| www.twomance.com/landing5?cat=mature&pi=14452&pt1=3556165477&pe= | 34.149.78.157 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.twomance.com/landing5?cat=mature&pi=14452&pt1=3556165477&pe= IP34.149.78.157:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landing5?cat=mature&pi=14452&pt1=3556165477&pe= HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Cache-Control: private
Location: https://www.twomance.com:443/landing5?cat=mature&pi=14452&pt1=3556165477&pe=
Content-Length: 0
Date: Fri, 27 Jan 2023 05:52:24 GMT
Content-Type: text/html; charset=UTF-8
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash5fe582397f3003b225cb9058e02c2190 68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f 238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9337
Expires: Fri, 27 Jan 2023 08:28:01 GMT
Date: Fri, 27 Jan 2023 05:52:24 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash58ffdcb539c3b250fdf31ed761627fc1 5b55b1522ef84c39b5c42f9bbfbc62b806c1269f eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11056
Expires: Fri, 27 Jan 2023 08:56:40 GMT
Date: Fri, 27 Jan 2023 05:52:24 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 05:42:58 GMT
content-type: application/json
age: 566
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash49049f3c92aad686cd7ff28ecd2a5a4f 9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57 02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5620
Expires: Fri, 27 Jan 2023 07:26:04 GMT
Date: Fri, 27 Jan 2023 05:52:24 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: B3GPmCWKiKJNZjwYbQIZXZ+P919ofxyxgthkL7oYIydcyRBNnqsP9/2K7XYRBy6g3XOfoYL4ovDjL+QEeIQHtQ==
x-amz-request-id: 6Z5N5M2384S9GAAN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 05:49:18 GMT
age: 186
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 05:52:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/c-GEVZeGQjE | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/c-GEVZeGQjE IP216.58.211.3:0
Hash85f12adda3fc52fe7126a10b9f2d5700 b507ca8fb262f7b46334f4a1f81b65e362ccb1b1 fc2b880a5bf6f2795d196f52a0b3dc67ef218dde293902e954e71cb571335a0f
POST /s/gts1d4/c-GEVZeGQjE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/c-GEVZeGQjE | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/c-GEVZeGQjE IP216.58.211.3:0
Hash85f12adda3fc52fe7126a10b9f2d5700 b507ca8fb262f7b46334f4a1f81b65e362ccb1b1 fc2b880a5bf6f2795d196f52a0b3dc67ef218dde293902e954e71cb571335a0f
POST /s/gts1d4/c-GEVZeGQjE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash3ebf9d7211aba4c70b84fb470a61b414 28fe29a24e47d6abda88eeeb5e22eddda03c7fca a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash3ebf9d7211aba4c70b84fb470a61b414 28fe29a24e47d6abda88eeeb5e22eddda03c7fca a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/enterprise.js | 142.250.74.164 | 200 OK | 588 B |
URL HTTP/2www.google.com/recaptcha/enterprise.js IP142.250.74.164:0
File typeASCII text, with very long lines (940), with no line terminators Hash08eda012adc347f1af76ce3aef82e74d 50985a1e1f22615a6e49ada460e9145c786947b5 6a3ea38afa3fbca51dc0d22da01603a3287df72c4db07477d7a5612afddfa9d4
GET /recaptcha/enterprise.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 27 Jan 2023 05:52:25 GMT
date: Fri, 27 Jan 2023 05:52:25 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 588
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s | 142.250.74.164 | 200 OK | 618 B |
URL HTTP/2www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s IP142.250.74.164:0
File typeASCII text, with very long lines (974), with no line terminators Hasha927b5a025b372e39a1170c0f4cce3f3 8b607f7c21976dfbfd2bc4a2109b958f7c1dfb78 578626108f29a8e0ef2d8b80419108d808b554c0f8a5f6a20f09f916b0edc4ad
GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 27 Jan 2023 05:52:25 GMT
date: Fri, 27 Jan 2023 05:52:25 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 618
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 05:41:40 GMT
age: 645
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.twomance.com/img/logo.png | 34.149.78.157 | 200 OK | 14 kB |
URL HTTP/2www.twomance.com/img/logo.png IP34.149.78.157:0
File typePNG image data, 600 x 220, 8-bit/color RGBA, non-interlaced\012- data Hash7854077f1becc7bdc45965635d77ea44 62559785eb26ca641463380c17c27f5b9e3cf870 c378da5b752d8bed02aff435f5352c0a23ddffd583872f82ec52427d5018e99e
