urlscan.io logo urlscan.io
SecurityTrails logo

www.flirtseeker.com Open in urlscan Pro
34.102.188.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble
Effective URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Submission: On October 26 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 43 HTTP transactions. The main IP is 34.102.188.97, located in and belongs to . The main domain is www.flirtseeker.com.
TLS certificate: Issued by GTS CA 1D4 on September 24th 2023. Valid for: 3 months.
This is the only time www.flirtseeker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    46.150.16.225 (Kharkiv, Ukraine)

ASN47513 (SKYLINE-UA-AS ISP Skyline, UA)
sebypol.chickenkiller.com
1    142.251.163.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f95.1e100.net
ajax.googleapis.com
2    178.63.199.193 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.178-63-199-193.clients.your-server.de
gmyze.com
2    172.67.215.161 (None, )

ASN- ()
restachat.com
1    68.169.106.41 (None, )

ASN- ()
syndication.exoclick.com
1    18.204.186.203 (None, )

ASN- ()
atk.alphatraks.com
1    3.33.177.251 (None, )

ASN- ()
dorisastroid.com
16    34.102.188.97 (None, )

ASN- ()
www.flirtseeker.com
4    172.253.122.99 (None, )

ASN- ()
www.google.com
4    142.251.167.94 (None, )

ASN- ()
www.gstatic.com
2    35.195.163.35 (None, )

ASN- ()
toagreeornottoagree.com
2    172.253.115.94 (None, )

ASN- ()
fonts.gstatic.com
2    172.253.62.97 (None, )

ASN- ()
www.googletagmanager.com
1    172.253.122.101 (None, )

ASN- ()
www.google-analytics.com
Domain Requested by
16 www.flirtseeker.com www.flirtseeker.com
5 sebypol.chickenkiller.com sebypol.chickenkiller.com
ajax.googleapis.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com www.flirtseeker.com
www.gstatic.com
www.google.com
2 www.googletagmanager.com www.flirtseeker.com
www.googletagmanager.com
2 fonts.gstatic.com www.google.com
2 toagreeornottoagree.com www.flirtseeker.com
toagreeornottoagree.com
2 restachat.com 1 redirects sebypol.chickenkiller.com
2 gmyze.com sebypol.chickenkiller.com
1 www.google-analytics.com www.googletagmanager.com
1 dorisastroid.com 1 redirects
1 atk.alphatraks.com 1 redirects
1 syndication.exoclick.com restachat.com
1 ajax.googleapis.com sebypol.chickenkiller.com
0 api.toagreeornottoagree.com Failed toagreeornottoagree.com
43 15

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
restachat.com
E1		 2023-10-02 -
2023-12-31		 3 months crt.sh
exoclick.com
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh
flirtseeker.com
GTS CA 1D4		 2023-09-24 -
2023-12-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
api.toagreeornottoagree.com
R3		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Frame ID: D9896849E645AC3DF05F9C86D2005197
Requests: 35 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
Frame ID: B08821BB431384718AA9B08CF5779841
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble Page URL
  2. https://restachat.com/x/MQUA?prid=tc4351941170_190970820&usid=3790&email=nthauli@telus.net Page URL
  3. https://restachat.com/go/DmnNP2U6qJA HTTP 302
    https://syndication.exoclick.com/click.php?data=H4sIAAAAAAAAA0VRy27bQAz8FV98tEEu93nooUGQS1GkLdA2zcWg1ru2YFsyJ... Page URL
  4. https://atk.alphatraks.com/3201afb6-78fb-4f57-b4bc-a3f5942cf2b6?campid=5976806&varid=85109296&source=em... HTTP 302
    https://dorisastroid.com/?a=102632&c=121395&s2=w12ga3ealud1u1jsi34khd2u&s3=ex03&s1=ex03&s4=VL1-w12ga3... HTTP 302
    https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

