r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6666
Expires: Wed, 08 Feb 2023 22:16:45 GMT
Date: Wed, 08 Feb 2023 20:25:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4582
Expires: Wed, 08 Feb 2023 21:42:01 GMT
Date: Wed, 08 Feb 2023 20:25:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 19:36:42 GMT
content-type: application/json
age: 2937
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12720
Expires: Wed, 08 Feb 2023 23:57:39 GMT
Date: Wed, 08 Feb 2023 20:25:39 GMT
Connection: keep-alive
r.goaffmy.com/click?pid=9980&offer_id=2359&sub1=102d52f925e07a092ca4fafe4c55db&sub2=44542&sub3=147124_&bo=2753,2754,2755,2756
34.90.46.36302 Found 0 B URL HTTP/1.1 r.goaffmy.com/click?pid=9980&offer_id=2359&sub1=102d52f925e07a092ca4fafe4c55db&sub2=44542&sub3=147124_&bo=2753,2754,2755,2756
IP 34.90.46.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=9980&offer_id=2359&sub1=102d52f925e07a092ca4fafe4c55db&sub2=44542&sub3=147124_&bo=2753,2754,2755,2756 HTTP/1.1
Host: r.goaffmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 08 Feb 2023 20:25:39 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://r.go2offer-1.com/click?pid=9980&offer_id=3678&sub1=102d52f925e07a092ca4fafe4c55db&sub2=44542&sub3=147124_&sub4=&sub5=&sub6=&sub7=&sub8=
Access-Control-Allow-Origin: *
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yaeuARnrA+kSyBijEVttA+4SLprfV/Ajt3Tu3xRb/yWnaQNyZtLLuXclbuSkmu5vsR0b+oBLe5s=
x-amz-request-id: 5JGNXDB5KEDR73QZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 19:46:05 GMT
age: 2374
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:25:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 19:51:20 GMT
age: 2059
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6129
Expires: Wed, 08 Feb 2023 22:07:48 GMT
Date: Wed, 08 Feb 2023 20:25:39 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e3d6bc64b6d9584bc87e40c46699beff
71dfe0a65df74f032626beb4304feb933784361f
844d93e02991f19e2e01af03ec24c8a88bbcab0581dae599b2cf525093206770
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:25:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 01:32:30 GMT
Expires: Wed, 15 Feb 2023 01:32:29 GMT
Etag: "71dfe0a65df74f032626beb4304feb933784361f"
Cache-Control: max-age=536209,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79671886bf121c16-OSL
r.go2offer-1.com/click?pid=9980&offer_id=3678&sub1=102d52f925e07a092ca4fafe4c55db&sub2=44542&sub3=147124_&sub4=&sub5=&sub6=&sub7=&sub8=
34.90.46.36302 Found 0 B URL HTTP/2 r.go2offer-1.com/click?pid=9980&offer_id=3678&sub1=102d52f925e07a092ca4fafe4c55db&sub2=44542&sub3=147124_&sub4=&sub5=&sub6=&sub7=&sub8=
IP 34.90.46.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=9980&offer_id=3678&sub1=102d52f925e07a092ca4fafe4c55db&sub2=44542&sub3=147124_&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1
Host: r.go2offer-1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 20:25:39 GMT
content-length: 0
location: https://omgtds.com/c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=9980&source=44542&externalId=63e4054396101d0001cfe120&sub2=44542&sub3=9980&pp=1
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63e4054396101d0001cfe120; expires=Thu, 08 Feb 2024 20:25:39 GMT; secure; SameSite=None
afoffers={"3678":1675887939}; expires=Thu, 08 Feb 2024 20:25:39 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.41.91.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.91.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: aySWd+ukfXcuLkv2PMGLwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xntw2pxONlCv3cDXryZZ/QqF+8U=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2cb1934c7fed8cf1d64401d3b0c1db6
6bada8c4537a8f26e2afa2e546bfd7b266441e01
0c27a5a6715ec84c85c7401128aa0d4f9803acde354e6c889af5942409d312f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C27A5A6715EC84C85C7401128AA0D4F9803ACDE354E6C889AF5942409D312F0"
Last-Modified: Wed, 08 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21511
Expires: Thu, 09 Feb 2023 02:24:11 GMT
