:55 GMT age: 30486 etag: "cac4e03ae9857def8b094e005647c3e49c34d686" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8709 Md5: 0321199622f614202a646f925521ace7 Sha1: cac4e03ae9857def8b094e005647c3e49c34d686 Sha256: 042494598add540a49650d5556d33bf53f647d77e64fbf13f3d881ebf251a525
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5188 x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ck2-5G9joAMFlPA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g== via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 17:01:04 GMT age: 48417 etag: "8fbff7725c842d70e047c635a725723a9dc9c55a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5188 Md5: fba9a3854df65740512f96efe7442e58 Sha1: 8fbff7725c842d70e047c635a725723a9dc9c55a Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7557 x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctluwGo4oAMFhTg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 12:33:10 GMT age: 64491 etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7557 Md5: 5de5d319f43d9c9c641419d96655541f Sha1: cde4c7fa0145d3645af17e34c83c63c08f76a076 Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://rgjgwe.metlculousdates.net Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: d4d8d7f2ba61c44496fc78b6d596a0cbe111bf6c906687b8ab8d602fe2770a21 184.31.15.67 HTTP/1.1 200 OK Content-Type: application/x-font-ttf x-amz-id-2: ikXxGD3V55TtP6jGVtUGbyHqUiHUqCgb3+gelfaqLxGkMURzm5+ptdLgvufLXjgWPv6+1e11TDc= x-amz-request-id: G2Z2ZQSPT2KV8EE2 Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "0d984acaec916c225c012f27d0c56a91" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 131916 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt\012- data Size: 131916 Md5: 0d984acaec916c225c012f27d0c56a91 Sha1: 0a12b8eecf92432c96ca8c0a987018d080fe13ba Sha256: d4d8d7f2ba61c44496fc78b6d596a0cbe111bf6c906687b8ab8d602fe2770a21
GET /landings/212225/1624025125/images/KFOlCnqEu92Fr1MmWUlvAw.ttf HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://rgjgwe.metlculousdates.net Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 45406dc60b7a978fb63778d6219a38312423d8b129bcb055d22080cfe9f36158 184.31.15.67 HTTP/1.1 200 OK Content-Type: application/x-font-ttf x-amz-id-2: JjY7K3ACjyfHw8f0c40KEvr8Bw+EmjghFjhoCYFuJQ6seGXl896FqCkW90D6EPjHiI4hbmKrOb8= x-amz-request-id: G2Z6J4CSDXVWPY0W Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "74bc6165dc68714ccaa88f5c64656b1c" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 131008 Date: Fri, 09 Dec 2022 06:28:01 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: TrueType Font data, 18 tables, 1st "GDEF"\012- data Size: 96535 Md5: 0d9c2afa93bddb17a726a29fdc5c7fbd Sha1: 2a38dcc879e29a98ffdd0e296b781bcdbcce36c8 Sha256: 45406dc60b7a978fb63778d6219a38312423d8b129bcb055d22080cfe9f36158
GET /landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://rgjgwe.metlculousdates.net Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Range: bytes=83340- If-Range: "0d984acaec916c225c012f27d0c56a91"	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 1189dfd91738702f0bbd47f9924c33ca8b5b827dc11bca28bff7753c5b11598d 184.31.15.67 HTTP/1.1 206 Partial Content Content-Type: application/x-font-ttf x-amz-id-2: ikXxGD3V55TtP6jGVtUGbyHqUiHUqCgb3+gelfaqLxGkMURzm5+ptdLgvufLXjgWPv6+1e11TDc= x-amz-request-id: G2Z2ZQSPT2KV8EE2 Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "0d984acaec916c225c012f27d0c56a91" Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 09 Dec 2022 06:28:01 GMT Content-Range: bytes 83340-131915/131916 Content-Length: 48576 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: data Size: 48576 Md5: fd16cfcb8a7d00ed2007bd018d4d2978 Sha1: 41289ef5416df59eea77231e412d9dd515545e8c Sha256: 1189dfd91738702f0bbd47f9924c33ca8b5b827dc11bca28bff7753c5b11598d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 06:28:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c9208747f2926b414bae65ed0e18fac5 Sha1: 3b25f459b1fe1a63689880699450305a8aee8b77 Sha256: 2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 06:28:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c9208747f2926b414bae65ed0e18fac5 Sha1: 3b25f459b1fe1a63689880699450305a8aee8b77 