79 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

13
IPs

3
Countries

1589 kB
Transfer

2994 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble Page URL
  2. https://restachat.com/x/MQUA?prid=tc4351941170_190970820&usid=3790&email=nthauli@telus.net Page URL
  3. https://restachat.com/go/DmnNP2U6qJA HTTP 302
    https://syndication.exoclick.com/click.php?data=H4sIAAAAAAAAA0VRy27bQAz8FV98tEEu93nooUGQS1GkLdA2zcWg1ru2YFsyJNlNCn58V_IjoIAdcsghhjLBWQ9WEGQ7DMd.Tp_n6ql8POyWvD9ueeh41y9jeyhFUoCcK7twPlcLnY1bVLqKC6ZsglYxq8rO6Sny4Viv5_Q4dw8j5nrTrErBPc6VPXN340bIQ91.kH176mK6sH0XV9u2Hxo.pCuLhUlvQAX_a5t00xnxXSIWxfvuIW3a7v3OpW_PXy_UhKZaxU2TutVt5iOdWC5VBGVJlSTv27_3xlsytQ28ua5sm3Pq.uKpX5XLxV3dbEqLCJIKgjZ40gTGSjpwvV9c_I7XFW2W3i8xwBKdEm8Qggq2lF15vRjwIhpFiQYZQ7CEpJXRMUSDnp01mimt0WWN7K3VMP4hG9hliCFYa4Iya7KGgDV7gliGQtFz6IIBwUr55KJJnjmGlDIGIkoIER0l48o.kGIq5zouK.5K5r0JMNpyzspsSPtTP2vSMJOpdwyLaEC7EYFzSpNIwQqkan60f15.9fzzAV5_v2F8N6fXl..frnNjuOtbzjHpiSi0IKTKNUXL2cnzF4FMNiVDniwyrVFHKEaTCcZYk6P.D6YRBlTiAgAA Page URL
  4. https://atk.alphatraks.com/3201afb6-78fb-4f57-b4bc-a3f5942cf2b6?campid=5976806&varid=85109296&source=email-source.com&s1=ex03&zoneid=4579298&catid=508&ePOM={ePOM}&banner_id={banner_id}&a=102632&flow_id={flow_id}&tag=opdTVHbbHNdLHNZO7XMDqarLp7rXW1TS3T3Vumrussrc6qW11Mzp3UyuldK6V1Mtk1l1Urq5pqpabHVy2WT00OldM6V0rpXSumdK6V0zt8qqdbtaprc7K6qc6N9prOKZs7a66ZaeKrK7s7OJdbrq66rp6tqK6qJc6c7aJdbc7LnTaT272a1b25563b78TXUUUbzS6zWUb1WOmonucYmfHHesemZHOdPK6V0rpXSuldK6V07pq7raKaJarHcW62b0T7WUS502TaT1WS53U73XW7003TuD7A-- HTTP 302
    https://dorisastroid.com/?a=102632&c=121395&s2=w12ga3ealud1u1jsi34khd2u&s3=ex03&s1=ex03&s4=VL1-w12ga3ealud1u1jsi34khd2u HTTP 302
    https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://restachat.com/go/DmnNP2U6qJA HTTP 302
  • https://syndication.exoclick.com/click.php?data=H4sIAAAAAAAAA0VRy27bQAz8FV98tEEu93nooUGQS1GkLdA2zcWg1ru2YFsyJNlNCn58V_IjoIAdcsghhjLBWQ9WEGQ7DMd.Tp_n6ql8POyWvD9ueeh41y9jeyhFUoCcK7twPlcLnY1bVLqKC6ZsglYxq8rO6Sny4Viv5_Q4dw8j5nrTrErBPc6VPXN340bIQ91.kH176mK6sH0XV9u2Hxo.pCuLhUlvQAX_a5t00xnxXSIWxfvuIW3a7v3OpW_PXy_UhKZaxU2TutVt5iOdWC5VBGVJlSTv27_3xlsytQ28ua5sm3Pq.uKpX5XLxV3dbEqLCJIKgjZ40gTGSjpwvV9c_I7XFW2W3i8xwBKdEm8Qggq2lF15vRjwIhpFiQYZQ7CEpJXRMUSDnp01mimt0WWN7K3VMP4hG9hliCFYa4Iya7KGgDV7gliGQtFz6IIBwUr55KJJnjmGlDIGIkoIER0l48o.kGIq5zouK.5K5r0JMNpyzspsSPtTP2vSMJOpdwyLaEC7EYFzSpNIwQqkan60f15.9fzzAV5_v2F8N6fXl..frnNjuOtbzjHpiSi0IKTKNUXL2cnzF4FMNiVDniwyrVFHKEaTCcZYk6P.D6YRBlTiAgAA