Date: Wed, 08 Feb 2023 20:25:40 GMT
Connection: keep-alive
omgtds.com/c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=9980&source=44542&externalId=63e4054396101d0001cfe120&sub2=44542&sub3=9980&pp=1
185.162.87.41302 Found 191 B URL HTTP/1.1 omgtds.com/c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=9980&source=44542&externalId=63e4054396101d0001cfe120&sub2=44542&sub3=9980&pp=1
IP 185.162.87.41:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text
Hash d5b598412aa74fc264f154642ee6a174
69e80422c39cb64426c8f4cd1b837c0c74c18a18
414fc073d43ee294e1f6606cad2d9524aff6781c0c39f520961052f0297b7c7a
GET /c1/b30bdb65-5c08-49a9-8082-5c8ea9af818f?aff=9980&source=44542&externalId=63e4054396101d0001cfe120&sub2=44542&sub3=9980&pp=1 HTTP/1.1
Host: omgtds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Wed, 08 Feb 2023 20:25:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 191
Connection: keep-alive
Location: https://r.goaffmy.com/click?pid=14148&offer_id=3261&sub1=cfi0ah51su2vfgrpg1g0&sub2=44542&sub3=9980&sub5=63e4054396101d0001cfe120&sub7=&sub8=
Set-Cookie: uid=YqWljQbap; Path=/; Domain=omgtds.com; Max-Age=86400; HttpOnly
X-Clickid: cfi0ah51su2vfgrpg1g0
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 1b104807a1380cdf554a9e3f639ed7fe
7b9af1bcae38b43fa761bb1646df164c9d28adf1
4826a3e2f4e54eb02622db1e84c6e0190b2e1efec9c94bc968eb5716dd63ce26
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:25:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 06 Feb 2023 13:23:10 GMT
Expires: Mon, 13 Feb 2023 13:23:09 GMT
Etag: "7b9af1bcae38b43fa761bb1646df164c9d28adf1"
Cache-Control: max-age=406048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7967188bed2e1c16-OSL
r.goaffmy.com/click?pid=14148&offer_id=3261&sub1=cfi0ah51su2vfgrpg1g0&sub2=44542&sub3=9980&sub5=63e4054396101d0001cfe120&sub7=&sub8=
34.90.46.36302 Found 0 B URL HTTP/2 r.goaffmy.com/click?pid=14148&offer_id=3261&sub1=cfi0ah51su2vfgrpg1g0&sub2=44542&sub3=9980&sub5=63e4054396101d0001cfe120&sub7=&sub8=
IP 34.90.46.36:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=14148&offer_id=3261&sub1=cfi0ah51su2vfgrpg1g0&sub2=44542&sub3=9980&sub5=63e4054396101d0001cfe120&sub7=&sub8= HTTP/1.1
Host: r.goaffmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 20:25:40 GMT
content-length: 0
location: https://brides-story.com/tds/rsl?tdsId=s6593mak_r&tds_campaign=s6593mak&utm_source=arba&utm_term=mob_sml_ww_adv_aff&s1=arb&p1=9980_44542&data2=63e40544eae3fd00013bf81d&utm_campaign=38db92b9
x-adjust-use-original-forwarded-for: 1
referer:
referrer-policy: no-referrer
set-cookie: afclick=63e40544eae3fd00013bf81d; expires=Thu, 08 Feb 2024 20:25:40 GMT; secure; SameSite=None
afoffers={"3261":1675887940}; expires=Thu, 08 Feb 2024 20:25:40 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 0b7a11a416a838e4edfef24a267ee535
6d690c3985a088c03a0e4c2df7ad67798c1b4996
a1a729428b630414814be04210caa25b49ae2fa959fe60019eadd61087fa3861
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 08 Feb 2023 20:25:41 GMT
Last-Modified: Wed, 08 Feb 2023 18:51:01 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LitbwEGZmyp1YjcPVMMcmKJYJzJGBOULS1XL_zkxyv-vpF3Dz_Ws4Q==
Age: 5680
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9207
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 20:25:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9207
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 20:25:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9207
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 20:25:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9207
Expires: Wed, 08 Feb 2023 22:59:08 GMT
Date: Wed, 08 Feb 2023 20:25:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8a3fa4f1ec82d501942f9db3de2cb7d
b91c2aea7f2fb26131c8929b254c5596a1bb25ff
9d246eeab8ba04c775a03fd960c8859934a0accb737e845e89aba40bc573fdaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcb27041-48b2-474f-b9d5-f88e9e662723.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6342