Sha256: 2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js FQDN: www.gstatic.com IP: 142.250.74.3 HASH: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7 142.250.74.3 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 10017 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 07 Dec 2022 10:16:35 GMT expires: Thu, 07 Dec 2023 10:16:35 GMT cache-control: public, max-age=31536000 age: 159086 last-modified: Thu, 10 May 2018 20:35:52 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (35547) Size: 10017 Md5: fa9987a23f5a9d865766e952511baa30 Sha1: f2e620b99ee61a01671ba6a9e22ca75d58a1b52d Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-app.js FQDN: www.gstatic.com IP: 142.250.74.3 HASH: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5 142.250.74.3 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 8604 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 08 Dec 2022 21:48:07 GMT expires: Fri, 08 Dec 2023 21:48:07 GMT cache-control: public, max-age=31536000 age: 31194 last-modified: Thu, 10 May 2018 20:35:51 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25088) Size: 8604 Md5: 73069e532b7039778d3a7128c997c61a Sha1: c523bbf1ac7f4e612c8ade75434c42fbca885adc Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 216.58.211.3 HASH: 2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196 216.58.211.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 09 Dec 2022 06:28:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: c9208747f2926b414bae65ed0e18fac5 Sha1: 3b25f459b1fe1a63689880699450305a8aee8b77 Sha256: 2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196
GET /js/pushjs/1.0.0/utils.js HTTP/1.1 Host: rgjgwe.metlculousdates.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=backuser&click_id=wikqe6392d570000c03fc&iexpp=1&j1=1&j9=1 Cookie: unique_id=6392d57100082c9b; unique_id2=6392d571000a7c38; 6392d571000a7c38_c=1; ref_token=138089; impression=; 6392d571000a7c38_sl=[212225] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rgjgwe.metlculousdates.net/js/pushjs/1.0.0/utils.js FQDN: rgjgwe.metlculousdates.net IP: 63.32.216.166 HASH: 3b009013b06498badaddfa87e6254281492bf0f5c6ba34ae77ab9311a3b0d862 63.32.216.166 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 09 Dec 2022 06:28:01 GMT expires: Fri, 16 Dec 2022 06:28:01 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (53831) Size: 18079 Md5: f7a321e9faf656678cfe74e39feb86b1 Sha1: 2fd6a32c293ef3d92a40c55d3d8a96904c020b77 Sha256: 3b009013b06498badaddfa87e6254281492bf0f5c6ba34ae77ab9311a3b0d862
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 Host: rgjgwe.metlculousdates.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=backuser&click_id=wikqe6392d570000c03fc&iexpp=1&j1=1&j9=1 Cookie: unique_id=6392d57100082c9b; unique_id2=6392d571000a7c38; 6392d571000a7c38_c=1; ref_token=138089; impression=; 6392d571000a7c38_sl=[212225] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rgjgwe.metlculousdates.net/js/pushjs/1.0.0/subscriber.js FQDN: rgjgwe.metlculousdates.net IP: 63.32.216.166 63.32.216.166 HTTP/2 200 OK content-type: application/javascript server: nginx date: Fri, 09 Dec 2022 06:28:01 GMT expires: Fri, 16 Dec 2022 06:28:01 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---
GET /landings/212225/1624025125/images/bg.mp4 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: video/webm,video/ogg,video/;q=0.9,application/ogg;q=0.7,audio/;q=0.6,/;q=0.5 Accept-Language: en-US,en;q=0.5 Range: bytes=0- Connection: keep-alive Referer: https://rgjgwe.metlculousdates.net/ Sec-Fetch-Dest: video Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/212225/1624025125/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 184.31.15.67 HTTP/1.1 206 Partial Content Content-Type: video/mp4 x-amz-id-2: PYCeh/fcpOLFMxwp+WjJrLuyZWn0W+QEBQxTdDCG8v368APnG/m0oked+OngdOIureCe7kW4K0g= x-amz-request-id: YNQGNQF9RNKBV33G Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT ETag: "cc4714e8b4e4c5fec9b05bafaeb508d5" Accept-Ranges: bytes Server: AmazonS3 Date: Fri, 09 Dec 2022 06:28:01 GMT Content-Range: bytes 0-3823843/3823844 Content-Length: 3823844 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info ---