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
chasuble
sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble
Protocol
HTTP/1.1
Server
46.150.16.225 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash
0f4fdb1086c75e2e42c862299c237e4f984a2a3a26fd1c22b9ebcd4cf4004a4b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 17:57:53 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: sebypol.chickenkiller.com
URL: http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f95.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:39:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 15:39:10 GMT
788473234.4877589992.2223919115.525731942
sebypol.chickenkiller.com/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sebypol.chickenkiller.com/788473234.4877589992.2223919115.525731942
Requested by
Host: sebypol.chickenkiller.com
URL: http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble
Protocol
HTTP/1.1
Server
46.150.16.225 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:57:53 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
14742
Expires
0
chasuble&p=a
sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/ 		90 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble&p=a
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Server
46.150.16.225 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:57:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
lhWMD0=
sebypol.chickenkiller.com/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmgxMDU1N09vd/GE4Y/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://sebypol.chickenkiller.com/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmgxMDU1N09vd/GE4Y/lhWMD0=
Requested by
Host: sebypol.chickenkiller.com
URL: http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble
Protocol
HTTP/1.1
Server
46.150.16.225 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash
667fb3374e9c1c677dd86bfee7541d0c7bf588ad9a482ee5974cf91e55b76d65

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Thu, 26 Oct 2023 17:57:53 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
pl.php
gmyze.com/1.1/resources/ 		76 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gmyze.com/1.1/resources/pl.php?name=__ax&66983
Requested by
Host: sebypol.chickenkiller.com
URL: http://sebypol.chickenkiller.com/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmgxMDU1N09vd/GE4Y/lhWMD0=
Protocol
HTTP/1.1
Server
178.63.199.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178-63-199-193.clients.your-server.de
Software
nginx /
Resource Hash
ee7e5f2f811692d2111059c4220766c90e13460eda0e4b7818d70e4af2aaef57

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:57:33 GMT
Content-Encoding
none
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
P3P
CP="CAO PSA OUR"
Content-Type
application/javascript
Access-Control-Allow-Methods
GET
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
If-None-Match,Cookie,Content-Type,Accept,Origin,User-Agent,Cache-Control,Keep-Alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
chasuble&p=ax&trcd=snk4351941170_1698270293
sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/ 		2 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble&p=ax&trcd=snk4351941170_1698270293
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol
HTTP/1.1
Server
46.150.16.225 Kharkiv, Ukraine, ASN47513 (SKYLINE-UA-AS ISP Skyline, UA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
*/*
Referer
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Thu, 26 Oct 2023 17:57:55 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
pl.php
gmyze.com/1.1/resources/ 		149 B
818 B 		Script
General
Check archive.org
Download Go to
Full URL
http://gmyze.com/1.1/resources/pl.php?name=__ax&value=PjQgALZvszN4bOuImiVpj
Requested by
Host: sebypol.chickenkiller.com
URL: http://sebypol.chickenkiller.com/M1k4em1MSCs1dE1YOWk4ZFc5VUh5Vy8yS3NxNmgxMDU1N09vd/GE4Y/lhWMD0=
Protocol
HTTP/1.1
Server
178.63.199.193 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178-63-199-193.clients.your-server.de
Software
nginx /
Resource Hash
ad8cd6333dd29fcbbec43335dfc8c1a78961d57fcbd14dd56f8f8dd47d80dd5b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 Oct 2023 17:57:33 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Origin
P3P
CP="CAO PSA OUR"
Content-Type
application/javascript
Access-Control-Allow-Methods
GET
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
If-None-Match,Cookie,Content-Type,Accept,Origin,User-Agent,Cache-Control,Keep-Alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
MQUA
restachat.com/x/ 		482 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://restachat.com/x/MQUA?prid=tc4351941170_190970820&usid=3790&email=nthauli@telus.net
Requested by
Host: sebypol.chickenkiller.com
URL: http://sebypol.chickenkiller.com/dose/4351941170/tierce/cobishop/1698270293/ining/chasuble
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.215.161 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81c495248d735b35-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:57:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYDT2rE7rPyGOAuU7Ta6FJQi7AcN1DXc2VtilOFy9se1Lb3%2BOUVAyzigVKaFBzl5mJnzY%2FjYTQHxgfe7e9BePNn1XDIdD1ha2%2Fixwme1NYurlXOz3zE3EsxqRsdqTGYr"}],"group":"cf-nel","max_age":604800}
server
cloudflare
click.php
syndication.exoclick.com/
Redirect Chain
  • https://restachat.com/go/DmnNP2U6qJA
  • https://syndication.exoclick.com/click.php?data=H4sIAAAAAAAAA0VRy27bQAz8FV98tEEu93nooUGQS1GkLdA2zcWg1ru2YFsyJNlNCn58V_IjoIAdcsghhjLBWQ9WEGQ7DMd.Tp_n6ql8POyWvD9ueeh41y9jeyhFUoCcK7twPlcLnY1bVLqKC6Zsg...
631 B
883 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exoclick.com/click.php?data=H4sIAAAAAAAAA0VRy27bQAz8FV98tEEu93nooUGQS1GkLdA2zcWg1ru2YFsyJNlNCn58V_IjoIAdcsghhjLBWQ9WEGQ7DMd.Tp_n6ql8POyWvD9ueeh41y9jeyhFUoCcK7twPlcLnY1bVLqKC6ZsglYxq8rO6Sny4Viv5_Q4dw8j5nrTrErBPc6VPXN340bIQ91.kH176mK6sH0XV9u2Hxo.pCuLhUlvQAX_a5t00xnxXSIWxfvuIW3a7v3OpW_PXy_UhKZaxU2TutVt5iOdWC5VBGVJlSTv27_3xlsytQ28ua5sm3Pq.uKpX5XLxV3dbEqLCJIKgjZ40gTGSjpwvV9c_I7XFW2W3i8xwBKdEm8Qggq2lF15vRjwIhpFiQYZQ7CEpJXRMUSDnp01mimt0WWN7K3VMP4hG9hliCFYa4Iya7KGgDV7gliGQtFz6IIBwUr55KJJnjmGlDIGIkoIER0l48o.kGIq5zouK.5K5r0JMNpyzspsSPtTP2vSMJOpdwyLaEC7EYFzSpNIwQqkan60f15.9fzzAV5_v2F8N6fXl..frnNjuOtbzjHpiSi0IKTKNUXL2cnzF4FMNiVDniwyrVFHKEaTCcZYk6P.D6YRBlTiAgAA
Requested by
Host: restachat.com
URL: https://restachat.com/x/MQUA?prid=tc4351941170_190970820&usid=3790&email=nthauli@telus.net
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.169.106.41 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
053f5dab8b1db18ccef7ab753771a67e66f46c65089bc3ced9b385c325346857