x-amzn-requestid: b2b61a71-5326-4fc6-baba-7baad29cf7c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkbHfDIAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c482-5cc4028d01d05305637af317;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xc32O6lBfn7jYg9I3VlZ5FnR9YpJtU3DbYD_ozsf_-R_Ih1-2e1-CQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:10 GMT
age: 81811
etag: "b91c2aea7f2fb26131c8929b254c5596a1bb25ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbe359ce6fb136add75c8f3d3cc06330
e6584afcf39b6fad21eccbcce95c6645b8e1b3b8
29478bf1b8168dc457bb7d298448a78e1040bd3aa80cbf11cfa37475568590d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ed9aa0-a88e-4b92-a2bb-567735d813b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8170
x-amzn-requestid: d1ddb47f-3472-4015-8d55-72f435671f03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSPHiroAMFpSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070da-114975440d70915472cdba2f;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0w6JgtsKSRHLPJ3LyY6YUI8N7PS-gVlLuivQUq9jdyeYYm3STiJJIQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:13:34 GMT
age: 58327
etag: "e6584afcf39b6fad21eccbcce95c6645b8e1b3b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 80376
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dSxTM3mmYK8cLOy5_x4o-lew1goEgwT4fBHi0pM-HSK_qBC6rDAlzg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 15:13:11 GMT
age: 18750
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d2eccb9280b851aa1725df5681f6bbd
b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5
c64ece16f4c550feb05db1bccbf74b49d839e77fea31893d48a3f0c267939c92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8532aa1-7280-445c-9c4c-b562d09929d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10328
x-amzn-requestid: 0b0b3fcd-416c-47ac-afa0-51be0ab85665
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PPlGGqoAMFxYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c596-219ee5023d71e4ce17d49233;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1uPNh-FvA8oI5ZuruNle0ATMPSsyl-_ZjLrUnPQJrogPVREc8wrHMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:12:09 GMT
etag: "b4e2b14ee5bc9ee6c9c05666c34b2d1b6ec425b5"
content-type: image/jpeg
age: 80012
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 81818
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.smart-tds.com/7c559eb3-ab02-45e4-84ee-696f874d43fb?t1=b7208mak_38db92b9&tag=df21485883bf80b3ad2fe1c9c804f373acf7e9e1&tds_cid=df21485883bf80b3ad2fe1c9c804f373acf7e9e1
35.156.152.207302 Found 0 B URL HTTP/2 track.smart-tds.com/7c559eb3-ab02-45e4-84ee-696f874d43fb?t1=b7208mak_38db92b9&tag=df21485883bf80b3ad2fe1c9c804f373acf7e9e1&tds_cid=df21485883bf80b3ad2fe1c9c804f373acf7e9e1
IP 35.156.152.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7c559eb3-ab02-45e4-84ee-696f874d43fb?t1=b7208mak_38db92b9&tag=df21485883bf80b3ad2fe1c9c804f373acf7e9e1&tds_cid=df21485883bf80b3ad2fe1c9c804f373acf7e9e1 HTTP/1.1
Host: track.smart-tds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brides-story.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 20:25:41 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://track.opt-tds.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
pragma: no-cache
set-cookie: 7c559eb3-ab02-45e4-84ee-696f874d43fb-v4=3aQ49Dy8yfL-5VSJvnr16y362U-kUP4meMmKAHAnYVo; Max-Age=86400; Expires=Thu, 09-Feb-2023 20:25:41 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=CW6jmVp4fLi3O7DVI6h8yBO3B%2F5h3NaQq37aC8NZnnj%2B9rJ2wyYcGSCPB1x9N4R5FRBx0OK8tjEyBOIaTjkETdDH5IwT%2FFmpaP919qx7kAi2kCJULASEljD47clYYT684KZWJnVyy1g%2Ff6H1KocFfQ%3D%3D; Max-Age=31536000; Expires=Thu, 08-Feb-2024 20:25:41 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
track.opt-tds.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
18.193.235.10302 Found 0 B URL HTTP/2 track.opt-tds.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
IP 18.193.235.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2 HTTP/1.1