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11740 

                                        
                                            
Expires: Fri, 09 Dec 2022 09:43:39 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 06:27:59 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    388f6fea5bafa378266622b72311a6ee

                                                Sha1:   447f102dc12172ce1ba44c5e94e1d7bb49d43372

                                                Sha256: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA" 

                                        
                                            
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15063 

                                        
                                            
Expires: Fri, 09 Dec 2022 10:39:02 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 06:27:59 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    4ee537977be9c03702f8ffe0025bf1fe

                                                Sha1:   21637881c4aa34c4add703f8bff4eff573159f45

                                                Sha256: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: aPvCeeXs9NyP8XH6SjfycA/owOikvyrTUMIFiV5pdUi0veaK+r9VnRNYF3eyIkwyqhbe3+41uns= 

                                        
                                            
x-amz-request-id: M7Q95QVP0DK9G2ZF 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 05:50:08 GMT 

                                        
                                            
age: 2271 

                                        
                                            
last-modified: Wed, 30 Nov 2022 10:06:34 GMT 

                                        
                                            
etag: "53341dea33f4f3d9b4966f80589f429a" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    53341dea33f4f3d9b4966f80589f429a

                                                Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d

                                                Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 06:07:55 GMT 

                                        
                                            
age: 1204 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            GET /res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=TECH_UNKNOWN_CAMPAIGN HTTP/1.1 

                                        
                                            
Host: findflirtydates.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         3.66.185.70

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Fri, 09 Dec 2022 06:27:59 GMT 

                                        
                                            
content-length: 350 

                                        
                                            
location: https://www.dirtytinder.club/c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= 

                                        
                                            
server: nginx 

                                        
                                            
x-powered-by: Express 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
vary: Accept, Accept-Encoding 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (350), with no line terminators

                                                Size:   350

                                                Md5:    67f0003da95624d577f7653bcd071724

                                                Sha1:   f8a6d804d1064054ca52cfc703b8f2c8f547ed92

                                                Sha256: 3fc0fbd5baebc9966029c9362a532698f7de479aa586a8b306826e9e952315be

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.156

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=157482 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:00 GMT 

                                        
                                            
Etag: "6392999a-1d7" 

                                        
                                            
Expires: Sun, 11 Dec 2022 02:12:42 GMT 

                                        
                                            
Last-Modified: Fri, 09 Dec 2022 02:12:42 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: AePhrFvjk_XBfeThOvf-OPAGMrc5IxVcaI1U5PkoB5ihffjvzjUpdQ== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    74ade7a59069dd177f748ea5e0cda2d8

                                                Sha1:   217d5ac6cb07c8b18956215e80ac7855faa31ad1

                                                Sha256: 0a8aa70d5f8138fef563d9eafee2f9ac3e03bf0b4c7813e99ab0867f3d73372b

                                        
                                            GET /c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= HTTP/1.1 

                                        
                                            
Host: www.dirtytinder.club

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         3.122.92.146

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
date: Fri, 09 Dec 2022 06:28:00 GMT 

                                        
                                            
content-length: 316 

                                        
                                            
location: https://www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UubWV0bGN1bG91c2RhdGVzLm5ldC9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD13aWtxZTYzOTJkNTcwMDAwYzAzZmMmajE9MSZqOT0x&action=action_tmp 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: unique_id=6392d5700003902b; Path=/; Expires=Tue, 07 Feb 2023 06:28:00 GMT; Secure; SameSite=None
unique_id2=6392d57000039818; Path=/; Expires=Thu, 09 Mar 2023 06:28:00 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Fri, 09 Dec 2022 06:28:00 GMT; Secure; SameSite=None
tid=wikqe6392d570000c03fc; Path=/; Expires=Sat, 13 Nov 2027 06:28:00 GMT; Secure; SameSite=None 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (314)