Request headers

Referer
https://restachat.com/mblp/9AQA?usid=lp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 26 Oct 2023 17:57:37 GMT
Server
nginx
Transfer-Encoding
chunked
X-Robots-Tag
noindex, follow

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81c4952a6b9c5b35-IAD
content-type
text/html; charset=UTF-8
date
Thu, 26 Oct 2023 17:57:37 GMT
location
https://syndication.exoclick.com/click.php?data=H4sIAAAAAAAAA0VRy27bQAz8FV98tEEu93nooUGQS1GkLdA2zcWg1ru2YFsyJNlNCn58V_IjoIAdcsghhjLBWQ9WEGQ7DMd.Tp_n6ql8POyWvD9ueeh41y9jeyhFUoCcK7twPlcLnY1bVLqKC6ZsglYxq8rO6Sny4Viv5_Q4dw8j5nrTrErBPc6VPXN340bIQ91.kH176mK6sH0XV9u2Hxo.pCuLhUlvQAX_a5t00xnxXSIWxfvuIW3a7v3OpW_PXy_UhKZaxU2TutVt5iOdWC5VBGVJlSTv27_3xlsytQ28ua5sm3Pq.uKpX5XLxV3dbEqLCJIKgjZ40gTGSjpwvV9c_I7XFW2W3i8xwBKdEm8Qggq2lF15vRjwIhpFiQYZQ7CEpJXRMUSDnp01mimt0WWN7K3VMP4hG9hliCFYa4Iya7KGgDV7gliGQtFz6IIBwUr55KJJnjmGlDIGIkoIER0l48o.kGIq5zouK.5K5r0JMNpyzspsSPtTP2vSMJOpdwyLaEC7EYFzSpNIwQqkan60f15.9fzzAV5_v2F8N6fXl..frnNjuOtbzjHpiSi0IKTKNUXL2cnzF4FMNiVDniwyrVFHKEaTCcZYk6P.D6YRBlTiAgAA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DM3sYDKglJQJOh02FOp1brbv%2Fx0Rbv13hL4OC%2ByllD6npgd6iUVwwk8rs30IDkXzDrQET6SZD9JSBM05tE%2FCbbeMsfrshtPU2RLnItn7N89zd0tRLnxl3rbThU3SZKpC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request landing110
www.flirtseeker.com/
Redirect Chain
  • https://atk.alphatraks.com/3201afb6-78fb-4f57-b4bc-a3f5942cf2b6?campid=5976806&varid=85109296&source=email-source.com&s1=ex03&zoneid=4579298&catid=508&ePOM={ePOM}&banner_id={banner_id}&a=102632&flo...
  • https://dorisastroid.com/?a=102632&c=121395&s2=w12ga3ealud1u1jsi34khd2u&s3=ex03&s1=ex03&s4=VL1-w12ga3ealud1u1jsi34khd2u
  • https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
d03c890e2092cdf7fdff04095cb32d952f6e22a6a0acd654f685f7b528cde71e