GET /img/logo.png HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 27 Jan 2023 05:52:25 GMT
server: Apache/2.4.54 (Ubuntu)
vary: X-Forwarded-Proto
last-modified: Thu, 26 Jan 2023 12:02:03 GMT
etag: "374c-5f329845fd5b4"
accept-ranges: bytes
content-length: 14156
x-ua-compatible: IE=edge,chrome=1
content-type: image/png
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.twomance.com/landers/images/loader/loading.gif | 34.149.78.157 | 200 OK | 2.9 kB |
URL HTTP/2www.twomance.com/landers/images/loader/loading.gif IP34.149.78.157:0
File typeGIF image data, version 89a, 128 x 15\012- data Hash62b08454087f1ef8b27bd2bcda330537 cac1914632f4c859f6176a84078f1017bad069f8 06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
GET /landers/images/loader/loading.gif HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:06:09 GMT
server: nginx/1.14.2
content-type: image/gif
content-length: 2892
last-modified: Tue, 17 Jan 2023 16:35:35 GMT
etag: "63c6ce57-b4c"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 60393512 58994059
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|
| www.twomance.com/landers/images/general/google-logo.svg | 34.149.78.157 | 200 OK | 688 B |
URL HTTP/2www.twomance.com/landers/images/general/google-logo.svg IP34.149.78.157:0
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (688), with no line terminators Hash686f8efa6e3e28e96d1c08399e8d353d 4524589b0dceefb6ae6389f36634441df69152d5 0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /landers/images/general/google-logo.svg HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:02:54 GMT
server: nginx/1.14.2
content-type: image/svg+xml
content-length: 688
last-modified: Tue, 17 Jan 2023 16:35:34 GMT
etag: "63c6ce56-2b0"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 60667463 59045574
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash97ccaa279f6ade845b71b57615d40388 5186089108dca0136feab418da66a9e027c7e427 515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1e2970e1480a4759282d63bb213051e4 ed5194d4d25dfc199821129be5d74be0ce49197d 18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10229
Expires: Fri, 27 Jan 2023 08:42:54 GMT
Date: Fri, 27 Jan 2023 05:52:25 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashd9bf2793558044193d7e5d27708a9144 5a8f73462cfda6544cc3efe488854c3cd80bb0a7 e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hashd9bf2793558044193d7e5d27708a9144 5a8f73462cfda6544cc3efe488854c3cd80bb0a7 e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js | 142.250.74.35 | 200 OK | 164 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP142.250.74.35:0
File typeASCII text, with very long lines (771) Size164 kB (163774 bytes) Hash57c909ab73fc27ec24f737bbf1cb1de8 89b2c02e9e7a9a764518fca545d3eec2044fd6d9 7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 304971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.twomance.com/landers/css/vegas.min.css | 34.149.78.157 | 200 OK | 1.3 kB |
URL HTTP/2www.twomance.com/landers/css/vegas.min.css IP34.149.78.157:0
Hashc453b34302b70b04da7f7d3d20dd7c89 dbf5465ca1e99a5d467ba9fadb7e2071198493e1 f7437c7c4efc7043bac1fcdf7271b0c731c42f58dd266ce2a62fc2699a102e1f
GET /landers/css/vegas.min.css HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:57:23 GMT
server: nginx/1.14.2
content-type: text/css
last-modified: Tue, 17 Jan 2023 16:35:33 GMT
etag: W/"63c6ce55-2e20"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 58902170 58360295
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/0Bi_EIxXY-Q | 216.58.211.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/0Bi_EIxXY-Q IP216.58.211.3:0
Hash48fdce8756a0784e8fcf6b1bd2044cc8 f2d6c572706882a3510cc548e209099a1c3da66f 243360c26fbe016eb64e2c34ca8d6359feeda001c2b7202c0a443cfc1a5eafb4
POST /s/gts1d4/0Bi_EIxXY-Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| landers.cdnware.io/media-registry.js | 35.227.234.99 | 200 OK | 114 kB |
URL HTTP/2landers.cdnware.io/media-registry.js IP35.227.234.99:0
File typeASCII text, with very long lines (65536), with no line terminators Size114 kB (113724 bytes) Hashb2e64b988b0bb0273793f6605a0d2113 f31c686eeb5e2261b5771c33238e8c2187920eb1 e55ff5d761ec1e0375befb025ff96543a8b42338ac5df1e7452b13783717bc38
GET /media-registry.js HTTP/1.1
Host: landers.cdnware.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsQoe8R0_JIKaks9c0p5L4OiF7uYR0n-1rfdk9Q1kUnuuYatX1_oNKYxaD_NfPDG_nBDu24yA-drjg3mBpN4gZrFQ