Host: track.opt-tds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://brides-story.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 20:25:41 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?campaign=Norway&cep=Du96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442&lptoken=16ba751f882a97d341b0&s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
pragma: no-cache
set-cookie: c4b5ad04-8822-42c1-9db5-e9a49f15358b-v4=ldx2c2pGLGF3g0fQatmZiu3QiSviLMYmoWeM1fWwd-U; Max-Age=86400; Expires=Thu, 09-Feb-2023 20:25:41 GMT; Domain=track.opt-tds.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=CpepOXBC-otPfeAQ_gGU6wO_Nco3CEWgi2LBXI25HjwtOqWVCDGAdR3PHEFRuZTKXvRi64lNuRKqgfifnFnrs0SE3M2HQ0R0kzPQq5MMXt4iFiMJqmkUCk1qUSkG2sanIO7RWZ2AfLCuG1LEn3vyCaBJulLrMUnrcyQTKlaS_na6d_gIvdPT8hTCT0zn3mAJDucs_61Zuiw744Xp8JmjPAxaic6qguekMJO57qCIVDF-OqaVBWrVJmlOmCchsktTVluWak7BncqlZaO3DFes35oaKROhK7bcDD9gMTcU1j_GEAABk15LVoHSZjtBXkJLeJYg8i6cGvcfMeD1suVuXi0rZDS1VctdpiM8zEqr4Rz36SW9pPFltFmeT6XXT-7A2BfSvduLoT555kQ44e5DdSgFe2ICYmqMcPH6TdBM8Hryiil8NXDXb3gKC7zhmjc8Vjj0lmbH7ATjIh_1jw3G46pTPx94SCa76-_tEKmrBUv8ltTqbZ2_dEhJ0Y1HLeLpGeD65YcMMLPRh40jg7RyRXBSlVcSRWvkls3bl82twdsk2XuOvwBIFq2LYzVZJc6k; Max-Age=86400; Expires=Thu, 09-Feb-2023 20:25:41 GMT; Domain=track.opt-tds.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/tV-gbU0e9Hc
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/tV-gbU0e9Hc
IP 142.250.74.131:0
Hash 6b503a78ad7b31f002950a29a8fa1bc3
ed47ae7b364e26109daf1c7b42fd349709552078
71911df940a15003b1e1d27d53406f88a044b855a3e84c99fc30c96b463855d5
POST /s/gts1p5/tV-gbU0e9Hc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/tV-gbU0e9Hc
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/tV-gbU0e9Hc
IP 142.250.74.131:0
Hash 6b503a78ad7b31f002950a29a8fa1bc3
ed47ae7b364e26109daf1c7b42fd349709552078
71911df940a15003b1e1d27d53406f88a044b855a3e84c99fc30c96b463855d5
POST /s/gts1p5/tV-gbU0e9Hc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?campaign=Norway&cep=Du96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442&lptoken=16ba751f882a97d341b0&s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
104.21.24.208200 OK 66 kB URL HTTP/2 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?campaign=Norway&cep=Du96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442&lptoken=16ba751f882a97d341b0&s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
IP 104.21.24.208:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (848), with CRLF, LF line terminators
Hash 24c591b3958dca4fa5c8b01532784904
a44d184e8beaa261853c1b92849ef91297018f7a
2bafa90be27af03e1f02727f8d3d4656df907617c926ca9ea83e1f4ad0d2fc88
GET /0/no/NO_fullpage-tik_28122021/?campaign=Norway&cep=Du96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442&lptoken=16ba751f882a97d341b0&s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://brides-story.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:42 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 28 Dec 2021 16:22:36 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzWvNZvMo7Hyuw7BW6S9fL%2BNsVh5A%2FGYQOaBHAsrMgj%2BqmH0tjUE8NFf0NdOCliNWy4REUIh54fP2m9OUY6TVh7DCYa9R%2BA%2FKKenRS8KCBEwgMU5TKpf5uayn7m2NyhRzoXmbuiAfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79671895aa3cb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W62P37M
216.58.207.200200 OK 56 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W62P37M
IP 216.58.207.200:0
File type ASCII text, with very long lines (15879)
Hash 42e0659e083c5ccf23326d3b22d9d400
147a8c9037f128b621ce7b4587473441655e3a2a
a8c37cb3386eb70ff6a0f2729ee3d73d7a0253c404ef5adc56cdb48fba42f68e
GET /gtm.js?id=GTM-W62P37M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 20:25:42 GMT
expires: Wed, 08 Feb 2023 20:25:42 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 18:39:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.8 kB IP 142.250.74.131:0
Hash 294b6544f7ad466bfe8b0982d1e837fd
14d5aa63f22ed3d87b19e406e2c15381038b17e7
3b7e146e98502fa45cba21798964a455112454328706fda69ef107fafa38378e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e517bae81ab39c4f55057b13ef81aaf
