r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5564
Expires: Tue, 04 Oct 2022 01:37:00 GMT
Date: Tue, 04 Oct 2022 00:04:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 23:05:36 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nTR3maSbQWI8VGJuiN1ucgwcLUCqtMD5hKlYHRebvMYr_XvuW-6QJQ==
Age: 3520
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sUtMe8Mu4bJM6EMYB48BOxxK3KMF0m9MgXBqOWXTgH9n1LOiopsyOw==
age: 66949
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 00:04:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
xxjcnl.com/router/incoming/214/?AnX59W
194.213.10.224301 Moved Permanently 4 B URL HTTP/1.1 xxjcnl.com/router/incoming/214/?AnX59W
IP 194.213.10.224:0
ASN #206654 Tehnoinstal Srl
File type ASCII text, with no line terminators
Hash 37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Analyzer Verdict Alert fortinet Phishing
GET /router/incoming/214/?AnX59W HTTP/1.1
Host: xxjcnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Tue, 04 Oct 2022 00:04:16 GMT
content-type: application/json; charset=UTF-8
transfer-encoding: chunked
server: nginx/1.14.0 (Ubuntu)
location: http://xxjcnl.com/router/incoming/214?AnX59W=
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 03 Oct 2022 23:29:33 GMT
Expires: Tue, 04 Oct 2022 00:19:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: p4mJpwF7_QTNuMcEQ59bRtuEuj3XoJZ1WDIByOiM4mJnzZQPOsS0ZA==
Age: 2084
xxjcnl.com/router/incoming/214?AnX59W=
194.213.10.224302 Found 4 B URL HTTP/1.1 xxjcnl.com/router/incoming/214?AnX59W=
IP 194.213.10.224:0
ASN #206654 Tehnoinstal Srl
File type ASCII text, with no line terminators
Hash 37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Analyzer Verdict Alert fortinet Phishing
GET /router/incoming/214?AnX59W= HTTP/1.1
Host: xxjcnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
date: Tue, 04 Oct 2022 00:04:17 GMT
content-type: application/json; charset=UTF-8
transfer-encoding: chunked
server: nginx/1.14.0 (Ubuntu)
location: http://syndication.link5a.com/splash.php?idzone=3457117&type=8&sub=2&tags=2
syndication.link5a.com/splash.php?idzone=3457117&type=8&sub=2&tags=2
95.211.229.246302 Found 0 B URL HTTP/1.1 syndication.link5a.com/splash.php?idzone=3457117&type=8&sub=2&tags=2
IP 95.211.229.246:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /splash.php?idzone=3457117&type=8&sub=2&tags=2 HTTP/1.1
Host: syndication.link5a.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 04 Oct 2022 00:04:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633b7881424765.890983942477750010%22%3B%7D; expires=Thu, 03 Oct 2024 00:04:17 GMT; path=; domain=.link5a.com;
impressions=oslmroemnxgxaacmcrlolgeicxbmsbocnxgxaacmcloxageioslmrxbrnxgxaacmobexrgeicxbmsbxcnxgxaacmcrlolgeicxbmsbcenxgxaacsxbrblgeislsaroornxgxaacmobexrgeicxbmsboenxgxaacmremaxgeimreaomxcnxgxaasaoabsrgeimreaobsonxgxaasaoabsrgeioslmrxbmnxgxaacmobeecgeimcclsoeenxgxaasamsoccgeimcclosconxgxaacobbxcxgeimrblelmonxgxaasamsoccgeimrblxembnxgxaasamsoccgeimrblxeecnxgxaasamsoccgeimrblxemcnxgxaasamsoccgeialbserecnxgxaacxeermsgeioslmrxlsnxgxaacmobeeageicaormbbonxgxaacxeermsgeioslmrxlrnxgxaacmremaxgeimcclsxscnxgxaacsxbrblgeimrerbmbbnxgxaasmeceesgeialbsereanxgxaacsxbrblgeialbserebnxgxaasborcsogeiccmblmmcnxgxaacosxlaageimrblelxcnxgxaasblsoxxgeimcclsxoanxgxaacmobexrgeimrblelmbnxgxaasblsoxxgeimcclossanxgxaacmobexrgeimcclselenxgxaasblsoxxgeimcclsoeonxgxaacmobexrgeimccloscenxgxaaslcsrobgeimcclsxacnxgxaaslcsrobgeicaormlebnxgxaacxeermsgeimcersxranxgxaacxeermsgeisaeeasslnxgxaacxeermsgeimcersxacnxgxaacxeermsgeimcersxrenxgxaacxeermsgeiccmblmmbnxgxaacosereageiccmblmmanxgxaacoabbclgeislsarosxnxgxaacsremoegeiabeocmsbnxgxaacmobeeageimcclsxcanxgxaacmobexrgeimaecobxanxgxaacmobexrgeimcclsxsbnxgxaacmcrlolgeiccmblmmonxgxaacmremaxgeialbserxonxgxaacmremaxgeimrxccosonxgxaacmaeomlgxcceimrbleaxenxgxaacmaeobegxcceiclxexrxanxgxaacmlemmlgxcceiclmcrxoonxgxaacbeeaecgxcceiclxexroonxgxaacberrmagxcceimclsaoxbnsgxaacbxaxxsgxcceimcoaxmxonogxaacbxaxxsgxcceimcssmlronxgxaacbxaxxsgxcceimxlbmxlcnxgxaacbxaxxsgxcceimeembeconxgxaacbxaxxsgxcceimexexabbnxgxaacbxaxxrgxcceicxmecmcanxgxaacbxaxxrgxcceiaaxcabecnxgxaacbxbmmsgxcceimrrasxlenxgxaacbcxbrmgxcce; expires=Wed, 05 Oct 2022 00:04:17 GMT; path=/; domain=.exoclick.com;
c-tag=%7B%22tag-link%22%3A%22v3%7C%7CNOR%7C3457117%7C75563190%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C0%7C%7C%7C2%7C%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Wed, 05 Oct 2022 00:04:17 GMT; path=/; domain=.exoclick.com;