Request headers

Referer
https://syndication.exoclick.com/click.php?data=H4sIAAAAAAAAA0VRy27bQAz8FV98tEEu93nooUGQS1GkLdA2zcWg1ru2YFsyJNlNCn58V_IjoIAdcsghhjLBWQ9WEGQ7DMd.Tp_n6ql8POyWvD9ueeh41y9jeyhFUoCcK7twPlcLnY1bVLqKC6ZsglYxq8rO6Sny4Viv5_Q4dw8j5nrTrErBPc6VPXN340bIQ91.kH176mK6sH0XV9u2Hxo.pCuLhUlvQAX_a5t00xnxXSIWxfvuIW3a7v3OpW_PXy_UhKZaxU2TutVt5iOdWC5VBGVJlSTv27_3xlsytQ28ua5sm3Pq.uKpX5XLxV3dbEqLCJIKgjZ40gTGSjpwvV9c_I7XFW2W3i8xwBKdEm8Qggq2lF15vRjwIhpFiQYZQ7CEpJXRMUSDnp01mimt0WWN7K3VMP4hG9hliCFYa4Iya7KGgDV7gliGQtFz6IIBwUr55KJJnjmGlDIGIkoIER0l48o.kGIq5zouK.5K5r0JMNpyzspsSPtTP2vSMJOpdwyLaEC7EYFzSpNIwQqkan60f15.9fzzAV5_v2F8N6fXl..frnNjuOtbzjHpiSi0IKTKNUXL2cnzF4FMNiVDniwyrVFHKEaTCcZYk6P.D6YRBlTiAgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=300
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 26 Oct 2023 17:57:38 GMT
server
nginx/1.14.2
vary
Accept-Encoding
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cache
MISS
x-cacheable
YES
x-host
flirtseeker.com
x-powered-by
PHP/7.2.34
x-varnish
5994560
xkey
lander

Redirect headers

content-length
0
date
Thu, 26 Oct 2023 17:57:37 GMT
location
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
server
nginx/1.18.0
landing110.css
www.flirtseeker.com/landers/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/css/landing110.css
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
8d362cacd63d2426462cd69813a94ad3fa6e0f54fd483fa553fa3425fb1e8aca

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
MISS
x-host
flirtseeker.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-varnish
5696280
cache-control
max-age=300
accept-ranges
bytes
pornhub.css
www.flirtseeker.com/landers/css/theme/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/css/theme/pornhub.css
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 / PHP/7.2.34
Resource Hash
f209c7e3937b4764ad0dcbdf083b9acee3827edb04dca1468784727f3dcf56b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:49:13 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-powered-by
PHP/7.2.34
x-cache
HIT
x-host
flirtseeker.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx/1.14.2
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-varnish
5795337 5694468
cache-control
max-age=300
accept-ranges
bytes
fontawesome-all.min.css
www.flirtseeker.com/landers/css/ 		50 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/css/fontawesome-all.min.css
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:49:13 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 24 Oct 2023 09:43:38 GMT
server
nginx/1.14.2
etag
W/"653791ca-c970"
vary
Accept-Encoding
content-type
text/css
x-varnish
7341591 7308526
cache-control
max-age=300
accept-ranges
bytes
ad-provider.js
www.flirtseeker.com/landers/js/ 		1019 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/js/ad-provider.js
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
38b34bce7e5ad8268f51a16a6633c17923130b2fac9eeb6ceaca6beb50990681

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:56:57 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
HIT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
512
last-modified
Tue, 24 Oct 2023 09:43:50 GMT
server
nginx/1.14.2
etag
"653791d6-3fb-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
5994562 6248927
cache-control
max-age=300
accept-ranges
bytes
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.99 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
1fa03430681c6fc58d7661140cb15e13a48eadcf4e571454e402a28c05c7cdb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 17:57:38 GMT
enterprise.js
www.google.com/recaptcha/ 		1 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.99 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
d18dda94c05fce5f428edbe87998f18810fa72ed1ef326e595e7c0d2b9b55351
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 17:57:38 GMT
logo.png
www.flirtseeker.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flirtseeker.com/img/logo.png
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
Apache/2.4.57 (Ubuntu) /
Resource Hash
c50db0b4dd097c2717e2c836d3e4fddb479b89793c04a588d1877dbf22266208