2d86cb59ceb3d5f1ac33957bb8234101562415cb
b931c0516820b16e0b300f130a94a02e877bfcbb89f24f5cc317fa219ecda5e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4831
Cache-Control: max-age=132583
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Etag: "63e3554e-116"
Expires: Fri, 10 Feb 2023 09:15:25 GMT
Last-Modified: Wed, 08 Feb 2023 07:54:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e517bae81ab39c4f55057b13ef81aaf
2d86cb59ceb3d5f1ac33957bb8234101562415cb
b931c0516820b16e0b300f130a94a02e877bfcbb89f24f5cc317fa219ecda5e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4831
Cache-Control: max-age=132583
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Etag: "63e3554e-116"
Expires: Fri, 10 Feb 2023 09:15:25 GMT
Last-Modified: Wed, 08 Feb 2023 07:54:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
track.opt-tds.com/d/.js?lpref=https%3A%2F%2Fbrides-story.com%2F&lpurl=https%3A%2F%2Fcasual-flirt-hub.com%2F0%2Fno%2FNO_fullpage-tik_28122021%2F%3Fcampaign%3DNorway%26cep%3DDu96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442%26lptoken%3D16ba751f882a97d341b0%26s1%3Db7208mak_38db92b9%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26s6%3D%26s7%3D%26s8%3D%26s9%3D%26ks%3D3036%26cost%3D%26tag%3Dw028agnpe2ae64gmietf5rb2&lpt=BEST%20DATING%20WORLDWIDE%F0%9F%92%98&vtm=1675887998397
18.193.235.10200 OK 3.3 kB URL HTTP/2 track.opt-tds.com/d/.js?lpref=https%3A%2F%2Fbrides-story.com%2F&lpurl=https%3A%2F%2Fcasual-flirt-hub.com%2F0%2Fno%2FNO_fullpage-tik_28122021%2F%3Fcampaign%3DNorway%26cep%3DDu96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442%26lptoken%3D16ba751f882a97d341b0%26s1%3Db7208mak_38db92b9%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26s6%3D%26s7%3D%26s8%3D%26s9%3D%26ks%3D3036%26cost%3D%26tag%3Dw028agnpe2ae64gmietf5rb2&lpt=BEST%20DATING%20WORLDWIDE%F0%9F%92%98&vtm=1675887998397
IP 18.193.235.10:0
File type ASCII text, with very long lines (1280)
Hash 7f44fba37cefc5fcb387aa140ba7b9ae
7ef4abcdbdf9c70e7c7a98e1ea35f0e2b18005ad
302a25bb4408396ad9d381f91dac7476482121a825667051923495aabfc514fc
GET /d/.js?lpref=https%3A%2F%2Fbrides-story.com%2F&lpurl=https%3A%2F%2Fcasual-flirt-hub.com%2F0%2Fno%2FNO_fullpage-tik_28122021%2F%3Fcampaign%3DNorway%26cep%3DDu96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442%26lptoken%3D16ba751f882a97d341b0%26s1%3Db7208mak_38db92b9%26s2%3D%26s3%3D%26s4%3D%26s5%3D%26s6%3D%26s7%3D%26s8%3D%26s9%3D%26ks%3D3036%26cost%3D%26tag%3Dw028agnpe2ae64gmietf5rb2&lpt=BEST%20DATING%20WORLDWIDE%F0%9F%92%98&vtm=1675887998397 HTTP/1.1
Host: track.opt-tds.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 20:25:42 GMT
content-type: application/javascript;charset=UTF-8
content-length: 3308
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.226.52200 OK 55 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.226.52:0
File type ASCII text, with very long lines (65451)
Hash 2ba4a74953196695792a835d461a00d2
e9ea8e553f42968131e94e31a4a364e03661153f
7afe3abdda5bcd8621da2a786e11193e0c0ba4533fc9aba2e0385e64ee6db7e5
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:42 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 470
expires: Sat, 11 Feb 2023 20:25:42 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 79671899087fb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
a.exoclick.com/tag_gen.js
205.185.216.10200 OK 515 B URL HTTP/1.1 a.exoclick.com/tag_gen.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (1030), with no line terminators
Hash 628e0302068ade64b5f411f39d5ce7e5
ff1a609269f34bad5ae67ed1678df3f7b905d018
c583ceaeae2e9a05e25c27b61520710f16b8b98ca7f9087a75ae90a040b8bc3f
GET /tag_gen.js HTTP/1.1
Host: a.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 20:25:42 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"a56c0470b9aa925085e51a6271a"
X-HW: 1675887942.dop211.sk1.t,1675887942.cds003.sk1.shn,1675887942.dop211.sk1.t,1675887942.cds251.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&gjid=1293875198&_gid=1156818028.1675887999&_u=YEBAAEAAAAAAACAAI~&z=1879227022