Location: https://track.fabuloustrack.com/4fa51292-c33c-4c01-a943-5671fd5adef8?campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded={email_encoded}&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
X-Robots-Tag: noindex, follow
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:17 GMT
Last-Modified: Mon, 03 Oct 2022 22:19:08 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
track.fabuloustrack.com/4fa51292-c33c-4c01-a943-5671fd5adef8?campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded={email_encoded}&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
18.193.209.105302 Found 0 B URL HTTP/2 track.fabuloustrack.com/4fa51292-c33c-4c01-a943-5671fd5adef8?campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded={email_encoded}&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
IP 18.193.209.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4fa51292-c33c-4c01-a943-5671fd5adef8?campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded={email_encoded}&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY HTTP/1.1
Host: track.fabuloustrack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 04 Oct 2022 00:04:17 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://trackoptimise.com/?a=14172&c=60133&s2=w8cov5tudpukh8gj2aurrfdo&s3=3457117-75563190&s1=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7Bemail_encoded%7D&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
pragma: no-cache
set-cookie: 4fa51292-c33c-4c01-a943-5671fd5adef8-v4=9Ndnqgt8kzr3aUJlBLFn06mfX0dz6AKukqLR3FIwAUI; Max-Age=86400; Expires=Wed, 05-Oct-2022 00:04:17 GMT; Domain=track.fabuloustrack.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=aGjdsDndfKU-K9AVeItLAkS4Y20tTzH7umwo72vvsEebQatd9bxRzTf03iF4mOeeRvBq1tVl6j95JlzkdL1YOY6rbL5SersPWdjViELTHZAHJQCS1-DzPP9U622gRlTA0H1vEXklnRVDgs3T58aUUazO84HEeoGJY8BFmmoiAHCidLJfTfLoMkZ6QBUYOobqpIlhYfw2irYv7OlYpApo9fkuFjwwFATYzo_Sgh35efbirkx8V4hY5Lm_Wh81JPE25oxtXRenz3m5CNqOn0hMfUiKjY6ibU0SFS2lEgp7UI20COSyQh5Lv40NpNYrjAU9Ll2obhx2qRRySLfsi9HB1iGsFedHuG776GreenX7Utw4z10bS194fMIXt0SrljhQkq5mu4nN1jwLvDqhqM22AGI9DayC7UDReoQ_a53wFgfNYTS4ul2ncyLH4ijusqAD-b-VxnWarOHnA-CIpmDFBzbM4Aq3jGpnrej_wBy7IQwLuh4P1blQYwfFAiAy82IuhXY6jmYkx923txu1QE3uGQ5jKSEar1crSTqmCvfwoWqJDocZHbLuf1peu7xr-nrQjsJolvCgY70pJ9MfZOx7UamCRtguGwpk89pR-ZngEq6uA9ENERBlTAZ1sPqcrpWFHiiSoUptDz-KpGic10AKEZ6csGBuoloHOTxeiEnCFmjmcfAiFKj56tGSVhzlR0lcWdH-9M9BLN7e9XBlhJnJjw; Max-Age=86400; Expires=Wed, 05-Oct-2022 00:04:17 GMT; Domain=track.fabuloustrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.80.175.197101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.175.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GTh56AFls/Wwob/SsKoOzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KEPIEz4bxJgrDac8LnapHC30Euw=
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 4337433b68ce6bc36f84ba9aca7f7087
6450d33b206228acea7a2053f79f8d5c9e374fe4
c92a6d55618a584b548ea028a138977b9599a1b13ad5fae66e64f20cb37b6e6a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 00:04:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 07 Oct 2022 22:09:58 GMT
ETag: "6450d33b206228acea7a2053f79f8d5c9e374fe4"
Last-Modified: Mon, 03 Oct 2022 22:09:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7549a8cb0f40b4f9-OSL
trackoptimise.com/?a=14172&c=60133&s2=w8cov5tudpukh8gj2aurrfdo&s3=3457117-75563190&s1=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7Bemail_encoded%7D&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
54.194.68.244302 Found 1.3 kB URL HTTP/1.1 trackoptimise.com/?a=14172&c=60133&s2=w8cov5tudpukh8gj2aurrfdo&s3=3457117-75563190&s1=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7Bemail_encoded%7D&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
IP 54.194.68.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1235), with CRLF line terminators
Hash c4d83c462f46ed2094c6c3c239957e9e
f1e25aaa5b067e44ba9290eb888e1418e7ce0504
f9ae2a7cc4e8fe74f319a9f7a6b27bab51fb2b7e600e477878877149fd4312a9
GET /?a=14172&c=60133&s2=w8cov5tudpukh8gj2aurrfdo&s3=3457117-75563190&s1=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7Bemail_encoded%7D&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY HTTP/1.1
Host: trackoptimise.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 1307
Content-Type: text/html; charset=utf-8
Date: Tue, 04 Oct 2022 00:04:17 GMT