x-goog-generation: 1673973397290497
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 113724
x-goog-hash: crc32c=YBHCkg==, md5=suZLmIsLsCc3k/ZgWg0hEw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 113724
server: UploadServer
date: Fri, 27 Jan 2023 05:42:43 GMT
expires: Fri, 27 Jan 2023 06:42:43 GMT
cache-control: public, max-age=3600
age: 582
last-modified: Tue, 17 Jan 2023 16:36:37 GMT
etag: "b2e64b988b0bb0273793f6605a0d2113"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.234.248.92 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.234.248.92:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: g6hs/hPZbDk0r/uaYK1zYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QnvRoo59H+evk4gusjnWcZt8V38=
|
|
| ocsp.pki.goog/s/gts1d4/8e5IAkxIytU | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/8e5IAkxIytU IP216.58.211.3:0
Hashfb65d3e7508441bc730d123b599d6446 66005351982b842d55602c796f2f68e25ad71e90 0a767903afc1fcc423e4cb164ed203dceae8db18b95c101ad31ba73bef03ea87
POST /s/gts1d4/8e5IAkxIytU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| static.dating/lander/translations/en-us2.json | 35.227.221.175 | 200 OK | 201 kB |
URL HTTP/2static.dating/lander/translations/en-us2.json IP35.227.221.175:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (614) Size201 kB (200684 bytes) Hashd532ac6f3da70cbad4bf44effa27c19b 8bc807f62c83c3304b17f1e61a80160b307479cc ec11e283d08131fdd6555e44a85628d97c23ed5d75618dbeb56b8d6098fa37b9
GET /lander/translations/en-us2.json HTTP/1.1
Host: static.dating
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsxGK2wtVms0GgmLlU8mQeomXRit645EDyC7Df1HmUE6i9PtXdey9kWQosjsMlSS4yn6Uw6V2qZerpK2f5yW1MP
x-goog-generation: 1670251257027442
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 200684
x-goog-hash: crc32c=rWD1YQ==, md5=1TKsbz2nDLrUv0Tv+ifBmw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 200684
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Fri, 27 Jan 2023 05:52:26 GMT
expires: Fri, 27 Jan 2023 06:52:26 GMT
cache-control: public, max-age=3600
last-modified: Mon, 05 Dec 2022 14:40:57 GMT
etag: "d532ac6f3da70cbad4bf44effa27c19b"
content-type: application/json
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/8e5IAkxIytU | 216.58.211.3 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/8e5IAkxIytU IP216.58.211.3:0
Hashfb65d3e7508441bc730d123b599d6446 66005351982b842d55602c796f2f68e25ad71e90 0a767903afc1fcc423e4cb164ed203dceae8db18b95c101ad31ba73bef03ea87
POST /s/gts1d4/8e5IAkxIytU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 29063
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 47503
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash82e3abc4a7b17efedca67cf215f4bb60 e20e55d87591af7db3a4bcfc429048f85e389b85 df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/analytics.js | 142.250.74.14 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.14:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 27 Jan 2023 05:45:20 GMT
expires: Fri, 27 Jan 2023 07:45:20 GMT
cache-control: public, max-age=7200
age: 426
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash82e3abc4a7b17efedca67cf215f4bb60 e20e55d87591af7db3a4bcfc429048f85e389b85 df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| timeforagreement.com/cc.js?wId=4AlvOrcs1g1LJfSbJFnuCx&domain=twomance.com&languageCode=en&languageTerritory=US&sessionId=0fe4f82d77704d7a8b25769fba4897cb | 35.239.13.45 | 200 OK | 14 kB |
URL HTTP/2timeforagreement.com/cc.js?wId=4AlvOrcs1g1LJfSbJFnuCx&domain=twomance.com&languageCode=en&languageTerritory=US&sessionId=0fe4f82d77704d7a8b25769fba4897cb IP35.239.13.45:0
Hashee1b4bd8ca87ac69d2b4e104471d1b1a e02437baec1343928cac13acc1fb0f4b5f6211e6 afc0f26b2809d96c97ca54b75f3aa189c817cb3b7dc5ff879e447eb725c7beea
GET /cc.js?wId=4AlvOrcs1g1LJfSbJFnuCx&domain=twomance.com&languageCode=en&languageTerritory=US&sessionId=0fe4f82d77704d7a8b25769fba4897cb HTTP/1.1
Host: timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:26 GMT
content-type: application/javascript
content-length: 14051