64.233.164.157200 OK 1.5 kB URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&gjid=1293875198&_gid=1156818028.1675887999&_u=YEBAAEAAAAAAACAAI~&z=1879227022
IP 64.233.164.157:0
Hash 2cd5e2b356aa213894cbf8cfe8363975
d17729544007d77e6eb3f0fca704e04aa7b416aa
269f7b04c2d0aeaa9392de9a00fd5e96c9fe80cb07acbe1755c3f08c88d0a6a6
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&gjid=1293875198&_gid=1156818028.1675887999&_u=YEBAAEAAAAAAACAAI~&z=1879227022 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://casual-flirt-hub.com
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://casual-flirt-hub.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 20:25:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 84889b914548f7820766f27a40699cfa
bc674cdb5819759b5ecd5aabfde47f56127f5d89
e2a69fe4edd028d00a8a744b62ef51dada2aff144da0cd9813efc887a11f70a8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&_u=YEBAAEAAAAAAACAAI~&z=581861871
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&_u=YEBAAEAAAAAAACAAI~&z=581861871
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&_u=YEBAAEAAAAAAACAAI~&z=581861871 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 20:25:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&_u=YEBAAEAAAAAAACAAI~&z=581861871
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&_u=YEBAAEAAAAAAACAAI~&z=581861871
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-127241846-1&cid=1015864865.1675887999&jid=1691004175&_u=YEBAAEAAAAAAACAAI~&z=581861871 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 20:25:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 19377af41c1289e7643ebd82bdbee4e3
f6581b5a2dbcab7c598ad233ad2ae8c124a5da4f
6f8fe30a0b599ad059d2826780e8852eb18b8fc2654e6237c73f2b01160c86ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1449
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 20:25:47 GMT
Etag: "63e3b240-139"
Last-Modified: Wed, 08 Feb 2023 20:01:38 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
ctrack.trafficjunky.net/ctrack?action=list&type=add&id=0&context=instaflirt&cookiename=visit&maxcookiecount=10>mcb=1543148957
66.254.114.89200 OK 35 B URL HTTP/1.1 ctrack.trafficjunky.net/ctrack?action=list&type=add&id=0&context=instaflirt&cookiename=visit&maxcookiecount=10>mcb=1543148957
IP 66.254.114.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /ctrack?action=list&type=add&id=0&context=instaflirt&cookiename=visit&maxcookiecount=10>mcb=1543148957 HTTP/1.1
Host: ctrack.trafficjunky.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: openresty
date: Wed, 08 Feb 2023 20:25:47 GMT
content-type: image/gif
content-length: 35
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sun, 22 Jan 1984 03:00:00 GMT
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
pragma: no-cache
set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Fri, 10 Mar 2023 20:25:47 GMT; Secure; SameSite=None
tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Fri, 10 Mar 2023 20:25:47 GMT; Secure; SameSite=None
dcccad4e8cd529e2dd8695d508de7edc=0; Path=/; Domain=trafficjunky.net; Expires=Fri, 17 Dec 2032 20:25:47 GMT; Secure; SameSite=None
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63E4054B-42FE725901BB341B-20D0C5A1
brides-story.com/tds/rsl?tdsId=s6593mak_r&tds_campaign=s6593mak&utm_source=arba&utm_term=mob_sml_ww_adv_aff&s1=arb&p1=9980_44542&data2=63e40544eae3fd00013bf81d&utm_campaign=38db92b9
3.127.76.150302 Found 0 B URL HTTP/2 brides-story.com/tds/rsl?tdsId=s6593mak_r&tds_campaign=s6593mak&utm_source=arba&utm_term=mob_sml_ww_adv_aff&s1=arb&p1=9980_44542&data2=63e40544eae3fd00013bf81d&utm_campaign=38db92b9
IP 3.127.76.150:0
GET /tds/rsl?tdsId=s6593mak_r&tds_campaign=s6593mak&utm_source=arba&utm_term=mob_sml_ww_adv_aff&s1=arb&p1=9980_44542&data2=63e40544eae3fd00013bf81d&utm_campaign=38db92b9 HTTP/1.1
Host: brides-story.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 08 Feb 2023 20:25:41 GMT