Location: https://www.flirtytreff.com/landing1?cat=mature&pi=14172&pt1=3479067743&pe=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7bemail_encoded%7d&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=IPDmXhC3ummuXDccK9e4j+zaYKAgsgRbJSAroucBx3NQusF3/WAhLA==; domain=.trackoptimise.com; path=/; HttpOnly
trk=tZCeoT8W1b5ZUwnvhW216ezaYKAgsgRbJSAroucBx3NQusF3/WAhLA==; domain=.trackoptimise.com; expires=Fri, 04-Oct-2024 00:04:17 GMT; path=/; HttpOnly
c16434=IPDmXhC3umn7bu10mhSjLI9m1ceAogGv2Ex2Iln2OwS+CjFj9t3NRg==; domain=.trackoptimise.com; expires=Thu, 03-Nov-2022 00:04:17 GMT; path=/; HttpOnly
Connection: close
ocsp.pki.goog/s/gts1d4/rrYVo09UELY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/rrYVo09UELY
IP 142.250.74.3:0
Hash fefe48228a51a4861ab5ff7f328d07ef
36d7b50cead7310bf8469a36da466f62ce0f3898
8273a68cab6ae7c86dfd657bc16d766d17a41d5793f5dec3909ef88b0b8f7811
POST /s/gts1d4/rrYVo09UELY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.flirtytreff.com/img/logo.png
34.111.66.227200 OK 30 kB URL HTTP/2 www.flirtytreff.com/img/logo.png
IP 34.111.66.227:0
File type PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash 61ef57d09fc121ed72ca87ab6ca16d2b
7865d3a51ff96a2af02c36b5341df758f5b5896a
b03f8abcbbee059f0ed5a2852e173e6e56a55836d8158d18cb7c7109a2055cba
GET /img/logo.png HTTP/1.1
Host: www.flirtytreff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:04:18 GMT
server: Apache/2.4.54 (Ubuntu)
vary: X-Forwarded-Proto
last-modified: Mon, 03 Oct 2022 17:21:12 GMT
etag: "7718-5ea2491fbf458"
accept-ranges: bytes
content-length: 30488
x-ua-compatible: IE=edge,chrome=1
content-type: image/png
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.flirtytreff.com/landing1?cat=mature&pi=14172&pt1=3479067743&pe=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7bemail_encoded%7d&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
34.111.66.227200 OK 4.3 kB URL HTTP/2 www.flirtytreff.com/landing1?cat=mature&pi=14172&pt1=3479067743&pe=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7bemail_encoded%7d&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY
IP 34.111.66.227:0
Hash 3a472cfbfd7d0ecf26cf83254d78763b
5aa9972800fd5e649604e2677870df645f523a2d
c4bc167dac1921a01f4b407894b97e03c91aa97b612de2e692524bd09081e785
GET /landing1?cat=mature&pi=14172&pt1=3479067743&pe=3457117-75563190&cep=s72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw&lptoken=16c76442840e36d8575a&campid=5314162&varid=75563190&source=email-source.com&pop=&tags=2&siteid=799381&zoneid=3457117&catid=508&email_encoded=%7bemail_encoded%7d&cost=0.012055516158444&tag=ooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY HTTP/1.1
Host: www.flirtytreff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:04:18 GMT
server: nginx/1.14.2
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: flirtytreff.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 4558632
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
www.flirtytreff.com/landers/images/general/google-logo.svg
34.111.66.227200 OK 688 B URL HTTP/2 www.flirtytreff.com/landers/images/general/google-logo.svg
IP 34.111.66.227:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (688), with no line terminators
Hash 686f8efa6e3e28e96d1c08399e8d353d
4524589b0dceefb6ae6389f36634441df69152d5
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
GET /landers/images/general/google-logo.svg HTTP/1.1
Host: www.flirtytreff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 23:01:44 GMT
server: nginx/1.14.2
content-type: image/svg+xml
content-length: 688
last-modified: Wed, 28 Sep 2022 13:11:56 GMT
etag: "6334481c-2b0"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 4498865 4008369
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
www.flirtytreff.com/landers/images/loader/loading.gif
34.111.66.227200 OK 2.9 kB URL HTTP/2 www.flirtytreff.com/landers/images/loader/loading.gif
IP 34.111.66.227:0
File type GIF image data, version 89a, 128 x 15\012- data
Hash 62b08454087f1ef8b27bd2bcda330537
cac1914632f4c859f6176a84078f1017bad069f8
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
GET /landers/images/loader/loading.gif HTTP/1.1
Host: www.flirtytreff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 20:34:48 GMT
server: nginx/1.14.2
content-type: image/gif
content-length: 2892
last-modified: Wed, 28 Sep 2022 13:11:58 GMT
etag: "6334481e-b4c"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 4082440 2739974