                                                Size:   316

                                                Md5:    7caa094cbc361ad0797db0769fce830b

                                                Sha1:   f4e634faf1584eae7d64dc911e1e962cd8c281a2

                                                Sha256: 9a0655ce6caae19b060d9edf9eedab35c5fa236208e85f1c8617da661b94c173

                                        
                                            GET /redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UubWV0bGN1bG91c2RhdGVzLm5ldC9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD13aWtxZTYzOTJkNTcwMDAwYzAzZmMmajE9MSZqOT0x&action=action_tmp HTTP/1.1 

                                        
                                            
Host: www.redir2fuck.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1

                                         52.19.101.114

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 09 Dec 2022 06:28:00 GMT 

                                        
                                            
content-length: 295 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with no line terminators

                                                Size:   295

                                                Md5:    e7d10fb8bea96b1c3217948f4cf62d38

                                                Sha1:   66fde5509e26a5731796bc5b5d2359bede2b2805

                                                Sha256: 7547d88eb9c896c936b97c5a485656da70d61c638eea57394c526e1131786ec1

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "FB44C446606A302086F4C1E1F2AA064129724CC9BD3D163FA9CF4BA579EDF5DC" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14896 

                                        
                                            
Expires: Fri, 09 Dec 2022 10:36:17 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a5721b04dd13970315bc562192a7e7fc

                                                Sha1:   2b6f5ce795df34fc6cf842a46f3c7a8657188998

                                                Sha256: fb44c446606a302086f4c1e1f2aa064129724cc9bd3d163fa9cf4ba579edf5dc

                                        
                                            GET /landings/212225/1624025125/css/main.css?1624025125 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
x-amz-id-2: dGUFAMVBkOQ2M09fPhZ1Ma8w2Xy1XvKCfgRZ8AuwChumab2SGLxJ/MaaDA5FdXypzEIBQ1OFg34= 

                                        
                                            
x-amz-request-id: 3SRVVYPBVS1113MX 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT 

                                        
                                            
ETag: "e8ad0d5112ebc38ccffa906a88480571" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Content-Length: 1438 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  assembler source, ASCII text

                                                Size:   1438

                                                Md5:    8df101b94d92ec02934a35a76b709de6

                                                Sha1:   d76437a536afe0430c9d6a765841de9eeb50a448

                                                Sha256: c8aff816800155d1460ec0dbce2c4ea158df479388e1f276e06514ab28d2bc2b

                                        
                                            GET /landings/212225/1624025125/js/script.js?1624025125 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
x-amz-id-2: 9v4LI0Nf/QJJk1CdEv3RcXP+gaGX0x+GvEWprsUgwN9MHr/m5kCGlZEi1P6bQ42YQFXAMUEd4PA= 

                                        
                                            
x-amz-request-id: 76SV05V07173EPSM 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT 

                                        
                                            
ETag: "7088a812e48fb5ed8602225eddbac48f" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 145 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   145

                                                Md5:    7088a812e48fb5ed8602225eddbac48f

                                                Sha1:   4ab069794875538586cdbb1a924333a037e630d1

                                                Sha256: ee31e979a2410b8968bbfa00dbc3a6f2fb870562da1ac4315054da1a6c14eba0

                                        
                                            GET /landings/212225/1624025125/js/jquery-2.2.4.min.js?1624025125 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
x-amz-id-2: iGCeVFed+qRt5/WMxWkRwGf/gH1XJWT9G/wuX8FMV9kjQEmQ+TKNro5xNmWT1F7vjK1rbeV2n2g= 

                                        
                                            
x-amz-request-id: 3SRP1WXFV252M78E 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT 

                                        
                                            
ETag: "61a04f254179208c931ebf40f4cfddf5" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Content-Length: 36023 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (530), with CRLF line terminators

                                                Size:   36023

                                                Md5:    378507f30ab981ba7c512e07d134caaf

                                                Sha1:   dd17d6f540df83bab63921deda1b9462a5047c00

                                                Sha256: 97d25af867afe95682e66a2d01f9c5e2f085df402403671e6ba885f49a1e03be

                                        
                                            GET /landings/212225/1624025125/images/filter.png HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
x-amz-id-2: 6eh5do1b8hgTeOza38mZfW8wgPNOd77OHhj5QOvCkmuRXAHd3sggs6UfTfbV6M2Kt838nKJuYCM= 