location: https://brides-story.com/tds/interlayer/eb/s/0bec0d408f86672012cfdacbd58155df?__t=1675887941301&__l=3600
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
set-cookie: dci=5477820f11f5d9e98c83d68db7b115ed1e70dfd3; Max-Age=31536000; Domain=.brides-story.com; Path=/; Expires=Thu, 08 Feb 2024 20:25:41 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Mon, 13 Feb 2023 20:25:41 GMT
X-Firefox-Spdy: h2
brides-story.com/tds/interlayer/eb/s/0bec0d408f86672012cfdacbd58155df?__t=1675887941301&__l=3600
3.127.76.150200 OK 0 B URL HTTP/2 brides-story.com/tds/interlayer/eb/s/0bec0d408f86672012cfdacbd58155df?__t=1675887941301&__l=3600
IP 3.127.76.150:0
GET /tds/interlayer/eb/s/0bec0d408f86672012cfdacbd58155df?__t=1675887941301&__l=3600 HTTP/1.1
Host: brides-story.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: dci=5477820f11f5d9e98c83d68db7b115ed1e70dfd3; dm=fe450dd0d1dadc615429144d33241f42
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:41 GMT
content-type: text/html
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
104.21.24.208200 OK 0 B URL HTTP/2 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
IP 104.21.24.208:0
GET /0/no/NO_fullpage-tik_28122021/css/css.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?campaign=Norway&cep=Du96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442&lptoken=16ba751f882a97d341b0&s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9762
etag: W/"2622-5d4373ae366b9"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GA250fJOCE%2BSiOCMJNbY3cGHK45gjimh4Bwqubgx9%2BR70v2wS%2BD4a5HZYEzqOeANp6rPkN5NifS6ULNknfMnWgvkv%2Br4VwkTmuU7CRd%2BOnxavB1wemj%2FAXLSfIpGEK71Wq%2Fdlr5QwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79671896ab8fb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
104.18.226.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
IP 104.18.226.52:0
GET /sdks/OneSignalPageSDKES6.js?v=151514 HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:42 GMT
content-type: application/javascript
etag: W/"2f96824aee4bf927e734cc519e3e726d"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 31
expires: Sat, 11 Feb 2023 20:25:42 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7967189928cdb511-OSL
content-encoding: br
X-Firefox-Spdy: h2
brides-story.com/ao.js
3.127.76.150200 OK 0 B IP 3.127.76.150:0
Analyzer Verdict Alert fortinet Phishing
GET /ao.js HTTP/1.1
Host: brides-story.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://brides-story.com/tds/interlayer/eb/s/0bec0d408f86672012cfdacbd58155df?__t=1675887941301&__l=3600
Cookie: dci=5477820f11f5d9e98c83d68db7b115ed1e70dfd3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:41 GMT
content-type: application/javascript; charset=UTF-8
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
x-robots-tag: noindex
accept-ranges: bytes
cache-control: public, max-age=3600
last-modified: Wed, 08 Feb 2023 12:32:22 GMT
etag: W/"1509-18631033ff0"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
brides-story.com/tds/interlayer?handler=ExternalBackofferEvent&urlIn=https%3A%2F%2Fbrides-story.com%2Ftds%2Finterlayer%2Feb%2Fs%2F0bec0d408f86672012cfdacbd58155df%3F__t%3D1675887941301%26__l%3D3600&urlOut=https%3A%2F%2Ftrack.smart-tds.com%2F7c559eb3-ab02-45e4-84ee-696f874d43fb%3Ft1%3Db7208mak_38db92b9%26tag%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1%26tds_cid%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1&altQs=utm_campaign%3D38db92b9%26utm_source%3Darba%26utm_term%3Dmob_sml_ww_adv_aff%26data2%3D63e40544eae3fd00013bf81d%26p1%3D9980_44542%26s1%3Darb%26s2%3D%257Bs2%257D%26tds_campaign%3Db7208mak%26tds_id%3Db7208mak_lp_a_1639037433617_smartlink%26tds_oid%3Dcd2d3032%26tds_cid%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1%26tds_ac_id%3Ds6593mak%26tds_host%3Dbrides-story.com%26tds_path%3D%252Ftds%252Frsl%26dci%3D5477820f11f5d9e98c83d68db7b115ed1e70dfd3%26tds_ps%3Da&tdsCid=df21485883bf80b3ad2fe1c9c804f373acf7e9e1&reason=beacon&visitsCount=1&ts=1675887997438