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
142.250.74.164200 OK 617 B URL HTTP/2 www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
IP 142.250.74.164:0
File type ASCII text, with very long lines (974), with no line terminators
Hash 323ec14d22332e9e5ade1998b24b29aa
2363bc7c24dbf4fc6b297c57d718d9e331878a72
068bd6bf59ce849e9e2a3b29e0754ec79efb1ed2d77989e9309db5cdfffee2e7
GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 04 Oct 2022 00:04:18 GMT
date: Tue, 04 Oct 2022 00:04:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 617
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/enterprise.js
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/enterprise.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (940), with no line terminators
Hash a6f6ef236548ee7d4d6d6633f4d2ec9d
b3f9e175b113bdf5a52654a85716bfd26415b781
85975d76f267f1ed2762ce3e40b696127abd040b7c626a166211179a45a1b178
GET /recaptcha/enterprise.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 04 Oct 2022 00:04:18 GMT
date: Tue, 04 Oct 2022 00:04:18 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/rrYVo09UELY
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/rrYVo09UELY
IP 142.250.74.3:0
Hash fefe48228a51a4861ab5ff7f328d07ef
36d7b50cead7310bf8469a36da466f62ce0f3898
8273a68cab6ae7c86dfd657bc16d766d17a41d5793f5dec3909ef88b0b8f7811
POST /s/gts1d4/rrYVo09UELY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.flirtytreff.com/landers/css/theme/email-source.com.css
34.111.66.227200 OK 2.3 kB URL HTTP/2 www.flirtytreff.com/landers/css/theme/email-source.com.css
IP 34.111.66.227:0
Hash a406e2c3ad52662dde6a21c49bee9f42
a31a073e6be264565c647a2f3b369a101ee16390
a7fdaf245a3030ba9db4743f228fe86b7d7b8fa09390804e80138b797b1d6b94
GET /landers/css/theme/email-source.com.css HTTP/1.1
Host: www.flirtytreff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 00:04:18 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: flirtytreff.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 4184207
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 00:04:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 00:04:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10819
Expires: Tue, 04 Oct 2022 03:04:37 GMT
Date: Tue, 04 Oct 2022 00:04:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TVz3oiy-Z2r9lGFDgsnGNxotvvAPeOaa7LMzqs432QjZpZo-PNt1-g==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 69687
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50556325e5a38a5dd7802b1391815bcb
cf021352d993967e78552b275424ff139e4ef66c
96fd2e848a45d071e334a8d08c8b89215f80f01f947af6da2efaee72dd16914c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9455
x-amzn-requestid: c7e1aa21-0afd-4329-a886-ca52e1a30c7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqJXHLUIAMFU1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5708-1905710834041431314b11be;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zt2nDg8lZAtZQI2RIo5Pq35GQHxyeN6kiVI8E6HiV_c4BLDwYyhbJQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:52 GMT
age: 6806
etag: "cf021352d993967e78552b275424ff139e4ef66c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2287c489794dab0e9ba923a2057988f
2b9f6828a38da81b40dcad033572e48b4c5896db
e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:34 GMT
age: 8384
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
142.250.74.163200 OK 159 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (711)
Size 159 kB (158844 bytes)
Hash b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 255527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 8398
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 8383
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/avT9nzwKolY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/avT9nzwKolY
IP 142.250.74.3:0
Hash 4d6901b984b00174b5ae7f88a5f3f654
01f4ff69f417e40ea5c3123acd0db7637b61a8bd
467664e0c7e48cfa1766de5927a4f9bd5552ee1ee657671d1b9eb37af3f5f8d4
POST /s/gts1d4/avT9nzwKolY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:18 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
landers.cdnware.io/media-registry.js
35.227.234.99200 OK 112 kB URL HTTP/2 landers.cdnware.io/media-registry.js
IP 35.227.234.99:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 112 kB (112540 bytes)
Hash a0e64b018d49fea0f391ae0014e25722
b1cf2349b46c9a81c6db4f8c9f681c834f18416e