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
via
1.1 google
last-modified
Wed, 25 Oct 2023 12:30:20 GMT
server
Apache/2.4.57 (Ubuntu)
etag
"108d-608899e5e07c9"
vary
X-Forwarded-Proto
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4237
x-ua-compatible
IE=edge,chrome=1
google-logo.svg
www.flirtseeker.com/landers/images/general/ 		688 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flirtseeker.com/landers/images/general/google-logo.svg
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:49:13 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Tue, 24 Oct 2023 09:43:38 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"653791ca-2b0"
x-cache
HIT
content-type
image/svg+xml
x-varnish
6551206 6679197
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
688
loading.gif
www.flirtseeker.com/landers/images/loader/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flirtseeker.com/landers/images/loader/loading.gif
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Tue, 24 Oct 2023 09:43:39 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"653791cb-b4c"
x-cache
MISS
content-type
image/gif
x-varnish
6654369
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2892
vegas.min.css
www.flirtseeker.com/landers/css/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/css/vegas.min.css
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 24 Oct 2023 09:43:38 GMT
server
nginx/1.14.2
etag
W/"653791ca-2e20"
vary
Accept-Encoding
content-type
text/css
x-varnish
6654365
cache-control
max-age=300
accept-ranges
bytes
vendor.js
www.flirtseeker.com/landers/js/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/js/vendor.js
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
48048f47ff85cb91cb0779df1ed2f59a64041bc0f6b40bcd1e56184909c7a0a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 24 Oct 2023 09:43:50 GMT
server
nginx/1.14.2
etag
W/"653791d6-1e2ae"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
6463786
cache-control
max-age=300
accept-ranges
bytes
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ 		462 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flirtseeker.com/
Origin
https://www.flirtseeker.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188860
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 17:31:39 GMT
cc.js
toagreeornottoagree.com/ 		118 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toagreeornottoagree.com/cc.js?wId=52xNaUjSM9YnQdBmjYaVkN&domain=flirtseeker.com&languageCode=en&languageTerritory=CA&sessionId=70a329201203451f9f9c50034e554e40
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 -, , ASN (),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c8834454f602cc41d9c518a318a24bc874d4adddaee4c15e191e5f81a2d093fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
content-length
14216
landing110.js
www.flirtseeker.com/landers/js/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/js/landing110.js
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7324b1c147116af63cb43cbbbf63d8f0537e63f53c5903147affb10e9cc6ca6e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:38 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
x-cacheable
YES
xkey
lander
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Tue, 24 Oct 2023 09:43:50 GMT
server
nginx/1.14.2
etag
W/"653791d6-12ce3"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
5696283
cache-control
max-age=300
accept-ranges
bytes
media-registry.js
www.flirtseeker.com/landers/ 		117 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/media-registry.js
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
d1c61bde82e9224b31e3c743e0a5e650249284c034817554ffaec5447c6c93b2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:06:36 GMT
content-encoding
gzip
via
1.1 google
age
3062
x-guploader-uploadid
ABPtcPr7ERITeAvTv3JtPjMVdZyY6n-Z5uNRfTl04QsswmFXQ-1WB7JJGLglSrp4EDTf9xJsT6ZdmaNoJRZd1Pc6LplfFVVxO7vi
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8410
last-modified
Tue, 24 Oct 2023 09:46:29 GMT
server
UploadServer
etag
"6d3bdfb680ae2bb8857aef82b463379e-gzip"
vary
Accept-Encoding
x-goog-generation
1698140789254620
x-goog-hash
crc32c=ENJ43A==, md5=bTvftoCuK7iFeu+CtGM3ng==
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
120229
accept-ranges
bytes
expires
Thu, 26 Oct 2023 18:06:36 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame B088 		58 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.99 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
42c56cdce8e14cebf262d91b8b8b12f0a4bf6f6a57e4dfa96832b4da63c22026
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_FxDhX-QdumYbfQ7MpgjKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.flirtseeker.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_FxDhX-QdumYbfQ7MpgjKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 26 Oct 2023 17:57:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
en-ca2.json
www.flirtseeker.com/landers/translations/ 		211 KB
211 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.flirtseeker.com/landers/translations/en-ca2.json
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landers/js/vendor.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
2e8fcf65a8bf0ce14f41929cef3badf74ca6062c8776c2df768fbfc2e03641ba