                                        
                                            
x-amz-request-id: G2Z4PE5JF8DVJFA5 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT 

                                        
                                            
ETag: "9c15c9a0a02ff49660d3c31f5c190b99" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 621 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 38 x 33, 8-bit colormap, non-interlaced\012- data

                                                Size:   621

                                                Md5:    9c15c9a0a02ff49660d3c31f5c190b99

                                                Sha1:   54c7501b9dfb865b87cd496e692779609bdc03bf

                                                Sha256: ad282a1099717f016062356106530897020924d9e92f613a21f2c305059184f8

                                        
                                            GET /landings/212225/1624025125/images/preview.jpg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
x-amz-id-2: +nHh7RkH0nutv1CA35z5OcqzIEFGocwQgk9KVJyOUbAiSWuTg5EJP9olbg5ef7NM90ctAxxWtCM= 

                                        
                                            
x-amz-request-id: VSQNNVA9AT56022K 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT 

                                        
                                            
ETag: "f14e845449946d94336832c6a288b753" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 41399 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=257, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=257], progressive, precision 8, 257x257, components 3\012- data

                                                Size:   41399

                                                Md5:    f14e845449946d94336832c6a288b753

                                                Sha1:   16b73762fe2dd8ffccbf8da97504a3bd4c4c396f

                                                Sha256: c7c713b35f729a8e3246f80f666d8ff01233745653afee65ff603ab2d86fe9b5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19057 

                                        
                                            
Expires: Fri, 09 Dec 2022 11:45:38 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7b8c1870f03a90aac6370fc69516f95f

                                                Sha1:   1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb

                                                Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         95.101.11.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=19057 

                                        
                                            
Expires: Fri, 09 Dec 2022 11:45:38 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7b8c1870f03a90aac6370fc69516f95f

                                                Sha1:   1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb

                                                Sha256: f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8345 

                                        
                                            
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cpwRBF_gIAMFdCA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng== 

                                        
                                            
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 12:37:33 GMT 

                                        
                                            
age: 64228 

                                        
                                            
etag: "4792b0893827924e84cc51450012407717da4d2b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8345

                                                Md5:    659b6eb1f1c430e2780758c7787b9a23

                                                Sha1:   4792b0893827924e84cc51450012407717da4d2b

                                                Sha256: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 3030 

                                        
                                            
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: czUqCFWBoAMFiqg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ== 

                                        
                                            
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 14:51:55 GMT 

                                        
                                            
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f" 

                                        
                                            
age: 56166 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   3030

                                                Md5:    a1be0ae00ba0c6009ac14c8df38b8ad0

                                                Sha1:   33edd1469c54a08e3c4cb0003b87b225eba55b3f

                                                Sha256: ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5188 

                                        
                                            
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ck2-5G9joAMFlPA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g== 

                                        
                                            
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 17:01:04 GMT 

                                        
                                            
age: 48417 

                                        
                                            
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5188

                                                Md5:    fba9a3854df65740512f96efe7442e58

                                                Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a

                                                Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9

                                        
                                            GET /landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://rgjgwe.metlculousdates.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn-dimi.akamaized.net/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/x-font-ttf

                                        

                                        
                                            
x-amz-id-2: ikXxGD3V55TtP6jGVtUGbyHqUiHUqCgb3+gelfaqLxGkMURzm5+ptdLgvufLXjgWPv6+1e11TDc= 

                                        
                                            
x-amz-request-id: G2Z2ZQSPT2KV8EE2 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT 

                                        
                                            
ETag: "0d984acaec916c225c012f27d0c56a91" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 131916 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt\012- data

                                                Size:   131916

                                                Md5:    0d984acaec916c225c012f27d0c56a91

                                                Sha1:   0a12b8eecf92432c96ca8c0a987018d080fe13ba

                                                Sha256: d4d8d7f2ba61c44496fc78b6d596a0cbe111bf6c906687b8ab8d602fe2770a21

                                        
                                            GET /landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://rgjgwe.metlculousdates.net 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn-dimi.akamaized.net/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Range: bytes=83340- 

                                        
                                            
If-Range: "0d984acaec916c225c012f27d0c56a91"