e44fc6e450757f5d2801c3ef1ff7a18daa926c0e07891cee594350bd8da98869
GET /media-registry.js HTTP/1.1
Host: landers.cdnware.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtu-dtVncwuC2yWiAOJy6E_53uD_eCfGM2rjrBBaoUzGJ170PGmK1mllX55P-gL24hBiMSk0MPt7TOMy8rX8tTGL-cWc_TQ
x-goog-generation: 1664370789511615
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 112540
x-goog-hash: crc32c=o6msiQ==, md5=oOZLAY1J/qDzka4AFOJXIg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 112540
server: UploadServer
date: Mon, 03 Oct 2022 23:48:25 GMT
expires: Tue, 04 Oct 2022 00:48:25 GMT
cache-control: public, max-age=3600
age: 954
last-modified: Wed, 28 Sep 2022 13:13:09 GMT
etag: "a0e64b018d49fea0f391ae0014e25722"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/avT9nzwKolY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/avT9nzwKolY
IP 142.250.74.3:0
Hash 4d6901b984b00174b5ae7f88a5f3f654
01f4ff69f417e40ea5c3123acd0db7637b61a8bd
467664e0c7e48cfa1766de5927a4f9bd5552ee1ee657671d1b9eb37af3f5f8d4
POST /s/gts1d4/avT9nzwKolY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
samlesamtykke.com/cc.js?wId=3hIcqr3BzWWGavUAZkaCGT&domain=flirtytreff.com&languageCode=nb&languageTerritory=NO&sessionId=d697f758230542c29a625f019d2b80c7
35.195.163.35200 OK 14 kB URL HTTP/2 samlesamtykke.com/cc.js?wId=3hIcqr3BzWWGavUAZkaCGT&domain=flirtytreff.com&languageCode=nb&languageTerritory=NO&sessionId=d697f758230542c29a625f019d2b80c7
IP 35.195.163.35:0
Hash 0a56c57455de54dacf0a2b036c29eb49
4f5dfc72318a1e2a5c91d6bfeb8ec093b77d5b49
f856b24ac00e5f2a794d8961cbf5ee0f4ad253e758e4f43ef8dbf95e7fd3c1df
GET /cc.js?wId=3hIcqr3BzWWGavUAZkaCGT&domain=flirtytreff.com&languageCode=nb&languageTerritory=NO&sessionId=d697f758230542c29a625f019d2b80c7 HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/javascript
content-length: 14071
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 03 Oct 2022 22:41:09 GMT
expires: Tue, 04 Oct 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 4990
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
172.217.21.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 12:31:58 GMT
expires: Sun, 01 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 214341
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
172.217.21.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 172.217.21.163:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:48:31 GMT
expires: Sat, 30 Sep 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 342948
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=304006199&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flirtytreff.com%2Flanding1%3Fcat%3Dmature%26pi%3D14172%26pt1%3D3479067743%26pe%3D3457117-75563190%26cep%3Ds72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw%26lptoken%3D16c76442840e36d8575a%26campid%3D5314162%26varid%3D75563190%26source%3Demail-source.com%26pop%3D%26tags%3D2%26siteid%3D799381%26zoneid%3D3457117%26catid%3D508%26email_encoded%3D%257bemail_encoded%257d%26cost%3D0.012055516158444%26tag%3Dooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY&ul=en-us&de=UTF-8&dt=flirtytreff.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=743904618&gjid=1154311485&cid=1843263709.1664841859&tid=UA-132064855-2&_gid=1759118476.1664841859&_r=1&_slc=1&z=1688424698
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=304006199&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flirtytreff.com%2Flanding1%3Fcat%3Dmature%26pi%3D14172%26pt1%3D3479067743%26pe%3D3457117-75563190%26cep%3Ds72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw%26lptoken%3D16c76442840e36d8575a%26campid%3D5314162%26varid%3D75563190%26source%3Demail-source.com%26pop%3D%26tags%3D2%26siteid%3D799381%26zoneid%3D3457117%26catid%3D508%26email_encoded%3D%257bemail_encoded%257d%26cost%3D0.012055516158444%26tag%3Dooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY&ul=en-us&de=UTF-8&dt=flirtytreff.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=743904618&gjid=1154311485&cid=1843263709.1664841859&tid=UA-132064855-2&_gid=1759118476.1664841859&_r=1&_slc=1&z=1688424698