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash1f4c8e17a668764556ab61c7c31e53c7 ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2 8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash1f4c8e17a668764556ab61c7c31e53c7 ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2 8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=1378190812.1674798746&jid=1804469942&gjid=392477560&_gid=200819110.1674798746&_u=KEBAAEAAEAAAACAAI~&z=1345241810 | 173.194.221.156 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=1378190812.1674798746&jid=1804469942&gjid=392477560&_gid=200819110.1674798746&_u=KEBAAEAAEAAAACAAI~&z=1345241810 IP173.194.221.156:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-2&cid=1378190812.1674798746&jid=1804469942&gjid=392477560&_gid=200819110.1674798746&_u=KEBAAEAAEAAAACAAI~&z=1345241810 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.twomance.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Jan 2023 05:52:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=1378190812.1674798746&jid=1409726781&gjid=190420611&_gid=200819110.1674798746&_u=KEDAAEABEAAAACAAI~&z=382330641 | 173.194.221.156 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=1378190812.1674798746&jid=1409726781&gjid=190420611&_gid=200819110.1674798746&_u=KEDAAEABEAAAACAAI~&z=382330641 IP173.194.221.156:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-132064855-5&cid=1378190812.1674798746&jid=1409726781&gjid=190420611&_gid=200819110.1674798746&_u=KEDAAEABEAAAACAAI~&z=382330641 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.twomance.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 27 Jan 2023 05:52:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| timeforagreement.com/cc.css | 35.239.13.45 | 200 OK | 3.8 kB |
URL HTTP/2timeforagreement.com/cc.css IP35.239.13.45:0
File typeassembler source, ASCII text Hashf29ad189672ec20802186453e01232fe 3201f28da204751fcf48d846f3f17d9ca18cc76e fa20fb6bf24adb436476e8c1e589a365fff9d269460f181c3d51681103b97b51
GET /cc.css HTTP/1.1
Host: timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:26 GMT
content-type: text/css
content-length: 3808
last-modified: Thu, 09 May 2019 11:16:28 GMT
etag: "5ea8-5887294d47067-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash1f4c8e17a668764556ab61c7c31e53c7 ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2 8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashc8a0d6bc80301700d6fb1d520beb8b49 f33a1a1e491fcd6ca31360b28b092457a2d48f23 ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=1378190812.1674798746&jid=1409726781&_u=KEDAAEABEAAAACAAI~&z=1225856439 | 142.250.74.163 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=1378190812.1674798746&jid=1409726781&_u=KEDAAEABEAAAACAAI~&z=1225856439 IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-132064855-5&cid=1378190812.1674798746&jid=1409726781&_u=KEDAAEABEAAAACAAI~&z=1225856439 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 27 Jan 2023 05:52:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hashc8a0d6bc80301700d6fb1d520beb8b49 f33a1a1e491fcd6ca31360b28b092457a2d48f23 ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 05:52:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7804
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 05:52:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7804
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 05:52:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7804
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 05:52:27 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg | 34.120.237.76 | 200 OK | 8.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash262b43386e404cb3d320c47c4cf792c1 87f304f8583fe6b6e942a9dbcb5efb5ee94987f2 ca0f72005920b2b2f49c387314540f3cd2f3d7808f0365dfb1c491500e8a8714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8065
x-amzn-requestid: 4a4a6d4c-9c4b-418d-be96-8a0d1de4828a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuHZsoAMFmWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-74c21aa22d11c4240019a4b3;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TXXkkbJHyvwrly_-5FH0EIkRm4EwlDJxGWBHcbwax2H_ccfMfs-5PQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 29119
etag: "87f304f8583fe6b6e942a9dbcb5efb5ee94987f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7804
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 05:52:27 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7804