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 16:58:38 GMT
via
1.1 google
age
3541
x-guploader-uploadid
ABPtcPrPQ7yFrWet9FIdJirbdi2s8kiH0-OK7FUOM4l1Hhj7S9wkSY8k5ugG0jTvM7I12aiUNuaTr7F-XEYWOEBw6RbWug
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215709
last-modified
Tue, 15 Aug 2023 13:45:13 GMT
server
UploadServer
etag
"a5f7c65981db4d506a2d66ccea5057b4"
x-goog-generation
1692107113792461
x-goog-hash
crc32c=sbSzFw==, md5=pffGWYHbTVBqLWbM6lBXtA==
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=3600
x-goog-stored-content-length
215709
accept-ranges
bytes
expires
Thu, 26 Oct 2023 17:58:38 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame B088 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 20:06:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 20:06:36 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/ Frame B088 		462 KB
184 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188860
x-xss-protection
0
last-modified
Mon, 16 Oct 2023 04:01:46 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Oct 2024 17:31:39 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B088 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vm_YDiq1BiI3a8zfbIPZjtF2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 18:21:24 GMT
x-content-type-options
nosniff
age
603375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 26 Oct 2023 18:21:24 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B088 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 13:56:32 GMT
x-content-type-options
nosniff
age
532867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 13:56:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B088 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 14:02:50 GMT
x-content-type-options
nosniff
age
532489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 14:02:50 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame B088 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.99 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cuZmxpcnRzZWVrZXIuY29tOjQ0Mw..&hl=en&v=vm_YDiq1BiI3a8zfbIPZjtF2&size=invisible&cb=e8k9ltscrzff
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 26 Oct 2023 17:57:39 GMT
gtm.js
www.googletagmanager.com/ 		179 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landers/js/landing110.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
301b25978534c4502d4a093854e97ba93aa2062e9f884642b80ae61557796267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65576
x-xss-protection
0
last-modified
Thu, 26 Oct 2023 17:13:31 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 26 Oct 2023 17:57:39 GMT
01.webp
www.flirtseeker.com/landers/images/landing110/default/default/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flirtseeker.com/landers/images/landing110/default/default/01.webp
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
c0eb54455f396152f1e95b4ec1628c58cdefea416ff612797834cfed7c4505f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Tue, 24 Oct 2023 09:43:39 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"653791cb-1428c"
x-cache
MISS
content-type
image/webp
x-varnish
6345474
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82572
02.webp
www.flirtseeker.com/landers/images/landing110/default/default/ 		194 KB
195 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flirtseeker.com/landers/images/landing110/default/default/02.webp
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Tue, 24 Oct 2023 09:43:39 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"653791cb-309d8"
x-cache
MISS
content-type
image/webp
x-varnish
7280416
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199128
bg3.jpg
www.flirtseeker.com/landers/images/landing110/default/default/ 		281 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flirtseeker.com/landers/images/landing110/default/default/bg3.jpg?geo=ca
Requested by
Host: www.flirtseeker.com
URL: https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.188.97 -, , ASN (),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/landing110?pi=102632&pt1=pt4901c8ac639047fdb0f2bf5c6f29058b&pe=ex03
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
via
1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
last-modified
Tue, 24 Oct 2023 09:43:39 GMT
server
nginx/1.14.2
xkey
lander
x-cacheable
YES
age
0
etag
"653791cb-464c7"
x-cache
MISS
content-type
image/jpeg
x-varnish
5597345
cache-control
max-age=300
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
287943
js
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.97 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9e33fd3df8a1cb8e77eec34973732fca941b29b2e55c10b83b03cc3af6c2e479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85916
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 26 Oct 2023 17:57:39 GMT
collect
www.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-QXFHHE16V3&gtm=45je3an0v9106874940z89103010110&_p=1725153287&gcd=11l1l1l1l1&cid=2020443502.1698343060&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1698343059&sct=1&seg=0&dl=https%3A%2F%2Fwww.flirtseeker.com%2Flanding110%3Fpi%3D102632%26pt1%3Dpt4901c8ac639047fdb0f2bf5c6f29058b%26pe%3Dex03&dr=https%3A%2F%2Fsyndication.exoclick.com%2F&dt=Flirtseeker.com&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.101 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 26 Oct 2023 17:57:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flirtseeker.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collector
api.toagreeornottoagree.com/consent/ Frame 		0
0
cc.css
toagreeornottoagree.com/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://toagreeornottoagree.com/cc.css
Requested by
Host: toagreeornottoagree.com
URL: https://toagreeornottoagree.com/cc.js?wId=52xNaUjSM9YnQdBmjYaVkN&domain=flirtseeker.com&languageCode=en&languageTerritory=CA&sessionId=70a329201203451f9f9c50034e554e40
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.195.163.35 -, , ASN (),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.flirtseeker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 17:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000;
last-modified
Thu, 15 Oct 2020 08:07:25 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"6073-5b1b123761e40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3892
collector
api.toagreeornottoagree.com/consent/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.toagreeornottoagree.com
URL
https://api.toagreeornottoagree.com/consent/collector
Domain
api.toagreeornottoagree.com
URL
https://api.toagreeornottoagree.com/consent/collector