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j97&a=304006199&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flirtytreff.com%2Flanding1%3Fcat%3Dmature%26pi%3D14172%26pt1%3D3479067743%26pe%3D3457117-75563190%26cep%3Ds72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw%26lptoken%3D16c76442840e36d8575a%26campid%3D5314162%26varid%3D75563190%26source%3Demail-source.com%26pop%3D%26tags%3D2%26siteid%3D799381%26zoneid%3D3457117%26catid%3D508%26email_encoded%3D%257bemail_encoded%257d%26cost%3D0.012055516158444%26tag%3Dooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY&ul=en-us&de=UTF-8&dt=flirtytreff.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAAC~&jid=743904618&gjid=1154311485&cid=1843263709.1664841859&tid=UA-132064855-2&_gid=1759118476.1664841859&_r=1&_slc=1&z=1688424698 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.flirtytreff.com
date: Tue, 04 Oct 2022 00:04:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=304006199&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flirtytreff.com%2Flanding1%3Fcat%3Dmature%26pi%3D14172%26pt1%3D3479067743%26pe%3D3457117-75563190%26cep%3Ds72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw%26lptoken%3D16c76442840e36d8575a%26campid%3D5314162%26varid%3D75563190%26source%3Demail-source.com%26pop%3D%26tags%3D2%26siteid%3D799381%26zoneid%3D3457117%26catid%3D508%26email_encoded%3D%257bemail_encoded%257d%26cost%3D0.012055516158444%26tag%3Dooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY&ul=en-us&de=UTF-8&dt=flirtytreff.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEDAAEABAAAAAC~&jid=872128355&gjid=1307416604&cid=1843263709.1664841859&tid=UA-132064855-5&_gid=1759118476.1664841859&_r=1&_slc=1&z=2121418151
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=304006199&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flirtytreff.com%2Flanding1%3Fcat%3Dmature%26pi%3D14172%26pt1%3D3479067743%26pe%3D3457117-75563190%26cep%3Ds72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw%26lptoken%3D16c76442840e36d8575a%26campid%3D5314162%26varid%3D75563190%26source%3Demail-source.com%26pop%3D%26tags%3D2%26siteid%3D799381%26zoneid%3D3457117%26catid%3D508%26email_encoded%3D%257bemail_encoded%257d%26cost%3D0.012055516158444%26tag%3Dooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY&ul=en-us&de=UTF-8&dt=flirtytreff.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEDAAEABAAAAAC~&jid=872128355&gjid=1307416604&cid=1843263709.1664841859&tid=UA-132064855-5&_gid=1759118476.1664841859&_r=1&_slc=1&z=2121418151
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j97&a=304006199&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flirtytreff.com%2Flanding1%3Fcat%3Dmature%26pi%3D14172%26pt1%3D3479067743%26pe%3D3457117-75563190%26cep%3Ds72ujyO7-p1s26quWURqfRfkAVVzV1foxWQITaf8dgGtMEV2Wtxk1_40cswe2gME_jXE4mR0PeeK9JuNJUHxIwizk1bU2SWHvootVAkO0_e4p8N2BCE8b4h7qtBvt6Gv-GDsv0oHjNoDvlv9d6IsLWv06g4WuMcAHhubp3T7AIQDY7DW1GWyuv_GXX8U8dO0hbtnWngEPxZgbKDslaxAdNorB1kWcUza7dwYu8EJ3ndwzHJfOZKC2zmxvm5oY1le7x11dwrdMFSr3a4ikJxYZZC5tD4TGsnoLGyZDnHpP0Otex_Vbmfhy8dRZNtevBSc7QHGgN2TZSvpSRbFdnBphemhXmaQJMyo4jZNCfSx_duv5cTO5-DHOKHLf5ny7HQjYDUAKV0E7xT-0RHUpbXEVtJae2bCWk2CLZs9iOIlqGrC8l278KKyYkl9PBTH400qDaoBBL3hC7yNDnOGR9Hk8dXiwJ4vSrM810a2o6M6jl4yZpPVaA0rzmktAbYUMQueNfRd8Hx8iBK0XxCTAzkzOkRQHXQMAl7K4lz6PuEj-hMzeJleJyCcNZwpBnn0Fh9lPSsp6Yrk2R7pB1ou15y_TZY3uvyQV9ZnVLNjF8ISyzDXP0Ui6bTXFr-ymqtAwkjQX8lQkjleGELAdLz5KHFqcim78viC0k1Do8MWmRSdVvIqK3dDifNlFdiIomdchvhtNP9eMj1yrCchRj-Nf3eNIw%26lptoken%3D16c76442840e36d8575a%26campid%3D5314162%26varid%3D75563190%26source%3Demail-source.com%26pop%3D%26tags%3D2%26siteid%3D799381%26zoneid%3D3457117%26catid%3D508%26email_encoded%3D%257bemail_encoded%257d%26cost%3D0.012055516158444%26tag%3Dooc4ASOopqsmmsdZVVXRNdK6VzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXSuc6dznOldK6V0rpXSuldK6VwfY&ul=en-us&de=UTF-8&dt=flirtytreff.com&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEDAAEABAAAAAC~&jid=872128355&gjid=1307416604&cid=1843263709.1664841859&tid=UA-132064855-5&_gid=1759118476.1664841859&_r=1&_slc=1&z=2121418151 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.flirtytreff.com
date: Tue, 04 Oct 2022 00:04:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
samlesamtykke.com/cc.css
35.195.163.35200 OK 3.9 kB IP 35.195.163.35:0
File type assembler source, ASCII text
Hash 594c3c757e637b29a91f9ded0113b707
2c04f908c419910a88bd5fca0e8e0f70b612834f
98c9c36b6b36127768c2156ffec51625b0f8dea705b02522c9db50ca6073098c
GET /cc.css HTTP/1.1
Host: samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: text/css
content-length: 3892
last-modified: Thu, 15 Oct 2020 08:07:25 GMT
etag: "6073-5b1b123761e40-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/ElIZiSiUWAM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ElIZiSiUWAM