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 05:52:27 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde58379f-114f-469a-b64a-4c60841b1a18.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde58379f-114f-469a-b64a-4c60841b1a18.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf4b88ea6f29f683c4b46a7487fce35a5 fa64e1287967459f665d337865a2333b4fdc4c33 f0290a9132b343d91426385e31c61cad787b5e82878b5015c13d4c356e387787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde58379f-114f-469a-b64a-4c60841b1a18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5703
x-amzn-requestid: 39b3ba3a-d049-4555-a04a-e3d55b90478f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1d1F8nIAMFTEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c58-2dc0f52e71e822f71fed1456;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Llt0BnmCEL0H6v4DHYktatbn7H8KeQhNW0AXkP_EOxOmjx8aQuMdiA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 04:45:35 GMT
age: 4012
etag: "fa64e1287967459f665d337865a2333b4fdc4c33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7d2506ac511dfbea29e29ab14ba10f85 b2e2972ffa82b103c62ffde0fca99454e12d95e6 fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 30505
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashed3df3868d4a13270faf944f911637a7 1b69b2433956c79510bc4a013648a5fb12882884 e13e2ca5d6552a96eb972936f553937a5aff566eb37f39b0928f15d3eeab617f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81aa4520-e26c-4be4-877f-1d3af6c27241.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11372
x-amzn-requestid: d50f0c0e-a383-419a-a3ca-630d5fd32821
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPAw_E_rIAMF0hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf7b39-64abe6b72176db7d7b67f315;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 06:31:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P--KVawXg_IYJa8S3gcxIL5XZZGwRbhclRRRMUFlWmMAqzVus7RdnA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 29119
etag: "1b69b2433956c79510bc4a013648a5fb12882884"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg | 34.120.237.76 | 200 OK | 8.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash02c8d9f27e0d17c38a55da6699dfb96e 6804d00e292afc0b7aadb08b11e7650488dacaa2 1ce3b93f1348649ddca495022525daf6d760823edd67bb9e506c7ee031a849b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7973
x-amzn-requestid: acaa2abf-9789-4953-b3ab-98064a9a0137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fXrXvHvBIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2f297-2dc2c04e2a491b3f7f5e8370;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dw4ycOqAZkaeJgMvGEOlqphQjDZVO5umrvlSh_Gnx9i_6saWVl8dLw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:56 GMT
age: 29071
etag: "6804d00e292afc0b7aadb08b11e7650488dacaa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb7a0759c043594fbe85af422b59b8227 a05cfaad16078f42218dae233da38f6f5dff8487 e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 24665
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| api.timeforagreement.com/consent/collector | 35.239.13.45 | 200 OK | 0 B |
URL HTTP/2api.timeforagreement.com/consent/collector IP35.239.13.45:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/collector HTTP/1.1
Host: api.timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.twomance.com/
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:27 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.twomance.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.timeforagreement.com/consent/collector | 35.239.13.45 | 200 OK | 4.1 kB |
URL HTTP/2api.timeforagreement.com/consent/collector IP35.239.13.45:0
File typeJSON data\012- , ASCII text, with very long lines (4137), with no line terminators Hashabb8753ef2fb860752287b3176f24806 2ea7f6dedc277e2bf833766dee6014c178bd452f b6672c11b3735590a80c6a96d37f3db6d35d0c5d1018b2a13ac660b13273cd0a
POST /consent/collector HTTP/1.1
Host: api.timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Content-Type: application/json
Content-Length: 169
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:27 GMT
content-type: application/vnd.api+json
content-length: 4137
access-control-allow-origin: https://www.twomance.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.timeforagreement.com/consent/loadSegment | 35.239.13.45 | 200 OK | 0 B |
URL HTTP/2api.timeforagreement.com/consent/loadSegment IP35.239.13.45:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/loadSegment HTTP/1.1