                                         184.31.15.67

                                        
                                            HTTP/1.1 206 Partial Content 

                                        
                                            
Content-Type: application/x-font-ttf

                                        

                                        
                                            
x-amz-id-2: ikXxGD3V55TtP6jGVtUGbyHqUiHUqCgb3+gelfaqLxGkMURzm5+ptdLgvufLXjgWPv6+1e11TDc= 

                                        
                                            
x-amz-request-id: G2Z2ZQSPT2KV8EE2 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT 

                                        
                                            
ETag: "0d984acaec916c225c012f27d0c56a91" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Content-Range: bytes 83340-131915/131916 

                                        
                                            
Content-Length: 48576 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   48576

                                                Md5:    fd16cfcb8a7d00ed2007bd018d4d2978

                                                Sha1:   41289ef5416df59eea77231e412d9dd515545e8c

                                                Sha256: 1189dfd91738702f0bbd47f9924c33ca8b5b827dc11bca28bff7753c5b11598d

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         216.58.211.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    c9208747f2926b414bae65ed0e18fac5

                                                Sha1:   3b25f459b1fe1a63689880699450305a8aee8b77

                                                Sha256: 2c5333a23ade630e8dd8242aa59e371fa2208e265c58916e6fa799683d53f196

                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 

                                        
                                            
Host: www.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.3

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" 

                                        
                                            
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} 

                                        
                                            
content-length: 8604 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 08 Dec 2022 21:48:07 GMT 

                                        
                                            
expires: Fri, 08 Dec 2023 21:48:07 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 31194 

                                        
                                            
last-modified: Thu, 10 May 2018 20:35:51 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (25088)

                                                Size:   8604

                                                Md5:    73069e532b7039778d3a7128c997c61a

                                                Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc

                                                Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5

                                        
                                            GET /js/pushjs/1.0.0/utils.js HTTP/1.1 

                                        
                                            
Host: rgjgwe.metlculousdates.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=backuser&click_id=wikqe6392d570000c03fc&iexpp=1&j1=1&j9=1 

                                        
                                            
Cookie: unique_id=6392d57100082c9b; unique_id2=6392d571000a7c38; 6392d571000a7c38_c=1; ref_token=138089; impression=; 6392d571000a7c38_sl=[212225] 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         63.32.216.166

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
expires: Fri, 16 Dec 2022 06:28:01 GMT 

                                        
                                            
cache-control: max-age=604800 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  C source, ASCII text, with very long lines (53831)

                                                Size:   18079

                                                Md5:    f7a321e9faf656678cfe74e39feb86b1

                                                Sha1:   2fd6a32c293ef3d92a40c55d3d8a96904c020b77

                                                Sha256: 3b009013b06498badaddfa87e6254281492bf0f5c6ba34ae77ab9311a3b0d862

                                        
                                            GET /landings/212225/1624025125/images/bg.mp4 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Range: bytes=0- 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rgjgwe.metlculousdates.net/ 

                                        
                                            
Sec-Fetch-Dest: video 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 206 Partial Content 

                                        
                                            
Content-Type: video/mp4

                                        

                                        
                                            
x-amz-id-2: PYCeh/fcpOLFMxwp+WjJrLuyZWn0W+QEBQxTdDCG8v368APnG/m0oked+OngdOIureCe7kW4K0g= 

                                        
                                            
x-amz-request-id: YNQGNQF9RNKBV33G 

                                        
                                            
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT 

                                        
                                            
ETag: "cc4714e8b4e4c5fec9b05bafaeb508d5" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Date: Fri, 09 Dec 2022 06:28:01 GMT 

                                        
                                            
Content-Range: bytes 0-3823843/3823844 

                                        
                                            
Content-Length: 3823844 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	findflirtydates.com/tds/ae
IP	18.185.232.255 (Germany)
ASN	#16509 AMAZON-02
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-09 06:28:09 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (17)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 18.185.232.255

Last 5 reports on ASN: AMAZON-02

Last 1 reports on domain: findflirtydates.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (50)

Overview

Domain Summary (17)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 18.185.232.255

Last 5 reports on ASN: AMAZON-02

Last 1 reports on domain: findflirtydates.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (50)

Network Intrusion Detection Systems