IP 142.250.74.3:0
Hash 9bf2d14f95b5ca744051e91704415dcb
cf088f0aea694320ffb9f084f5f91227462f00ef
828968341c4c2c788c826c53696837ccd430f254a71f96abb359397de74eb0a5
POST /s/gts1d4/ElIZiSiUWAM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.dating/lander/translations/nb-no2.json
35.227.221.175200 OK 182 kB URL HTTP/2 static.dating/lander/translations/nb-no2.json
IP 35.227.221.175:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (64546), with no line terminators
Size 182 kB (182278 bytes)
Hash 50ac9286e7e1d6dfb82ef25e87d8cd9d
6f8d8b95724811f438244c3aad4c4aa9ab9d5852
fc5e52e13cbed5d6d1cba354f2ff5aef5eac3a49e66449fe733a76ea2ab08826
GET /lander/translations/nb-no2.json HTTP/1.1
Host: static.dating
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtpjRCe7fz74oWFEwJOBDzX9JMGdxM_fn1_scKhW_xwAaqkyq66LK2N2u0h6DmbA_8y7CWhMA3zUT0MXh4_-ZiQ
x-goog-generation: 1658411406859850
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 182278
x-goog-hash: crc32c=AxdH/A==, md5=UKyShufh1t+4LvJeh9jNnQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 182278
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Mon, 03 Oct 2022 23:36:51 GMT
expires: Tue, 04 Oct 2022 00:36:51 GMT
cache-control: public, max-age=3600
age: 1648
last-modified: Thu, 21 Jul 2022 13:50:06 GMT
etag: "50ac9286e7e1d6dfb82ef25e87d8cd9d"
content-type: application/octet-stream
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/ElIZiSiUWAM
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/ElIZiSiUWAM
IP 142.250.74.3:0
Hash 9bf2d14f95b5ca744051e91704415dcb
cf088f0aea694320ffb9f084f5f91227462f00ef
828968341c4c2c788c826c53696837ccd430f254a71f96abb359397de74eb0a5
POST /s/gts1d4/ElIZiSiUWAM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.samlesamtykke.com/consent/collector
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/collector
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.flirtytreff.com/
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.flirtytreff.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.samlesamtykke.com/consent/collector
35.195.163.35200 OK 4.4 kB URL HTTP/2 api.samlesamtykke.com/consent/collector
IP 35.195.163.35:0
File type JSON data\012- , ASCII text, with very long lines (4414), with no line terminators
Hash 0c0620232670cab6d2275d44661368f6
51faa5015299c080e8073e96cedb77911a2ac182
1576f65b5d31916a4f80fce59a04c671cbccc1e7b45f2c42ddf5bd1dccbaaa3a
POST /consent/collector HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: application/json
Content-Length: 169
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/vnd.api+json
content-length: 4414
access-control-allow-origin: https://www.flirtytreff.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.samlesamtykke.com/consent/loadSegment
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/loadSegment
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.flirtytreff.com/
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.flirtytreff.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-132064855-5&cid=1843263709.1664841859&jid=872128355&gjid=1307416604&_gid=1759118476.1664841859&_u=IEDAAEABAAAAAC~&z=1268096682
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-132064855-5&cid=1843263709.1664841859&jid=872128355&gjid=1307416604&_gid=1759118476.1664841859&_u=IEDAAEABAAAAAC~&z=1268096682
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-132064855-5&cid=1843263709.1664841859&jid=872128355&gjid=1307416604&_gid=1759118476.1664841859&_u=IEDAAEABAAAAAC~&z=1268096682 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.flirtytreff.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 00:04:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-132064855-2&cid=1843263709.1664841859&jid=743904618&gjid=1154311485&_gid=1759118476.1664841859&_u=IEBAAEAAAAAAAC~&z=1722430019
74.125.131.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-132064855-2&cid=1843263709.1664841859&jid=743904618&gjid=1154311485&_gid=1759118476.1664841859&_u=IEBAAEAAAAAAAC~&z=1722430019
IP 74.125.131.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-132064855-2&cid=1843263709.1664841859&jid=743904618&gjid=1154311485&_gid=1759118476.1664841859&_u=IEBAAEAAAAAAAC~&z=1722430019 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.flirtytreff.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 04 Oct 2022 00:04:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.samlesamtykke.com/consent/loadSegment