Host: api.timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.twomance.com/
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:27 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.twomance.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.timeforagreement.com/consent/loadSegment | 35.239.13.45 | 200 OK | 394 B |
URL HTTP/2api.timeforagreement.com/consent/loadSegment IP35.239.13.45:0
File typeJSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (392), with no line terminators Hashb0495849c36ac14fff80a0faac6bb2d6 21534d216b908609bc6d140c837bbd0c7350350c dc046c30aa670d6d8d1520279ca074b1af880b9a64234f1c224fdba3d0bc8971
POST /consent/loadSegment HTTP/1.1
Host: api.timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Content-Type: application/json
Content-Length: 224
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:27 GMT
content-type: application/vnd.api+json
content-length: 394
access-control-allow-origin: https://www.twomance.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.timeforagreement.com/consent/loadSegment | 35.239.13.45 | 200 OK | 4.6 kB |
URL HTTP/2api.timeforagreement.com/consent/loadSegment IP35.239.13.45:0
File typeJSON data\012- HTML document, ASCII text, with very long lines (4613), with no line terminators Hash621da8ff8586846ca4f104ca30438d1e 5bf4aa1ec578b3c53629e21f89275a74aef1240c c3c5625faba3f5576be0aefc44711e02dd9074abcc354303a41a3f6aaa3a9eaf
POST /consent/loadSegment HTTP/1.1
Host: api.timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Content-Type: application/json
Content-Length: 225
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:27 GMT
content-type: application/vnd.api+json
content-length: 4613
access-control-allow-origin: https://www.twomance.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.timeforagreement.com/consent/confirmExplicit | 35.239.13.45 | 200 OK | 0 B |
URL HTTP/2api.timeforagreement.com/consent/confirmExplicit IP35.239.13.45:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/confirmExplicit HTTP/1.1
Host: api.timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.twomance.com/
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:28 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.twomance.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| api.timeforagreement.com/consent/confirmExplicit | 35.239.13.45 | 200 OK | 0 B |
URL HTTP/2api.timeforagreement.com/consent/confirmExplicit IP35.239.13.45:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /consent/confirmExplicit HTTP/1.1
Host: api.timeforagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Content-Type: application/json
Content-Length: 518
Origin: https://www.twomance.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Fri, 27 Jan 2023 05:52:28 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.twomance.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.twomance.com/landers/css/landing005.css | 34.149.78.157 | 200 OK | 0 B |
URL HTTP/2www.twomance.com/landers/css/landing005.css IP34.149.78.157:0
GET /landers/css/landing005.css HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 19:24:30 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: twomance.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 56864663 59807459
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|
| www.twomance.com/landing5?cat=mature&pi=14452&pt1=3556165477&pe= | 34.149.78.157 | 200 OK | 0 B |
URL HTTP/2www.twomance.com/landing5?cat=mature&pi=14452&pt1=3556165477&pe= IP34.149.78.157:0
GET /landing5?cat=mature&pi=14452&pt1=3556165477&pe= HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 27 Jan 2023 05:51:55 GMT
server: nginx/1.14.2
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: twomance.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 60488223 60640290
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|
| www.twomance.com/landers/css/theme/pornhub.css | 34.149.78.157 | 200 OK | 0 B |
URL HTTP/2www.twomance.com/landers/css/theme/pornhub.css IP34.149.78.157:0
GET /landers/css/theme/pornhub.css HTTP/1.1
Host: www.twomance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.twomance.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 17:10:17 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: twomance.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 60488225 59836511
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
|
|