3.127.76.150200 OK 0 B URL HTTP/2 brides-story.com/tds/interlayer?handler=ExternalBackofferEvent&urlIn=https%3A%2F%2Fbrides-story.com%2Ftds%2Finterlayer%2Feb%2Fs%2F0bec0d408f86672012cfdacbd58155df%3F__t%3D1675887941301%26__l%3D3600&urlOut=https%3A%2F%2Ftrack.smart-tds.com%2F7c559eb3-ab02-45e4-84ee-696f874d43fb%3Ft1%3Db7208mak_38db92b9%26tag%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1%26tds_cid%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1&altQs=utm_campaign%3D38db92b9%26utm_source%3Darba%26utm_term%3Dmob_sml_ww_adv_aff%26data2%3D63e40544eae3fd00013bf81d%26p1%3D9980_44542%26s1%3Darb%26s2%3D%257Bs2%257D%26tds_campaign%3Db7208mak%26tds_id%3Db7208mak_lp_a_1639037433617_smartlink%26tds_oid%3Dcd2d3032%26tds_cid%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1%26tds_ac_id%3Ds6593mak%26tds_host%3Dbrides-story.com%26tds_path%3D%252Ftds%252Frsl%26dci%3D5477820f11f5d9e98c83d68db7b115ed1e70dfd3%26tds_ps%3Da&tdsCid=df21485883bf80b3ad2fe1c9c804f373acf7e9e1&reason=beacon&visitsCount=1&ts=1675887997438
IP 3.127.76.150:0
POST /tds/interlayer?handler=ExternalBackofferEvent&urlIn=https%3A%2F%2Fbrides-story.com%2Ftds%2Finterlayer%2Feb%2Fs%2F0bec0d408f86672012cfdacbd58155df%3F__t%3D1675887941301%26__l%3D3600&urlOut=https%3A%2F%2Ftrack.smart-tds.com%2F7c559eb3-ab02-45e4-84ee-696f874d43fb%3Ft1%3Db7208mak_38db92b9%26tag%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1%26tds_cid%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1&altQs=utm_campaign%3D38db92b9%26utm_source%3Darba%26utm_term%3Dmob_sml_ww_adv_aff%26data2%3D63e40544eae3fd00013bf81d%26p1%3D9980_44542%26s1%3Darb%26s2%3D%257Bs2%257D%26tds_campaign%3Db7208mak%26tds_id%3Db7208mak_lp_a_1639037433617_smartlink%26tds_oid%3Dcd2d3032%26tds_cid%3Ddf21485883bf80b3ad2fe1c9c804f373acf7e9e1%26tds_ac_id%3Ds6593mak%26tds_host%3Dbrides-story.com%26tds_path%3D%252Ftds%252Frsl%26dci%3D5477820f11f5d9e98c83d68db7b115ed1e70dfd3%26tds_ps%3Da&tdsCid=df21485883bf80b3ad2fe1c9c804f373acf7e9e1&reason=beacon&visitsCount=1&ts=1675887997438 HTTP/1.1
Host: brides-story.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://brides-story.com
Connection: keep-alive
Referer: https://brides-story.com/tds/interlayer/eb/s/0bec0d408f86672012cfdacbd58155df?__t=1675887941301&__l=3600
Cookie: dci=5477820f11f5d9e98c83d68db7b115ed1e70dfd3; dm=fe450dd0d1dadc615429144d33241f42
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:41 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA-Wow64, Sec-CH-UA
X-Firefox-Spdy: h2
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
104.21.24.208200 OK 0 B URL HTTP/2 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
IP 104.21.24.208:0
GET /0/no/NO_fullpage-tik_28122021/css/style.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?campaign=Norway&cep=Du96vxDS3IqtqZWlYvLOn1XKa24MQIrAnuCewQpe0uMjcFXEpngfOT_jhfWUQaxdXSMWk20E4oAWv8hAi6sGwoNyizEhAt3HuF3htWILF5hL7sY8hQU8pRaoNSWZti-G1XItfnfHKY0H35ggcmQpsDe6k0AOQja7tjpSlbuUl1kITr-Y5sEHBni8N8TJzMi8VcBgKMU-X-29kcpnS7sN0B1Yg-3gylg4_zpXhxiUrO15Vd1EfsomL4tP8nLuW01HA8OGG-QwSatVMoEWj55AEQu8_-jLPkMYQEXnGtE2a0mjYCqW3bEtfNXhjvtfelUW6pjbiz8CIxE9KUzK2caarIxktwH1Ld8Ww8JmUjjgE7VlvWCuiFq3nRAKbOYgVHwpRB-h7kOVez-4GfhPF5WgmG7OzpY09vQyCXh7Rv288UIOTSiDkTJGaPrZ1Uvk2x_HtdRlNDYqPPf64XYkfA3UorsCUeS51ccilmD_ohU2cTCgXvWgy3zvujN1qRPa5zq7fPd5hQbNW6HYf5IVBgIpO9W8fpvPwTodd6Dn-Rb3ACMVZ8XChWtac8UkhKB-4442&lptoken=16ba751f882a97d341b0&s1=b7208mak_38db92b9&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3036&cost=&tag=w028agnpe2ae64gmietf5rb2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 08 Feb 2023 20:25:42 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=14510
etag: W/"38ae-5d4373ae27c58"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1760
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNoxJ1BXcm1zj4MicQHZvGR6z4cdEO2gA9GGEgY2s83aNGaEORhx57ZQbR%2FPIPyRqCgaQUf0wAgbCWCVTKbzVOJkWpjD%2FMDbcIwGuW3xyE0P15WJvGMiXpD1p%2Bl0f1xvOJjjx4aUDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796718969b89b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2