35.195.163.35200 OK 284 B URL HTTP/2 api.samlesamtykke.com/consent/loadSegment
IP 35.195.163.35:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with no line terminators
Hash 3b5b46131cac937efb3f56e11e0412a9
58ce0cff3be7080200e85206df18f1cd5d6c4841
4927caed672e4a6ab0dec07adfb90e5c15213e562a6873e0943699d82cca467e
POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: application/json
Content-Length: 224
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/vnd.api+json
content-length: 284
access-control-allow-origin: https://www.flirtytreff.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 18 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash b4468db126cbb2c8f8ebad6d7c6e6a72
203e5a2a587277ea40e32375157ebd9e073bc220
545385d583fffa400382677a259a99b2fd5e2ab0ba86e45daaa8a98fbe4b8298
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.samlesamtykke.com/consent/loadSegment
35.195.163.35200 OK 360 B URL HTTP/2 api.samlesamtykke.com/consent/loadSegment
IP 35.195.163.35:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (357), with no line terminators
Hash b81ec878e5adcd0863faef7e7e6fe44a
faed2737ec33732d35c72dd8032da0c3a925ea0d
d4e02dfa1bd03cd275a801d83acadb1c3fdaced7f6ff26abdf36addaeda5d714
POST /consent/loadSegment HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: application/json
Content-Length: 225
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/vnd.api+json
content-length: 360
access-control-allow-origin: https://www.flirtytreff.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-132064855-5&cid=1843263709.1664841859&jid=872128355&_u=IEDAAEABAAAAAC~&z=391273287
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-132064855-5&cid=1843263709.1664841859&jid=872128355&_u=IEDAAEABAAAAAC~&z=391273287
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-132064855-5&cid=1843263709.1664841859&jid=872128355&_u=IEDAAEABAAAAAC~&z=391273287 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 00:04:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e13df37c7a0102aa69d97512e4f3bad4
2c3019bef2f4bc34b3f3dc212b30d4fad04f8b37
cfbc8bfd83a8eb63bf5d189e398e1373222f1d1bde223fba70e3c7b560c708aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 00:04:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.samlesamtykke.com/consent/confirmExplicit
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/confirmExplicit
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.flirtytreff.com/
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.flirtytreff.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
api.samlesamtykke.com/consent/confirmExplicit
35.195.163.35200 OK 0 B URL HTTP/2 api.samlesamtykke.com/consent/confirmExplicit
IP 35.195.163.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /consent/confirmExplicit HTTP/1.1
Host: api.samlesamtykke.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Content-Type: application/json
Content-Length: 1560
Origin: https://www.flirtytreff.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.10.3 (Ubuntu)
date: Tue, 04 Oct 2022 00:04:19 GMT
content-type: application/vnd.api+json
content-length: 0
access-control-allow-origin: https://www.flirtytreff.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000;
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.flirtytreff.com/landers/css/landing001.css
34.111.66.227200 OK 0 B URL HTTP/2 www.flirtytreff.com/landers/css/landing001.css
IP 34.111.66.227:0
GET /landers/css/landing001.css HTTP/1.1
Host: www.flirtytreff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 23:37:59 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: flirtytreff.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 4507173 4370505
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2
www.flirtytreff.com/landers/css/fontawesome-all.min.css
34.111.66.227200 OK 0 B URL HTTP/2 www.flirtytreff.com/landers/css/fontawesome-all.min.css
IP 34.111.66.227:0
GET /landers/css/fontawesome-all.min.css HTTP/1.1
Host: www.flirtytreff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.flirtytreff.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 03 Oct 2022 19:15:14 GMT
server: nginx/1.14.2
content-type: text/css
last-modified: Wed, 28 Sep 2022 13:11:56 GMT
etag: W/"6334481c-c970"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 4301988 3136924
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2