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| _axq function| trackerCallback object| _axa object| ex_swfobject function| forGreatJustice function| hashCode function| flashBridge function| flashSWFLoad function| silverlightPluginLoaded object| ex_messages_logger object| ex_storage_cookie object| ex_storage_cookie3d_etag object| ex_storage_lso object| ex_storage_localStorage object| ex_storage_sessionStorage object| ex_storage_DBStorage object| ex_storage_indexedDBStorage object| ex_storage_silverlightStorage object| ex_device_id_detector undefined| _fingerprint object| ex_engine_browser object| ex_engine_display object| ex_engine_plugins object| ex_engine_os object| ex_engine_fonts object| ex_engine_timezone object| ex_engine_canvas object| ex_fingerprint_detector object| ex_device_info_detector function| __onload_handler function| ax_addEventHandler function| ax_keyupHandler object| __browserDetails object| ex_device_id_detector_params string| t boolean| isFirst object| plugin object| canvas object| canvasContext

1 Cookies

Domain/Path Name / Value
.sebypol.chickenkiller.com/ Name: __ax
Value: PjQgALZvszN4bOuImiVpj

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.toagreeornottoagree.com
atk.alphatraks.com
dorisastroid.com
fonts.gstatic.com
gmyze.com
restachat.com
sebypol.chickenkiller.com
syndication.exoclick.com
toagreeornottoagree.com
www.flirtseeker.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
api.toagreeornottoagree.com
142.251.163.95
142.251.167.94
172.253.115.94
172.253.122.101
172.253.122.99
172.253.62.97
172.67.215.161
178.63.199.193
18.204.186.203
3.33.177.251
34.102.188.97
35.195.163.35
46.150.16.225
68.169.106.41
053f5dab8b1db18ccef7ab753771a67e66f46c65089bc3ced9b385c325346857
06f91f1bc360e7c486515b416a564445652e40585f94f2d089239b981d6421f6
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
0f4fdb1086c75e2e42c862299c237e4f984a2a3a26fd1c22b9ebcd4cf4004a4b
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fa03430681c6fc58d7661140cb15e13a48eadcf4e571454e402a28c05c7cdb9
253627a82794506a7d660ee232c06a88d2eaafb6174532f8c390bb69ade6636a
2e8fcf65a8bf0ce14f41929cef3badf74ca6062c8776c2df768fbfc2e03641ba
301b25978534c4502d4a093854e97ba93aa2062e9f884642b80ae61557796267
38b34bce7e5ad8268f51a16a6633c17923130b2fac9eeb6ceaca6beb50990681
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42c56cdce8e14cebf262d91b8b8b12f0a4bf6f6a57e4dfa96832b4da63c22026
48048f47ff85cb91cb0779df1ed2f59a64041bc0f6b40bcd1e56184909c7a0a0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
667fb3374e9c1c677dd86bfee7541d0c7bf588ad9a482ee5974cf91e55b76d65
7324b1c147116af63cb43cbbbf63d8f0537e63f53c5903147affb10e9cc6ca6e
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8d362cacd63d2426462cd69813a94ad3fa6e0f54fd483fa553fa3425fb1e8aca
8effef18a817c22d929eb3955cd32d2ffb4859b8d7035c8e2f4ade2bb41e77f6
9e33fd3df8a1cb8e77eec34973732fca941b29b2e55c10b83b03cc3af6c2e479
a8d530eff57d706b6469ac6bdc3ce13cbfaecc832792ad7a102b19e156632fe1
ad8cd6333dd29fcbbec43335dfc8c1a78961d57fcbd14dd56f8f8dd47d80dd5b
bd7e05751a03c3c81bf4f38808d12af294f672494f6b9d7641aaf0dfbb5fb012
c0eb54455f396152f1e95b4ec1628c58cdefea416ff612797834cfed7c4505f2
c50db0b4dd097c2717e2c836d3e4fddb479b89793c04a588d1877dbf22266208
c8834454f602cc41d9c518a318a24bc874d4adddaee4c15e191e5f81a2d093fc
d03c890e2092cdf7fdff04095cb32d952f6e22a6a0acd654f685f7b528cde71e
d18dda94c05fce5f428edbe87998f18810fa72ed1ef326e595e7c0d2b9b55351
d1c61bde82e9224b31e3c743e0a5e650249284c034817554ffaec5447c6c93b2
ee7e5f2f811692d2111059c4220766c90e13460eda0e4b7818d70e4af2aaef57
f209c7e3937b4764ad0dcbdf083b9acee3827edb04dca1468784727f3dcf56b0